feat: add class-transformer dependency for better data transformation

refactor(prisma): update User model to include banned status and ban details

refactor(prisma): modify Account model to include new authentication fields

refactor(prisma): enhance Session model with impersonation tracking

refactor(prisma): adjust Verification model to include value field

feat(auth): integrate admin plugin and enhance email verification process

refactor(category): enforce ownership checks in category service methods

refactor(item): update item service to validate category ownership

feat(item): add ability to fetch items by category

refactor(restaurant): implement ownership checks and admin routes in restaurant controller

fix(user): restrict user access to admin routes

feat(exception): implement global exception filter for consistent error handling
This commit is contained in:
2025-11-09 21:47:18 +03:00
parent f0948a5b05
commit 04b7c41abf
21 changed files with 678 additions and 173 deletions
@@ -0,0 +1,39 @@
/*
Warnings:
- You are about to drop the column `accessToken` on the `Account` table. All the data in the column will be lost.
- You are about to drop the column `accountId` on the `Account` table. All the data in the column will be lost.
- You are about to drop the column `expiresAt` on the `Account` table. All the data in the column will be lost.
- You are about to drop the column `password` on the `Account` table. All the data in the column will be lost.
- You are about to drop the column `providerId` on the `Account` table. All the data in the column will be lost.
- You are about to drop the column `refreshToken` on the `Account` table. All the data in the column will be lost.
- A unique constraint covering the columns `[token]` on the table `Verification` will be added. If there are existing duplicate values, this will fail.
- Added the required column `providerAccountId` to the `Account` table without a default value. This is not possible if the table is not empty.
- Added the required column `type` to the `Account` table without a default value. This is not possible if the table is not empty.
- Made the column `provider` on table `Account` required. This step will fail if there are existing NULL values in that column.
- Added the required column `value` to the `Verification` table without a default value. This is not possible if the table is not empty.
*/
-- AlterTable
ALTER TABLE "Account" DROP COLUMN "accessToken",
DROP COLUMN "accountId",
DROP COLUMN "expiresAt",
DROP COLUMN "password",
DROP COLUMN "providerId",
DROP COLUMN "refreshToken",
ADD COLUMN "access_token" TEXT,
ADD COLUMN "expires_at" INTEGER,
ADD COLUMN "id_token" TEXT,
ADD COLUMN "providerAccountId" TEXT NOT NULL,
ADD COLUMN "refresh_token" TEXT,
ADD COLUMN "scope" TEXT,
ADD COLUMN "session_state" TEXT,
ADD COLUMN "token_type" TEXT,
ADD COLUMN "type" TEXT NOT NULL,
ALTER COLUMN "provider" SET NOT NULL;
-- AlterTable
ALTER TABLE "Verification" ADD COLUMN "value" TEXT NOT NULL;
-- CreateIndex
CREATE UNIQUE INDEX "Verification_token_key" ON "Verification"("token");
@@ -0,0 +1,116 @@
/*
Warnings:
- You are about to drop the `Account` table. If the table is not empty, all the data it contains will be lost.
- You are about to drop the `Session` table. If the table is not empty, all the data it contains will be lost.
- You are about to drop the `User` table. If the table is not empty, all the data it contains will be lost.
- You are about to drop the `Verification` table. If the table is not empty, all the data it contains will be lost.
*/
-- DropForeignKey
ALTER TABLE "Account" DROP CONSTRAINT "Account_userId_fkey";
-- DropForeignKey
ALTER TABLE "Restaurant" DROP CONSTRAINT "Restaurant_ownerId_fkey";
-- DropForeignKey
ALTER TABLE "Session" DROP CONSTRAINT "Session_userId_fkey";
-- DropTable
DROP TABLE "Account";
-- DropTable
DROP TABLE "Session";
-- DropTable
DROP TABLE "User";
-- DropTable
DROP TABLE "Verification";
-- CreateTable
CREATE TABLE "user" (
"id" TEXT NOT NULL,
"name" TEXT,
"email" TEXT,
"emailVerified" BOOLEAN NOT NULL DEFAULT false,
"image" TEXT,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
"role" TEXT NOT NULL DEFAULT 'user',
CONSTRAINT "user_pkey" PRIMARY KEY ("id")
);
-- CreateTable
CREATE TABLE "account" (
"id" TEXT NOT NULL,
"userId" TEXT NOT NULL,
"type" TEXT NOT NULL,
"provider" TEXT NOT NULL,
"providerAccountId" TEXT NOT NULL,
"refresh_token" TEXT,
"access_token" TEXT,
"expires_at" INTEGER,
"token_type" TEXT,
"scope" TEXT,
"id_token" TEXT,
"session_state" TEXT,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
"accountId" TEXT NOT NULL,
"providerId" TEXT NOT NULL,
"accessToken" TEXT,
"refreshToken" TEXT,
"idToken" TEXT,
"accessTokenExpiresAt" TIMESTAMP(3),
"refreshTokenExpiresAt" TIMESTAMP(3),
"password" TEXT,
CONSTRAINT "account_pkey" PRIMARY KEY ("id")
);
-- CreateTable
CREATE TABLE "session" (
"id" TEXT NOT NULL,
"userId" TEXT NOT NULL,
"expiresAt" TIMESTAMP(3) NOT NULL,
"token" TEXT,
"ipAddress" TEXT,
"userAgent" TEXT,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
CONSTRAINT "session_pkey" PRIMARY KEY ("id")
);
-- CreateTable
CREATE TABLE "verification" (
"id" TEXT NOT NULL,
"identifier" TEXT NOT NULL,
"token" TEXT NOT NULL,
"value" TEXT NOT NULL,
"expiresAt" TIMESTAMP(3) NOT NULL,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
CONSTRAINT "verification_pkey" PRIMARY KEY ("id")
);
-- CreateIndex
CREATE UNIQUE INDEX "user_email_key" ON "user"("email");
-- CreateIndex
CREATE UNIQUE INDEX "session_token_key" ON "session"("token");
-- CreateIndex
CREATE UNIQUE INDEX "verification_token_key" ON "verification"("token");
-- AddForeignKey
ALTER TABLE "account" ADD CONSTRAINT "account_userId_fkey" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
-- AddForeignKey
ALTER TABLE "session" ADD CONSTRAINT "session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
-- AddForeignKey
ALTER TABLE "Restaurant" ADD CONSTRAINT "Restaurant_ownerId_fkey" FOREIGN KEY ("ownerId") REFERENCES "user"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
@@ -0,0 +1,101 @@
/*
Warnings:
- You are about to drop the `account` table. If the table is not empty, all the data it contains will be lost.
- You are about to drop the `session` table. If the table is not empty, all the data it contains will be lost.
- You are about to drop the `user` table. If the table is not empty, all the data it contains will be lost.
- You are about to drop the `verification` table. If the table is not empty, all the data it contains will be lost.
*/
-- DropForeignKey
ALTER TABLE "Restaurant" DROP CONSTRAINT "Restaurant_ownerId_fkey";
-- DropForeignKey
ALTER TABLE "account" DROP CONSTRAINT "account_userId_fkey";
-- DropForeignKey
ALTER TABLE "session" DROP CONSTRAINT "session_userId_fkey";
-- DropTable
DROP TABLE "account";
-- DropTable
DROP TABLE "session";
-- DropTable
DROP TABLE "user";
-- DropTable
DROP TABLE "verification";
-- CreateTable
CREATE TABLE "User" (
"id" TEXT NOT NULL,
"name" TEXT,
"email" TEXT,
"emailVerified" BOOLEAN NOT NULL DEFAULT false,
"image" TEXT,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
"role" TEXT NOT NULL DEFAULT 'user',
CONSTRAINT "User_pkey" PRIMARY KEY ("id")
);
-- CreateTable
CREATE TABLE "Account" (
"id" TEXT NOT NULL,
"userId" TEXT NOT NULL,
"providerId" TEXT NOT NULL,
"provider" TEXT,
"accountId" TEXT NOT NULL,
"password" TEXT,
"accessToken" TEXT,
"refreshToken" TEXT,
"expiresAt" TIMESTAMP(3),
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
CONSTRAINT "Account_pkey" PRIMARY KEY ("id")
);
-- CreateTable
CREATE TABLE "Session" (
"id" TEXT NOT NULL,
"userId" TEXT NOT NULL,
"expiresAt" TIMESTAMP(3) NOT NULL,
"token" TEXT,
"ipAddress" TEXT,
"userAgent" TEXT,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
CONSTRAINT "Session_pkey" PRIMARY KEY ("id")
);
-- CreateTable
CREATE TABLE "Verification" (
"id" TEXT NOT NULL,
"identifier" TEXT NOT NULL,
"token" TEXT,
"expiresAt" TIMESTAMP(3) NOT NULL,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
CONSTRAINT "Verification_pkey" PRIMARY KEY ("id")
);
-- CreateIndex
CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
-- CreateIndex
CREATE UNIQUE INDEX "Session_token_key" ON "Session"("token");
-- AddForeignKey
ALTER TABLE "Account" ADD CONSTRAINT "Account_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
-- AddForeignKey
ALTER TABLE "Session" ADD CONSTRAINT "Session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
-- AddForeignKey
ALTER TABLE "Restaurant" ADD CONSTRAINT "Restaurant_ownerId_fkey" FOREIGN KEY ("ownerId") REFERENCES "User"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
@@ -0,0 +1,106 @@
/*
Warnings:
- You are about to drop the `Account` table. If the table is not empty, all the data it contains will be lost.
- You are about to drop the `Session` table. If the table is not empty, all the data it contains will be lost.
- You are about to drop the `User` table. If the table is not empty, all the data it contains will be lost.
- You are about to drop the `Verification` table. If the table is not empty, all the data it contains will be lost.
*/
-- DropForeignKey
ALTER TABLE "Account" DROP CONSTRAINT "Account_userId_fkey";
-- DropForeignKey
ALTER TABLE "Restaurant" DROP CONSTRAINT "Restaurant_ownerId_fkey";
-- DropForeignKey
ALTER TABLE "Session" DROP CONSTRAINT "Session_userId_fkey";
-- DropTable
DROP TABLE "Account";
-- DropTable
DROP TABLE "Session";
-- DropTable
DROP TABLE "User";
-- DropTable
DROP TABLE "Verification";
-- CreateTable
CREATE TABLE "user" (
"id" TEXT NOT NULL,
"name" TEXT,
"email" TEXT,
"emailVerified" BOOLEAN NOT NULL DEFAULT false,
"image" TEXT,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
"role" TEXT NOT NULL DEFAULT 'user',
CONSTRAINT "user_pkey" PRIMARY KEY ("id")
);
-- CreateTable
CREATE TABLE "account" (
"id" TEXT NOT NULL,
"userId" TEXT NOT NULL,
"providerId" TEXT NOT NULL,
"provider" TEXT,
"accountId" TEXT NOT NULL,
"password" TEXT,
"accessToken" TEXT,
"refreshToken" TEXT,
"expiresAt" TIMESTAMP(3),
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
"idToken" TEXT,
"accessTokenExpiresAt" TIMESTAMP(3),
"refreshTokenExpiresAt" TIMESTAMP(3),
"scope" TEXT,
CONSTRAINT "account_pkey" PRIMARY KEY ("id")
);
-- CreateTable
CREATE TABLE "session" (
"id" TEXT NOT NULL,
"userId" TEXT NOT NULL,
"expiresAt" TIMESTAMP(3) NOT NULL,
"token" TEXT,
"ipAddress" TEXT,
"userAgent" TEXT,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
CONSTRAINT "session_pkey" PRIMARY KEY ("id")
);
-- CreateTable
CREATE TABLE "verification" (
"id" TEXT NOT NULL,
"identifier" TEXT NOT NULL,
"token" TEXT,
"expiresAt" TIMESTAMP(3) NOT NULL,
"createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
"updatedAt" TIMESTAMP(3) NOT NULL,
"value" TEXT NOT NULL,
CONSTRAINT "verification_pkey" PRIMARY KEY ("id")
);
-- CreateIndex
CREATE UNIQUE INDEX "user_email_key" ON "user"("email");
-- CreateIndex
CREATE UNIQUE INDEX "session_token_key" ON "session"("token");
-- AddForeignKey
ALTER TABLE "account" ADD CONSTRAINT "account_userId_fkey" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
-- AddForeignKey
ALTER TABLE "session" ADD CONSTRAINT "session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "user"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
-- AddForeignKey
ALTER TABLE "Restaurant" ADD CONSTRAINT "Restaurant_ownerId_fkey" FOREIGN KEY ("ownerId") REFERENCES "user"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
@@ -0,0 +1,8 @@
-- AlterTable
ALTER TABLE "session" ADD COLUMN "impersonatedBy" TEXT;
-- AlterTable
ALTER TABLE "user" ADD COLUMN "banExpires" TIMESTAMP(3),
ADD COLUMN "banReason" TEXT,
ADD COLUMN "banned" BOOLEAN DEFAULT false,
ALTER COLUMN "role" DROP NOT NULL;
+82 -66
View File
@@ -1,3 +1,4 @@
generator client {
provider = "prisma-client-js"
}
@@ -7,99 +8,114 @@ datasource db {
url = "postgresql://postgres:root@localhost:5432/zemenu?schema=public"
}
model User {
id String @id @default(cuid())
id String @id @default(cuid())
name String?
email String? @unique
emailVerified Boolean @default(false)
email String? @unique
emailVerified Boolean @default(false)
image String?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
role String @default("user")
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
// Relations
restaurants Restaurant[]
accounts Account[]
sessions Session[]
restaurants Restaurant[]
accounts Account[]
sessions Session[]
role String? @default("user")
banned Boolean? @default(false)
banReason String?
banExpires DateTime?
@@map("user")
}
model Account {
id String @id @default(cuid())
userId String
user User @relation(fields: [userId], references: [id])
providerId String
provider String?
accountId String
password String?
accessToken String?
refreshToken String?
expiresAt DateTime?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
}
id String @id @default(cuid())
userId String
user User @relation(fields: [userId], references: [id])
providerId String
provider String?
accountId String
password String?
accessToken String?
refreshToken String?
expiresAt DateTime?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
idToken String?
accessTokenExpiresAt DateTime?
refreshTokenExpiresAt DateTime?
scope String?
@@map("account")
}
model Session {
id String @id @default(cuid())
userId String
user User @relation(fields: [userId], references: [id])
expiresAt DateTime
token String? @unique
ipAddress String?
userAgent String?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
}
id String @id @default(cuid())
userId String
user User @relation(fields: [userId], references: [id])
expiresAt DateTime
token String? @unique
ipAddress String?
userAgent String?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
impersonatedBy String?
@@map("session")
}
model Verification {
id String @id @default(cuid())
identifier String
token String
token String?
expiresAt DateTime
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
value String
@@map("verification")
}
model Restaurant {
id String @id @default(uuid())
name String
slug String @unique // used as /domain.com/slug
description String?
logo String? // image URL
ownerId String
owner User @relation(fields: [ownerId], references: [id])
id String @id @default(uuid())
name String
slug String @unique // used as /domain.com/slug
description String?
logo String? // image URL
ownerId String
owner User @relation(fields: [ownerId], references: [id])
template String?
template String?
categories Category[]
items MenuItem[]
createdAt DateTime @default(now())
categories Category[]
items MenuItem[]
createdAt DateTime @default(now())
}
model Category {
id String @id @default(uuid())
name String
restaurantId String
restaurant Restaurant @relation(fields: [restaurantId], references: [id])
items MenuItem[]
}
model MenuItem {
id String @id @default(uuid())
name String
description String?
price Float
image String?
categoryId String?
category Category? @relation(fields: [categoryId], references: [id])
id String @id @default(uuid())
name String
restaurantId String
restaurant Restaurant @relation(fields: [restaurantId], references: [id])
createdAt DateTime @default(now())
}
items MenuItem[]
}
model MenuItem {
id String @id @default(uuid())
name String
description String?
price Float
image String?
categoryId String?
category Category? @relation(fields: [categoryId], references: [id])
restaurantId String
restaurant Restaurant @relation(fields: [restaurantId], references: [id])
createdAt DateTime @default(now())
}