04b7c41abf
refactor(prisma): update User model to include banned status and ban details refactor(prisma): modify Account model to include new authentication fields refactor(prisma): enhance Session model with impersonation tracking refactor(prisma): adjust Verification model to include value field feat(auth): integrate admin plugin and enhance email verification process refactor(category): enforce ownership checks in category service methods refactor(item): update item service to validate category ownership feat(item): add ability to fetch items by category refactor(restaurant): implement ownership checks and admin routes in restaurant controller fix(user): restrict user access to admin routes feat(exception): implement global exception filter for consistent error handling
79 lines
1.9 KiB
TypeScript
79 lines
1.9 KiB
TypeScript
import {
|
|
Body,
|
|
Controller,
|
|
Delete,
|
|
Get,
|
|
Param,
|
|
Post,
|
|
Put,
|
|
UseGuards,
|
|
Session,
|
|
} from '@nestjs/common';
|
|
import {
|
|
AllowAnonymous,
|
|
AuthGuard,
|
|
Roles,
|
|
Session as UserSession,
|
|
} from '@thallesp/nestjs-better-auth';
|
|
|
|
import type { UserSession as SessionType } from '@thallesp/nestjs-better-auth';
|
|
import { CreateRestaurantDto } from './dto/create-restaurant.dto';
|
|
import { UpdateRestaurantDto } from './dto/update-restaurant.dto';
|
|
import { RestaurantService } from './restaurant.service';
|
|
|
|
@Controller('restaurants')
|
|
@UseGuards(AuthGuard)
|
|
export class RestaurantController {
|
|
constructor(private readonly service: RestaurantService) {}
|
|
|
|
@Post()
|
|
async create(
|
|
@Body() dto: CreateRestaurantDto,
|
|
@Session() session: SessionType,
|
|
) {
|
|
return await this.service.create(session.user.id, dto);
|
|
}
|
|
|
|
@Get()
|
|
async findOwnerRestaurants(@Session() session: SessionType) {
|
|
return await this.service.findByOwner(session.user.id);
|
|
}
|
|
|
|
@Get(':id')
|
|
async findOne(@Param('id') id: string, @Session() session: SessionType) {
|
|
return await this.service.findMyRestaurant(id, session.user.id);
|
|
}
|
|
|
|
@Put(':id')
|
|
async update(
|
|
@Param('id') id: string,
|
|
@Body() dto: UpdateRestaurantDto,
|
|
@Session() session: SessionType,
|
|
) {
|
|
return await this.service.update(id, dto, session.user.id);
|
|
}
|
|
|
|
@Delete(':id')
|
|
async remove(@Param('id') id: string, @Session() session: SessionType) {
|
|
return await this.service.remove(id, session.user.id);
|
|
}
|
|
|
|
@Roles(['admin'])
|
|
@Get('/admin/all')
|
|
async adminFindAll() {
|
|
return await this.service.findAll();
|
|
}
|
|
|
|
@Roles(['admin'])
|
|
@Get('/admin/:id')
|
|
async adminFindOne(@Param('id') id: string) {
|
|
return await this.service.findOne(id);
|
|
}
|
|
|
|
@AllowAnonymous()
|
|
@Get('/public/:slug')
|
|
async publicBySlug(@Param('slug') slug: string) {
|
|
return await this.service.findBySlug(slug);
|
|
}
|
|
}
|