Merge fix/controller-guards with conflict resolution

2026-01-29 20:30:57 -06:00
parent 460bcd366c 48abdbba8b
commit 52aa1c4d06
8 changed files with 214 additions and 547 deletions
--- a/apps/api/src/activity/activity.controller.ts
+++ b/apps/api/src/activity/activity.controller.ts
@@ -3,65 +3,42 @@ import {
  Get, 
  Query, 
  Param, 
-  UseGuards, 
-  Request,
-  UnauthorizedException 
+  UseGuards
 } from "@nestjs/common";
 import { ActivityService } from "./activity.service";
 import { EntityType } from "@prisma/client";
 import type { QueryActivityLogDto } from "./dto";
 import { AuthGuard } from "../auth/guards/auth.guard";
+import { WorkspaceGuard, PermissionGuard } from "../common/guards";
+import { Workspace, Permission, RequirePermission } from "../common/decorators";

-/**
- * Controller for activity log endpoints
- * All endpoints require authentication
- */
@Controller("activity")
-@UseGuards(AuthGuard)
+@UseGuards(AuthGuard, WorkspaceGuard, PermissionGuard)
 export class ActivityController {
  constructor(private readonly activityService: ActivityService) {}

-  /**
-   * GET /api/activity
-   * Get paginated activity logs with optional filters
-   * workspaceId is extracted from authenticated user context
-   */
  @Get()
-  async findAll(@Query() query: QueryActivityLogDto, @Request() req: any) {
-    // Extract workspaceId from authenticated user
-    const workspaceId = req.user?.workspaceId || query.workspaceId;
+  @RequirePermission(Permission.WORKSPACE_ANY)
+  async findAll(
+    @Query() query: QueryActivityLogDto,
+    @Workspace() workspaceId: string
+  ) {
    return this.activityService.findAll({ ...query, workspaceId });
  }

-  /**
-   * GET /api/activity/:id
-   * Get a single activity log by ID
-   * workspaceId is extracted from authenticated user context
-   */
-  @Get(":id")
-  async findOne(@Param("id") id: string, @Request() req: any) {
-    const workspaceId = req.user?.workspaceId;
-    if (!workspaceId) {
-      throw new UnauthorizedException("User workspaceId not found");
-    }
-    return this.activityService.findOne(id, workspaceId);
-  }
-
-  /**
-   * GET /api/activity/audit/:entityType/:entityId
-   * Get audit trail for a specific entity
-   * workspaceId is extracted from authenticated user context
-   */
  @Get("audit/:entityType/:entityId")
+  @RequirePermission(Permission.WORKSPACE_ANY)
  async getAuditTrail(
-    @Request() req: any,
    @Param("entityType") entityType: EntityType,
-    @Param("entityId") entityId: string
+    @Param("entityId") entityId: string,
+    @Workspace() workspaceId: string
  ) {
-    const workspaceId = req.user?.workspaceId;
-    if (!workspaceId) {
-      throw new UnauthorizedException("User workspaceId not found");
-    }
    return this.activityService.getAuditTrail(workspaceId, entityType, entityId);
  }
+
+  @Get(":id")
+  @RequirePermission(Permission.WORKSPACE_ANY)
+  async findOne(@Param("id") id: string, @Workspace() workspaceId: string) {
+    return this.activityService.findOne(id, workspaceId);
+  }
 }