import { Body, Controller, Delete, Get, HttpCode, HttpStatus, Param, Patch, Post, Put, UseGuards, } from "@nestjs/common"; import type { AuthUser } from "@mosaic/shared"; import { CurrentUser } from "../auth/decorators/current-user.decorator"; import { AdminGuard } from "../auth/guards/admin.guard"; import { AuthGuard } from "../auth/guards/auth.guard"; import type { CreateProviderDto, ResetPasswordDto, UpdateAgentConfigDto, UpdateOidcDto, UpdateProviderDto, } from "./fleet-settings.dto"; import { FleetSettingsService } from "./fleet-settings.service"; @Controller("fleet-settings") @UseGuards(AuthGuard) export class FleetSettingsController { constructor(private readonly fleetSettingsService: FleetSettingsService) {} // --- Provider endpoints (user-scoped) --- // GET /api/fleet-settings/providers — list user's providers @Get("providers") async listProviders(@CurrentUser() user: AuthUser) { return this.fleetSettingsService.listProviders(user.id); } // GET /api/fleet-settings/providers/:id — get single provider @Get("providers/:id") async getProvider(@CurrentUser() user: AuthUser, @Param("id") id: string) { return this.fleetSettingsService.getProvider(user.id, id); } // POST /api/fleet-settings/providers — create provider @Post("providers") async createProvider(@CurrentUser() user: AuthUser, @Body() dto: CreateProviderDto) { return this.fleetSettingsService.createProvider(user.id, dto); } // PATCH /api/fleet-settings/providers/:id — update provider @Patch("providers/:id") @HttpCode(HttpStatus.NO_CONTENT) async updateProvider( @CurrentUser() user: AuthUser, @Param("id") id: string, @Body() dto: UpdateProviderDto ) { await this.fleetSettingsService.updateProvider(user.id, id, dto); } // DELETE /api/fleet-settings/providers/:id — delete provider @Delete("providers/:id") @HttpCode(HttpStatus.NO_CONTENT) async deleteProvider(@CurrentUser() user: AuthUser, @Param("id") id: string) { await this.fleetSettingsService.deleteProvider(user.id, id); } // --- Agent config endpoints (user-scoped) --- // GET /api/fleet-settings/agent-config — get user's agent config @Get("agent-config") async getAgentConfig(@CurrentUser() user: AuthUser) { return this.fleetSettingsService.getAgentConfig(user.id); } // PATCH /api/fleet-settings/agent-config — update user's agent config @Patch("agent-config") @HttpCode(HttpStatus.NO_CONTENT) async updateAgentConfig(@CurrentUser() user: AuthUser, @Body() dto: UpdateAgentConfigDto) { await this.fleetSettingsService.updateAgentConfig(user.id, dto); } // --- OIDC endpoints (admin only — use AdminGuard) --- // GET /api/fleet-settings/oidc — get OIDC config @Get("oidc") @UseGuards(AdminGuard) async getOidcConfig() { return this.fleetSettingsService.getOidcConfig(); } // PUT /api/fleet-settings/oidc — update OIDC config @Put("oidc") @UseGuards(AdminGuard) @HttpCode(HttpStatus.NO_CONTENT) async updateOidcConfig(@Body() dto: UpdateOidcDto) { await this.fleetSettingsService.updateOidcConfig(dto); } // DELETE /api/fleet-settings/oidc — remove OIDC config @Delete("oidc") @UseGuards(AdminGuard) @HttpCode(HttpStatus.NO_CONTENT) async deleteOidcConfig() { await this.fleetSettingsService.deleteOidcConfig(); } // --- Breakglass endpoints (admin only) --- // POST /api/fleet-settings/breakglass/reset-password — reset admin password @Post("breakglass/reset-password") @UseGuards(AdminGuard) @HttpCode(HttpStatus.NO_CONTENT) async resetBreakglassPassword(@Body() dto: ResetPasswordDto) { await this.fleetSettingsService.resetBreakglassPassword(dto.username, dto.newPassword); } }