Jason Woltje
8388d49786
Some checks are pending
ci/woodpecker/push/api Pipeline is running
Co-authored-by: Jason Woltje <jason@diversecanvas.com> Co-committed-by: Jason Woltje <jason@diversecanvas.com>
86 lines
3.0 KiB
TypeScript
86 lines
3.0 KiB
TypeScript
import { Body, Controller, Delete, Get, Param, Patch, Post, UseGuards } from "@nestjs/common";
|
|
import { WorkspacesService } from "./workspaces.service";
|
|
import { AuthGuard } from "../auth/guards/auth.guard";
|
|
import { CurrentUser } from "../auth/decorators/current-user.decorator";
|
|
import { WorkspaceGuard, PermissionGuard } from "../common/guards";
|
|
import { Permission, RequirePermission } from "../common/decorators";
|
|
import type { WorkspaceMember } from "@prisma/client";
|
|
import type { AuthenticatedUser } from "../common/types/user.types";
|
|
import type { AddMemberDto, UpdateMemberRoleDto, WorkspaceResponseDto } from "./dto";
|
|
|
|
/**
|
|
* User-scoped workspace operations.
|
|
*
|
|
* Intentionally does NOT use WorkspaceGuard — these routes operate across all
|
|
* workspaces the user belongs to, not within a single workspace context.
|
|
*/
|
|
@Controller("workspaces")
|
|
@UseGuards(AuthGuard)
|
|
export class WorkspacesController {
|
|
constructor(private readonly workspacesService: WorkspacesService) {}
|
|
|
|
/**
|
|
* GET /api/workspaces
|
|
* Returns workspaces the authenticated user is a member of.
|
|
* Auto-provisions a default workspace if the user has none.
|
|
*/
|
|
@Get()
|
|
async getUserWorkspaces(@CurrentUser() user: AuthenticatedUser): Promise<WorkspaceResponseDto[]> {
|
|
return this.workspacesService.getUserWorkspaces(user.id);
|
|
}
|
|
|
|
/**
|
|
* POST /api/workspaces/:workspaceId/members
|
|
* Add a member to a workspace with the specified role.
|
|
* Requires: ADMIN role or higher.
|
|
*/
|
|
@Post(":workspaceId/members")
|
|
@UseGuards(WorkspaceGuard, PermissionGuard)
|
|
@RequirePermission(Permission.WORKSPACE_ADMIN)
|
|
async addMember(
|
|
@Param("workspaceId") workspaceId: string,
|
|
@Body() addMemberDto: AddMemberDto,
|
|
@CurrentUser() user: AuthenticatedUser
|
|
): Promise<WorkspaceMember> {
|
|
return this.workspacesService.addMember(workspaceId, user.id, addMemberDto);
|
|
}
|
|
|
|
/**
|
|
* PATCH /api/workspaces/:workspaceId/members/:userId
|
|
* Change a member role in a workspace.
|
|
* Requires: ADMIN role or higher.
|
|
*/
|
|
@Patch(":workspaceId/members/:userId")
|
|
@UseGuards(WorkspaceGuard, PermissionGuard)
|
|
@RequirePermission(Permission.WORKSPACE_ADMIN)
|
|
async updateMemberRole(
|
|
@Param("workspaceId") workspaceId: string,
|
|
@Param("userId") targetUserId: string,
|
|
@Body() updateMemberRoleDto: UpdateMemberRoleDto,
|
|
@CurrentUser() user: AuthenticatedUser
|
|
): Promise<WorkspaceMember> {
|
|
return this.workspacesService.updateMemberRole(
|
|
workspaceId,
|
|
user.id,
|
|
targetUserId,
|
|
updateMemberRoleDto
|
|
);
|
|
}
|
|
|
|
/**
|
|
* DELETE /api/workspaces/:workspaceId/members/:userId
|
|
* Remove a member from a workspace.
|
|
* Requires: ADMIN role or higher.
|
|
*/
|
|
@Delete(":workspaceId/members/:userId")
|
|
@UseGuards(WorkspaceGuard, PermissionGuard)
|
|
@RequirePermission(Permission.WORKSPACE_ADMIN)
|
|
async removeMember(
|
|
@Param("workspaceId") workspaceId: string,
|
|
@Param("userId") targetUserId: string,
|
|
@CurrentUser() user: AuthenticatedUser
|
|
): Promise<void> {
|
|
await this.workspacesService.removeMember(workspaceId, user.id, targetUserId);
|
|
}
|
|
}
|