fix: forbidden

deviate-team · Aug 3, 2023 · f45e6bc · f45e6bc
1 parent b308465
commit f45e6bc
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 13 deletions.
diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
@@ -95,8 +95,6 @@ export class AuthService {
       password: await bcrypt.hashSync(password, salt),
     });
 
-    console.log(newUser);
-
     return await this.generateToken({
       userId: newUser._id,
       role: newUser.role,

diff --git a/src/common/guards/roles.guard.ts b/src/common/guards/roles.guard.ts
@@ -1,22 +1,22 @@
 import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
-
 import { ROLES_KEY } from '../decorators/roles.decorator';
-import { Role } from '../enums/role.enum';
 
 @Injectable()
 export class RolesGuard implements CanActivate {
   constructor(private reflector: Reflector) {}
 
   canActivate(context: ExecutionContext): boolean {
-    const requiredRoles = this.reflector.getAllAndOverride<Role[]>(ROLES_KEY, [
-      context.getHandler(),
-      context.getClass(),
-    ]);
+    const requiredRoles = this.reflector.getAllAndOverride<string[]>(
+      ROLES_KEY,
+      [context.getHandler(), context.getClass()],
+    );
+
     if (!requiredRoles) {
       return true;
     }
+
     const { user } = context.switchToHttp().getRequest();
-    return requiredRoles.some((role) => user.roles?.includes(role));
+    return requiredRoles.some((role) => user.role?.includes(role));
   }
 }
diff --git a/src/tickets/tickets.controller.ts b/src/tickets/tickets.controller.ts
@@ -29,7 +29,7 @@ export class TicketsController {
   constructor(private readonly ticketsService: TicketsService) {}
 
   @Post()
-  @Roles(Role.Provider)
+  @Roles(Role.Provider, Role.Admin)
   @UseGuards(RolesGuard)
   async create(@Body() createTicketDto: CreateTicketDto) {
     const newTicket = await this.ticketsService.create(createTicketDto);
@@ -61,7 +61,7 @@ export class TicketsController {
   }
 
   @Post()
-  @Roles(Role.Provider)
+  @Roles(Role.Provider, Role.Admin)
   @UseGuards(RolesGuard)
   @Patch(':id')
   async update(
@@ -77,7 +77,7 @@ export class TicketsController {
   }
 
   @Post()
-  @Roles(Role.Provider)
+  @Roles(Role.Provider, Role.Admin)
   @UseGuards(RolesGuard)
   @Delete(':id')
   async remove(@Param('id') id: string) {

diff --git a/src/users/users.controller.ts b/src/users/users.controller.ts
@@ -16,7 +16,7 @@ import { UsersService } from './users.service';
 export class UsersController {
   constructor(private readonly usersService: UsersService) {}
 
-  @Roles(Role.Provider, Role.User)
+  @Roles(Role.Provider, Role.User, Role.Admin)
   @UseGuards(RolesGuard)
   @Get('/profile')
   async getProfile(@GetUser() currentUser) {