From f45e6bc3b74d3a50fc7feec0c7fc2384515a7187 Mon Sep 17 00:00:00 2001
From: 1tpp <panapat.dev@gmail.com>
Date: Fri, 4 Aug 2023 01:49:50 +0700
Subject: [PATCH] fix: forbidden

---
 src/auth/auth.service.ts          |  2 --
 src/common/guards/roles.guard.ts  | 14 +++++++-------
 src/tickets/tickets.controller.ts |  6 +++---
 src/users/users.controller.ts     |  2 +-
 4 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/src/auth/auth.service.ts b/src/auth/auth.service.ts
index aac8667..ec0e859 100644
--- a/src/auth/auth.service.ts
+++ b/src/auth/auth.service.ts
@@ -95,8 +95,6 @@ export class AuthService {
       password: await bcrypt.hashSync(password, salt),
     });
 
-    console.log(newUser);
-
     return await this.generateToken({
       userId: newUser._id,
       role: newUser.role,
diff --git a/src/common/guards/roles.guard.ts b/src/common/guards/roles.guard.ts
index 856f074..07d7265 100644
--- a/src/common/guards/roles.guard.ts
+++ b/src/common/guards/roles.guard.ts
@@ -1,22 +1,22 @@
 import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
-
 import { ROLES_KEY } from '../decorators/roles.decorator';
-import { Role } from '../enums/role.enum';
 
 @Injectable()
 export class RolesGuard implements CanActivate {
   constructor(private reflector: Reflector) {}
 
   canActivate(context: ExecutionContext): boolean {
-    const requiredRoles = this.reflector.getAllAndOverride<Role[]>(ROLES_KEY, [
-      context.getHandler(),
-      context.getClass(),
-    ]);
+    const requiredRoles = this.reflector.getAllAndOverride<string[]>(
+      ROLES_KEY,
+      [context.getHandler(), context.getClass()],
+    );
+
     if (!requiredRoles) {
       return true;
     }
+
     const { user } = context.switchToHttp().getRequest();
-    return requiredRoles.some((role) => user.roles?.includes(role));
+    return requiredRoles.some((role) => user.role?.includes(role));
   }
 }
diff --git a/src/tickets/tickets.controller.ts b/src/tickets/tickets.controller.ts
index af49b52..2c56907 100644
--- a/src/tickets/tickets.controller.ts
+++ b/src/tickets/tickets.controller.ts
@@ -29,7 +29,7 @@ export class TicketsController {
   constructor(private readonly ticketsService: TicketsService) {}
 
   @Post()
-  @Roles(Role.Provider)
+  @Roles(Role.Provider, Role.Admin)
   @UseGuards(RolesGuard)
   async create(@Body() createTicketDto: CreateTicketDto) {
     const newTicket = await this.ticketsService.create(createTicketDto);
@@ -61,7 +61,7 @@ export class TicketsController {
   }
 
   @Post()
-  @Roles(Role.Provider)
+  @Roles(Role.Provider, Role.Admin)
   @UseGuards(RolesGuard)
   @Patch(':id')
   async update(
@@ -77,7 +77,7 @@ export class TicketsController {
   }
 
   @Post()
-  @Roles(Role.Provider)
+  @Roles(Role.Provider, Role.Admin)
   @UseGuards(RolesGuard)
   @Delete(':id')
   async remove(@Param('id') id: string) {
diff --git a/src/users/users.controller.ts b/src/users/users.controller.ts
index 5a2b496..7f3fbf8 100644
--- a/src/users/users.controller.ts
+++ b/src/users/users.controller.ts
@@ -16,7 +16,7 @@ import { UsersService } from './users.service';
 export class UsersController {
   constructor(private readonly usersService: UsersService) {}
 
-  @Roles(Role.Provider, Role.User)
+  @Roles(Role.Provider, Role.User, Role.Admin)
   @UseGuards(RolesGuard)
   @Get('/profile')
   async getProfile(@GetUser() currentUser) {