fix comments issue

src/controllers/permission.controller.ts

@@ -31,44 +31,3 @@ export const createPermission = async (req: Request, res: Response) => {
     });
   }
 };
-
-export const assignPermissionsToRole = async (req: Request, res: Response) => {
-  try {
-    const { roleId } = req.params;
-    const { permission_ids } = req.body;
-
-    // Validate if the role exists
-    const role = await Role.findByPk(roleId);
-    if (!role) {
-      return res.status(404).json({ error: 'Role not found' });
-    }
-
-    // Fetch all permissions that match the given IDs
-    const existingPermissions = await Permission.findAll({ where: { id: permission_ids } });
-
-    // Extract IDs of existing permissions
-    const existingPermissionIds = existingPermissions.map(permission => permission.id);
-
-    // Identify non-existent permissions
-    const nonExistentPermissionIds = permission_ids.filter((id: number) => !existingPermissionIds.includes(id));
-
-    // Assign only the existing permissions to the role
-    const rolePermissions = await Promise.all(
-      existingPermissionIds.map(async (permission_id: number) => {
-        return await RolePermission.create({ role_id: parseInt(roleId, 10), permission_id });
-      })
-    );
-
-    return res.status(201).json({
-      message: 'Permissions processed successfully',
-      assignedPermissions: rolePermissions,
-      nonExistentPermissions: nonExistentPermissionIds,
-    });
-
-  } catch (error) {
-    logger.error('Error assigning permissions to role:', error);
-    return res.status(500).json({
-      error: 'Error while assigning permissions to the role.',
-    });
-  }
-};

src/controllers/roles.controller.ts

@@ -2,6 +2,8 @@ import { Request, Response } from 'express';
 import Role from '../models/roles';
 import { FindOptions, Op } from 'sequelize';
 import { logger } from '../utils/logger';
+import Permission from '../models/permissions';
+import RolePermission from '../models/rolePermissions';
 
 const buildRoleWhereClause = (filter: Record<string, any>) => {
 
@@ -89,4 +91,45 @@ const getAllRoles = async (req: Request, res: Response) => {
     }
 }
 
-export { getAllRoles }
+const assignPermissionsToRole = async (req: Request, res: Response) => {
+  try {
+    const { roleId } = req.params;
+    const { permission_ids } = req.body;
+
+    // Validate if the role exists
+    const role = await Role.findByPk(roleId);
+    if (!role) {
+      return res.status(404).json({ error: 'Role not found' });
+    }
+
+    // Fetch all permissions that match the given IDs
+    const existingPermissions = await Permission.findAll({ where: { id: permission_ids } });
+
+    // Extract IDs of existing permissions
+    const existingPermissionIds = existingPermissions.map(permission => permission.id);
+
+    // Identify non-existent permissions
+    const nonExistentPermissionIds = permission_ids.filter((id: number) => !existingPermissionIds.includes(id));
+
+    // Assign only the existing permissions to the role
+    const rolePermissions = await Promise.all(
+      existingPermissionIds.map(async (permission_id: number) => {
+        return await RolePermission.create({ role_id: parseInt(roleId, 10), permission_id });
+      })
+    );
+
+    return res.status(201).json({
+      message: 'Permissions processed successfully',
+      assignedPermissions: rolePermissions,
+      nonExistentPermissions: nonExistentPermissionIds,
+    });
+
+  } catch (error) {
+    logger.error('Error assigning permissions to role:', error);
+    return res.status(500).json({
+      error: 'Error while assigning permissions to the role.',
+    });
+  }
+};
+
+export { getAllRoles,assignPermissionsToRole }

src/db/seeders/20240829033937-seed-permissions.js

@@ -7,23 +7,18 @@ module.exports = {
             { permission_name: 'CREATE_USER', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'CREATE_INVOICE', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'GET_ALL_INVOICES', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'GET_INVOICE_BY_ID', created_at: new Date(), updated_at: new Date() },
+            { permission_name: 'GET_SINGLE_INVOICE', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'UPDATE_INVOICE', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'DELETE_INVOICE', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'APPROVE_INVOICE', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'GET_CURRENT_USER', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'GET_USER_BY_ID', created_at: new Date(), updated_at: new Date() },
+            { permission_name: 'GET_SINGLE_USER', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'GET_ALL_USERS', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'UPDATE_USER_BY_ID', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'DELETE_USER_BY_ID', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'GET_AUDIT_LOGS', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'GET_AUDIT_LOG_BY_ID', created_at: new Date(), updated_at: new Date() },
+            { permission_name: 'UPDATE_SINGLE_USER', created_at: new Date(), updated_at: new Date() },
+            { permission_name: 'DELETE_SINGLE_USER', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'GET_ERROR_LOGS', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'GET_ERROR_LOG_BY_ID', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'GET_ALL_ROLES', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'GET_SETTINGS', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'GET_SETTING_BY_ID', created_at: new Date(), updated_at: new Date() },
-            { permission_name: 'UPDATE_SETTING_BY_ID', created_at: new Date(), updated_at: new Date() },
+            { permission_name: 'GET_SINGLE_SETTING', created_at: new Date(), updated_at: new Date() },
+            { permission_name: 'UPDATE_SINGLE_SETTING', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'GET_INVOICE_ACTIVITY_LOGS', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'CREATE_PERMISSION', created_at: new Date(), updated_at: new Date() },
             { permission_name: 'ASSIGN_PERMISSIONS_TO_ROLE', created_at: new Date(), updated_at: new Date() },
@@ -38,23 +33,18 @@ module.exports = {
                 'CREATE_USER',
                 'CREATE_INVOICE',
                 'GET_ALL_INVOICES',
-                'GET_INVOICE_BY_ID',
+                'GET_SINGLE_INVOICE',
                 'UPDATE_INVOICE',
                 'DELETE_INVOICE',
                 'APPROVE_INVOICE',
-                'GET_CURRENT_USER',
-                'GET_USER_BY_ID',
+                'GET_SINGLE_USER',
                 'GET_ALL_USERS',
-                'UPDATE_USER_BY_ID',
-                'DELETE_USER_BY_ID',
-                'GET_AUDIT_LOGS',
-                'GET_AUDIT_LOG_BY_ID',
+                'UPDATE_SINGLE_USER',
+                'DELETE_SINGLE_USER',
                 'GET_ERROR_LOGS',
-                'GET_ERROR_LOG_BY_ID',
                 'GET_ALL_ROLES',
-                'GET_SETTINGS',
-                'GET_SETTING_BY_ID',
-                'UPDATE_SETTING_BY_ID',
+                'GET_SINGLE_SETTING',
+                'UPDATE_SINGLE_SETTING',
                 'GET_INVOICE_ACTIVITY_LOGS',
                 'CREATE_PERMISSION',
                 'ASSIGN_PERMISSIONS_TO_ROLE',

src/middlewares/checkPermissions.ts

@@ -8,10 +8,6 @@ export const checkPermission = (requiredPermission: string) => {
     try {
         const userRoleId = req?.user?.role_id;
 
-        if (userRoleId === 1) {
-            return next();
-        }
-
         const hasPermission = await RolePermission.findOne({
             where: {
             role_id: userRoleId,
@@ -28,7 +24,7 @@ export const checkPermission = (requiredPermission: string) => {
         if (!hasPermission) {
             return res
                 .status(403)
-                .json({ message: 'Forbidden: You do not have permission to access this resource' });
+                .json({ message: 'Forbidden: You do not have permission to access this module' });
         }
         next();
     } catch (error) {

src/routes/auditLogs.routes.ts

@@ -71,7 +71,7 @@ auditLogRouter.use(jwtMiddleware);
  *       500:
  *         description: Internal server error
  */
-auditLogRouter.get("/", checkPermission(Permission.GET_AUDIT_LOGS), getAuditLogs);
+auditLogRouter.get("/", getAuditLogs);
 
 /**
  * @swagger
@@ -95,6 +95,6 @@ auditLogRouter.get("/", checkPermission(Permission.GET_AUDIT_LOGS), getAuditLogs
  *       500:
  *         description: Internal server error
  */
-auditLogRouter.get("/:id", checkPermission(Permission.GET_AUDIT_LOG_BY_ID), getAuditLogById);
+auditLogRouter.get("/:id", getAuditLogById);
 
 export default auditLogRouter;

src/routes/errorLog.routes.ts

@@ -137,6 +137,6 @@ errorLogRouter.get("/", checkPermission(Permission.GET_ERROR_LOGS), getErrorLogs
  *       500:
  *         description: Error fetching error log
  */
-errorLogRouter.get("/:id", checkPermission(Permission.GET_ERROR_LOG_BY_ID), getErrorLogById);
+errorLogRouter.get("/:id", getErrorLogById);
 
 export default errorLogRouter;

src/routes/invoice.routes.ts

@@ -257,7 +257,7 @@ invoiceRouter.get('/', checkPermission(Permission.GET_ALL_INVOICES), getAllInvoi
  *       500:
  *         description: Error fetching invoice details
  */
-invoiceRouter.get('/:id', checkPermission(Permission.GET_INVOICE_BY_ID), getInvoiceById);
+invoiceRouter.get('/:id', checkPermission(Permission.GET_SINGLE_INVOICE), getInvoiceById);
 
 /**
  * @swagger

src/routes/permission.routes.ts

@@ -1,6 +1,6 @@
 import express from "express";
 import { jwtMiddleware } from '../middlewares/authMiddleware';
-import { assignPermissionsToRole, createPermission } from "../controllers/permission.controller";
+import { createPermission } from "../controllers/permission.controller";
 import { checkPermission } from "../middlewares/checkPermissions";
 import { Permission } from "../shared/interfaces/rolePermission.interface";
 
@@ -62,70 +62,4 @@ permissionRouter.use(jwtMiddleware);
  */
 permissionRouter.post('/', checkPermission(Permission.CREATE_PERMISSION), createPermission);
 
-/**
- * @swagger
- * components:
- *   schemas:
- *     RolePermission:
- *       type: object
- *       required:
- *         - role_id
- *         - permission_id
- *       properties:
- *         id:
- *           type: integer
- *           description: The auto-generated id of the role-permission relationship
- *         role_id:
- *           type: integer
- *           description: The ID of the role
- *         permission_id:
- *           type: integer
- *           description: The ID of the permission
- *       example:
- *         id: 1
- *         role_id: 2
- *         permission_id: 3
- *
- * /api/permissions/assignPermission/{roleId}:
- *   post:
- *     summary: Assign permissions to a role
- *     tags: [Roles, Permissions]
- *     parameters:
- *       - in: path
- *         name: roleId
- *         schema:
- *           type: integer
- *         required: true
- *         description: The ID of the role
- *     requestBody:
- *       required: true
- *       content:
- *         application/json:
- *           schema:
- *             type: object
- *             properties:
- *               permission_ids:
- *                 type: array
- *                 items:
- *                   type: integer
- *             example:
- *               permission_ids: [1, 2, 3]
- *     responses:
- *       201:
- *         description: Permissions assigned successfully
- *         content:
- *           application/json:
- *             schema:
- *               type: array
- *               items:
- *                 $ref: '#/components/schemas/RolePermission'
- *       400:
- *         description: Validation errors
- *       404:
- *         description: Role or Permission not found
- *       500:
- *         description: Error while assigning permissions
- */
-permissionRouter.post('/assignPermission/:roleId', checkPermission(Permission.ASSIGN_PERMISSIONS_TO_ROLE), assignPermissionsToRole);
-
 export default permissionRouter;

src/routes/roles.routes.ts

@@ -1,5 +1,5 @@
 import express from 'express';
-import { getAllRoles } from '../controllers/roles.controller';
+import { assignPermissionsToRole, getAllRoles } from '../controllers/roles.controller';
 import { jwtMiddleware } from '../middlewares/authMiddleware';
 import { checkPermission } from '../middlewares/checkPermissions';
 import { Permission } from '../shared/interfaces/rolePermission.interface';
@@ -116,4 +116,71 @@ rolesRouter.use(jwtMiddleware);
  */
 rolesRouter.get('/', checkPermission(Permission.GET_ALL_ROLES), getAllRoles);
 
+/**
+ * @swagger
+ * components:
+ *   schemas:
+ *     RolePermission:
+ *       type: object
+ *       required:
+ *         - role_id
+ *         - permission_id
+ *       properties:
+ *         id:
+ *           type: integer
+ *           description: The auto-generated id of the role-permission relationship
+ *         role_id:
+ *           type: integer
+ *           description: The ID of the role
+ *         permission_id:
+ *           type: integer
+ *           description: The ID of the permission
+ *       example:
+ *         id: 1
+ *         role_id: 2
+ *         permission_id: 3
+ *
+ * /api/permissions/assignPermission/{roleId}:
+ *   post:
+ *     summary: Assign permissions to a role
+ *     tags: [Roles, Permissions]
+ *     parameters:
+ *       - in: path
+ *         name: roleId
+ *         schema:
+ *           type: integer
+ *         required: true
+ *         description: The ID of the role
+ *     requestBody:
+ *       required: true
+ *       content:
+ *         application/json:
+ *           schema:
+ *             type: object
+ *             properties:
+ *               permission_ids:
+ *                 type: array
+ *                 items:
+ *                   type: integer
+ *             example:
+ *               permission_ids: [1, 2, 3]
+ *     responses:
+ *       201:
+ *         description: Permissions assigned successfully
+ *         content:
+ *           application/json:
+ *             schema:
+ *               type: array
+ *               items:
+ *                 $ref: '#/components/schemas/RolePermission'
+ *       400:
+ *         description: Validation errors
+ *       404:
+ *         description: Role or Permission not found
+ *       500:
+ *         description: Error while assigning permissions
+ */
+rolesRouter.post('/assignPermission/:roleId', checkPermission(Permission.ASSIGN_PERMISSIONS_TO_ROLE), assignPermissionsToRole);
+
+
 export default rolesRouter;

src/routes/settings.routes.ts

@@ -123,7 +123,7 @@ settingRouter.use(jwtMiddleware);
  *       500:
  *         description: Error fetching settings
  */
-settingRouter.get('/', checkPermission(Permission.GET_SETTINGS), getSettings);
+settingRouter.get('/', getSettings);
 
 /**
  * @swagger
@@ -150,7 +150,7 @@ settingRouter.get('/', checkPermission(Permission.GET_SETTINGS), getSettings);
  *       500:
  *         description: Error while fetching setting
  */
-settingRouter.get('/:id', checkPermission(Permission.GET_SETTING_BY_ID), getSettingById);
+settingRouter.get('/:id', checkPermission(Permission.GET_SINGLE_SETTING), getSettingById);
 
 /**
  * @swagger
@@ -193,6 +193,6 @@ settingRouter.get('/:id', checkPermission(Permission.GET_SETTING_BY_ID), getSett
  *       500:
  *         description: Error updating setting
  */
-settingRouter.put('/:id', checkPermission(Permission.UPDATE_SETTING_BY_ID), updateSettingById);
+settingRouter.put('/:id', checkPermission(Permission.UPDATE_SINGLE_SETTING), updateSettingById);
 
 export default settingRouter;

src/routes/users.routes.ts

@@ -120,7 +120,7 @@ userRouter.post("/",checkPermission(Permission.CREATE_USER), validateUser, handl
  *       500:
  *         description: Error while fetching User details
  */
-userRouter.get("/me", checkPermission(Permission.GET_CURRENT_USER), getCurrentUser);
+userRouter.get("/me", getCurrentUser);
 
 /**
  * @swagger
@@ -147,7 +147,7 @@ userRouter.get("/me", checkPermission(Permission.GET_CURRENT_USER), getCurrentUs
  *       500:
  *         description: Error while fetching User details
  */
-userRouter.get("/:id", checkPermission(Permission.GET_USER_BY_ID), getUserById);
+userRouter.get("/:id", checkPermission(Permission.GET_SINGLE_USER), getUserById);
 
 /**
  * @swagger
@@ -265,7 +265,7 @@ userRouter.get("/", checkPermission(Permission.GET_ALL_USERS), getAllUsers);
  *       500:
  *         description: Internal server error
  */
-userRouter.put("/:id", checkPermission(Permission.UPDATE_USER_BY_ID), validateUserUpdate, handleValidationErrors, updateUserById);
+userRouter.put("/:id", checkPermission(Permission.UPDATE_SINGLE_USER), validateUserUpdate, handleValidationErrors, updateUserById);
 
 /**
  * @swagger
@@ -288,7 +288,7 @@ userRouter.put("/:id", checkPermission(Permission.UPDATE_USER_BY_ID), validateUs
  *       500:
  *         description: Error while deleting User
  */
-userRouter.delete("/:id", checkPermission(Permission.DELETE_USER_BY_ID), deleteUserById);
+userRouter.delete("/:id", checkPermission(Permission.DELETE_SINGLE_USER), deleteUserById);
 
 
 export default userRouter;

src/shared/interfaces/rolePermission.interface.ts

@@ -2,29 +2,24 @@ export interface RolePermissionInterface {
     id?: number;
     role_id: number;
     permission_id: number; 
-  }
-
+}
+  
 export const Permission = {
   "CREATE_USER": "CREATE_USER",
   "CREATE_INVOICE": "CREATE_INVOICE",
   "GET_ALL_INVOICES": "GET_ALL_INVOICES",
-  "GET_INVOICE_BY_ID": "GET_INVOICE_BY_ID",
+  "GET_SINGLE_INVOICE": "GET_SINGLE_INVOICE",
   "UPDATE_INVOICE": "UPDATE_INVOICE",
   "DELETE_INVOICE": "DELETE_INVOICE",
   "APPROVE_INVOICE": "APPROVE_INVOICE",
-  "GET_CURRENT_USER": "GET_CURRENT_USER",
-  "GET_USER_BY_ID": "GET_USER_BY_ID",
+  "GET_SINGLE_USER": "GET_SINGLE_USER",
   "GET_ALL_USERS": "GET_ALL_USERS",
-  "UPDATE_USER_BY_ID": "UPDATE_USER_BY_ID",
-  "DELETE_USER_BY_ID": "DELETE_USER_BY_ID",
-  "GET_AUDIT_LOGS": "GET_AUDIT_LOGS",
-  "GET_AUDIT_LOG_BY_ID": "GET_AUDIT_LOG_BY_ID",
+  "UPDATE_SINGLE_USER": "UPDATE_SINGLE_USER",
+  "DELETE_SINGLE_USER": "DELETE_SINGLE_USER",
   "GET_ERROR_LOGS": "GET_ERROR_LOGS",
-  "GET_ERROR_LOG_BY_ID": "GET_ERROR_LOG_BY_ID",
   "GET_ALL_ROLES": "GET_ALL_ROLES",
-  "GET_SETTINGS": "GET_SETTINGS",
-  "GET_SETTING_BY_ID": "GET_SETTING_BY_ID",
-  "UPDATE_SETTING_BY_ID": "UPDATE_SETTING_BY_ID",
+  "GET_SINGLE_SETTING": "GET_SINGLE_SETTING",
+  "UPDATE_SINGLE_SETTING": "UPDATE_SINGLE_SETTING",
   "GET_INVOICE_ACTIVITY_LOGS": "GET_INVOICE_ACTIVITY_LOGS",
   "CREATE_PERMISSION": "CREATE_PERMISSION",
   "ASSIGN_PERMISSIONS_TO_ROLE": "ASSIGN_PERMISSIONS_TO_ROLE"