Hugging Face's logo

Spaces:
sifars
/
automated-invoice-processing-agent-backend
Runtime error

App Files Community
Bansari Akhani commited on
Commit
b695efe
·
1 Parent(s): 72b402c

bydefault get invoice list and users list in descending order, remove ACL restriction

Browse files
Files changed (3) hide show
  1. src/controllers/invoice/invoice.controller.ts +1 -1
  2. src/controllers/user.controller.ts +1 -1
  3. src/middlewares/checkPermissions.ts +16 -19
src/controllers/invoice/invoice.controller.ts CHANGED
@@ -316,7 +316,7 @@ export const getAllInvoices = async (req: AuthenticatedRequest, res: Response):
316
  if (sort_by && allowedSortColumns.includes(sort_by as string)) {
317
  options.order = [[sort_by as string, sort_order === 'desc' ? 'DESC' : 'ASC']];
318
  } else {
319
- options.order = [['id', 'ASC']];
320
  }
321
 
322
  let invoices:any = await Invoice.findAll({
 
316
  if (sort_by && allowedSortColumns.includes(sort_by as string)) {
317
  options.order = [[sort_by as string, sort_order === 'desc' ? 'DESC' : 'ASC']];
318
  } else {
319
+ options.order = [['id', 'DESC']];
320
  }
321
 
322
  let invoices:any = await Invoice.findAll({
src/controllers/user.controller.ts CHANGED
@@ -166,7 +166,7 @@ const getAllUsers = async (req: Request, res: Response) => {
166
  if (sort_by && allowedSortColumns.includes(sort_by as string)) {
167
  options.order = [[sort_by as string, sort_order === 'desc' ? 'DESC' : 'ASC']];
168
  } else {
169
- options.order = [['id', 'ASC']];
170
  }
171
 
172
  const [users, totalUsers] = await Promise.all([
 
166
  if (sort_by && allowedSortColumns.includes(sort_by as string)) {
167
  options.order = [[sort_by as string, sort_order === 'desc' ? 'DESC' : 'ASC']];
168
  } else {
169
+ options.order = [['id', 'DESC']];
170
  }
171
 
172
  const [users, totalUsers] = await Promise.all([
src/middlewares/checkPermissions.ts CHANGED
@@ -7,28 +7,25 @@ import { APP_CONFIG } from '../config/app.config';
7
  export const checkPermission = (requiredPermission: string) => {
8
  return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {
9
  try {
10
- // TODO : temporary check to disable ACL in staging and local
11
- if (APP_CONFIG.env == "development") {
12
- const userRoleId = req?.user?.role_id;
13
 
14
- const hasPermission = await RolePermission.findOne({
15
- where: {
16
- role_id: userRoleId,
 
 
 
 
 
 
17
  },
18
- include: [
19
- {
20
- model: Permission,
21
- where: { permission_name: requiredPermission },
22
- required: true,
23
- },
24
- ],
25
- });
26
 
27
- if (!hasPermission) {
28
- return res
29
- .status(403)
30
- .json({ message: 'Forbidden: You do not have permission to access this module' });
31
- }
32
  }
33
  next();
34
  } catch (error) {
 
7
  export const checkPermission = (requiredPermission: string) => {
8
  return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {
9
  try {
10
+ const userRoleId = req?.user?.role_id;
 
 
11
 
12
+ const hasPermission = await RolePermission.findOne({
13
+ where: {
14
+ role_id: userRoleId,
15
+ },
16
+ include: [
17
+ {
18
+ model: Permission,
19
+ where: { permission_name: requiredPermission },
20
+ required: true,
21
  },
22
+ ],
23
+ });
 
 
 
 
 
 
24
 
25
+ if (!hasPermission) {
26
+ return res
27
+ .status(403)
28
+ .json({ message: 'Forbidden: You do not have permission to access this module' });
 
29
  }
30
  next();
31
  } catch (error) {