fosrl.pangolin/server/routers/role/listRoleActions.ts

60 lines
1.8 KiB
TypeScript
Raw Normal View History

import { Request, Response, NextFunction } from "express";
import { z } from "zod";
import { db } from "@server/db";
import { roleActions, actions } from "@server/db/schema";
import { eq } from "drizzle-orm";
2024-10-12 21:36:14 -04:00
import response from "@server/utils/response";
import HttpCode from "@server/types/HttpCode";
import createHttpError from "http-errors";
import logger from "@server/logger";
import { fromError } from "zod-validation-error";
2024-10-12 21:36:14 -04:00
const listRoleActionsSchema = z.object({
roleId: z.string().transform(Number).pipe(z.number().int().positive()),
});
export async function listRoleActions(
req: Request,
res: Response,
next: NextFunction
): Promise<any> {
2024-10-12 21:36:14 -04:00
try {
const parsedParams = listRoleActionsSchema.safeParse(req.params);
if (!parsedParams.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedParams.error).toString()
2024-10-12 21:36:14 -04:00
)
);
}
const { roleId } = parsedParams.data;
const roleActionsList = await db
.select({
actionId: actions.actionId,
name: actions.name,
description: actions.description,
})
.from(roleActions)
.innerJoin(actions, eq(roleActions.actionId, actions.actionId))
.where(eq(roleActions.roleId, roleId));
// TODO: Do we need to filter out what the user can see?
2024-10-12 21:36:14 -04:00
return response(res, {
data: roleActionsList,
success: true,
error: false,
message: "Role actions retrieved successfully",
status: HttpCode.OK,
});
} catch (error) {
logger.error(error);
return next(
createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
);
2024-10-12 21:36:14 -04:00
}
}