yosaphatprs/hospital-log
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add auth guard on obat and tindakan dokter, fix response on get all users and add auth guard on get all users

Browse Source
This commit is contained in:
yosaphatprs 2025-10-27 14:29:44 +07:00
parent d73a44cceb
commit d4fb9df013
15 changed files with 69 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
backend/api/src/modules/auth/auth.controller.ts
View File

@ -9,9 +9,9 @@ import {
import { CreateUserDto, CreateUserDtoResponse } from './dto/create-user.dto'; import { CreateUserDto, CreateUserDtoResponse } from './dto/create-user.dto';
import { AuthDto, AuthDtoResponse, UserRole } from './dto/auth.dto'; import { AuthDto, AuthDtoResponse, UserRole } from './dto/auth.dto';
import { AuthService } from './auth.service'; import { AuthService } from './auth.service';
import { AuthGuard } from './auth.guard'; import { AuthGuard } from './guard/auth.guard';
import { RolesGuard } from './roles.guard'; import { RolesGuard } from './guard/roles.guard';
import { Roles } from './roles.decorator'; import { Roles } from './decorator/roles.decorator';
@Controller('/auth') @Controller('/auth')
export class AuthController { export class AuthController {

1
backend/api/src/modules/auth/auth.module.ts
View File

@ -11,6 +11,7 @@ import { JwtModule } from '@nestjs/jwt';
PrismaModule, PrismaModule,
ConfigModule, ConfigModule,
JwtModule.registerAsync({ JwtModule.registerAsync({
global: true,
imports: [ConfigModule], imports: [ConfigModule],
inject: [ConfigService], inject: [ConfigService],
useFactory: (configService: ConfigService) => ({ useFactory: (configService: ConfigService) => ({

2
backend/api/src/modules/auth/roles.decorator.ts → backend/api/src/modules/auth/decorator/roles.decorator.ts
View File

@ -1,5 +1,5 @@
import { SetMetadata } from '@nestjs/common'; import { SetMetadata } from '@nestjs/common';
import { UserRole } from './dto/auth.dto'; import { UserRole } from '../dto/auth.dto';
export const ROLES_KEY = 'roles'; export const ROLES_KEY = 'roles';

0
backend/api/src/modules/auth/auth.guard.spec.ts → backend/api/src/modules/auth/guard/auth.guard.spec.ts
View File

0
backend/api/src/modules/auth/auth.guard.ts → backend/api/src/modules/auth/guard/auth.guard.ts
View File

0
backend/api/src/modules/auth/roles.guard.spec.ts → backend/api/src/modules/auth/guard/roles.guard.spec.ts
View File

4
backend/api/src/modules/auth/roles.guard.ts → backend/api/src/modules/auth/guard/roles.guard.ts
View File

@ -5,8 +5,8 @@ import {
ForbiddenException, ForbiddenException,
} from '@nestjs/common'; } from '@nestjs/common';
import { Reflector } from '@nestjs/core'; import { Reflector } from '@nestjs/core';
import { ROLES_KEY } from './roles.decorator'; import { ROLES_KEY } from '../decorator/roles.decorator';
import { UserRole } from './dto/auth.dto'; import { UserRole } from '../dto/auth.dto';
@Injectable() @Injectable()
export class RolesGuard implements CanActivate { export class RolesGuard implements CanActivate {

4
backend/api/src/modules/obat/obat.controller.ts
View File

@ -1,11 +1,13 @@
import { Controller, Get, Query } from '@nestjs/common'; import { Controller, Get, Query, UseGuards } from '@nestjs/common';
import { ObatService } from './obat.service'; import { ObatService } from './obat.service';
import { AuthGuard } from '../auth/guard/auth.guard';
@Controller('obat') @Controller('obat')
export class ObatController { export class ObatController {
constructor(private readonly obatService: ObatService) {} constructor(private readonly obatService: ObatService) {}
@Get('/') @Get('/')
@UseGuards(AuthGuard)
async getAllObat( async getAllObat(
@Query('take') take: number, @Query('take') take: number,
@Query('skip') skip: number, @Query('skip') skip: number,

3
backend/api/src/modules/rekammedis/rekammedis.controller.ts
View File

@ -10,7 +10,7 @@ import {
} from '@nestjs/common'; } from '@nestjs/common';
import { RekammedisService } from './rekammedis.service'; import { RekammedisService } from './rekammedis.service';
import { CreateRekamMedisDto } from './dto/create-rekammedis.dto'; import { CreateRekamMedisDto } from './dto/create-rekammedis.dto';
import { AuthGuard } from '../auth/auth.guard'; import { AuthGuard } from '../auth/guard/auth.guard';
@Controller('/rekammedis') @Controller('/rekammedis')
export class RekamMedisController { export class RekamMedisController {
@ -40,6 +40,7 @@ export class RekamMedisController {
@Post('/') @Post('/')
@Header('Content-Type', 'application/json') @Header('Content-Type', 'application/json')
@UseGuards(AuthGuard)
async createRekamMedis(@Body() dto: CreateRekamMedisDto) { async createRekamMedis(@Body() dto: CreateRekamMedisDto) {
return this.rekammedisService.createRekamMedis(dto); return this.rekammedisService.createRekamMedis(dto);
} }

2
backend/api/src/modules/rekammedis/rekammedis.module.ts
View File

@ -5,7 +5,7 @@ import { PrismaModule } from '../prisma/prisma.module';
import { JwtModule } from '@nestjs/jwt'; import { JwtModule } from '@nestjs/jwt';
@Module({ @Module({
imports: [PrismaModule, JwtModule], imports: [PrismaModule],
controllers: [RekamMedisController], controllers: [RekamMedisController],
providers: [RekammedisService], providers: [RekammedisService],
}) })

3
backend/api/src/modules/tindakandokter/tindakandokter.controller.ts
View File

@ -5,14 +5,17 @@ import {
HttpCode, HttpCode,
Param, Param,
Query, Query,
UseGuards,
} from '@nestjs/common'; } from '@nestjs/common';
import { TindakanDokterService } from './tindakandokter.service'; import { TindakanDokterService } from './tindakandokter.service';
import { AuthGuard } from '../auth/guard/auth.guard';
@Controller('/tindakan') @Controller('/tindakan')
export class TindakanDokterController { export class TindakanDokterController {
constructor(private tindakanDokterService: TindakanDokterService) {} constructor(private tindakanDokterService: TindakanDokterService) {}
@Get('/') @Get('/')
@UseGuards(AuthGuard)
async getAllTindakanDokter( async getAllTindakanDokter(
@Query('take') take: number, @Query('take') take: number,
@Query('tindakan') tindakan: string, @Query('tindakan') tindakan: string,

1
backend/api/src/modules/tindakandokter/tindakandokter.module.ts
View File

@ -2,6 +2,7 @@ import { Module } from '@nestjs/common';
import { TindakanDokterController } from './tindakandokter.controller'; import { TindakanDokterController } from './tindakandokter.controller';
import { TindakanDokterService } from './tindakandokter.service'; import { TindakanDokterService } from './tindakandokter.service';
import { PrismaModule } from '../prisma/prisma.module'; import { PrismaModule } from '../prisma/prisma.module';
import { JwtModule } from '@nestjs/jwt';
@Module({ @Module({
imports: [PrismaModule], imports: [PrismaModule],

31
backend/api/src/modules/user/dto/query-users.dto.ts Normal file
View File

@ -0,0 +1,31 @@
import { UserRole } from '@api/modules/auth/dto/auth.dto';
import { Expose, Transform } from 'class-transformer';
import { IsEnum, IsOptional } from 'class-validator';
export class QueryUsersDto {
search?: string;
}
export class QueryUsersResponseDto {
@Expose()
// @Transform(({ value }) => (value ? parseInt(value) : null))
id: bigint;
@Expose()
name: string;
@Expose()
username: string;
@Expose()
@IsEnum(UserRole, { message: 'role must be a valid UserRole' })
role: UserRole;
@Expose()
@IsOptional()
created_at?: Date;
@Expose()
@IsOptional()
updated_at?: Date;
}

10
backend/api/src/modules/user/user.controller.ts
View File

@ -10,11 +10,17 @@ import {
Query, Query,
Req, Req,
Res, Res,
UseGuards,
UseInterceptors, UseInterceptors,
} from '@nestjs/common'; } from '@nestjs/common';
import type { Request, Response } from 'express'; import type { Request, Response } from 'express';
import { UserService } from './user.service'; import { UserService } from './user.service';
import { users } from '@dist/generated/prisma'; import { users } from '@dist/generated/prisma';
import { AuthGuard } from '../auth/guard/auth.guard';
import { RolesGuard } from '../auth/guard/roles.guard';
import { Roles } from '../auth/decorator/roles.decorator';
import { UserRole } from '../auth/dto/auth.dto';
import { QueryUsersResponseDto } from './dto/query-users.dto';
@Controller('/users') @Controller('/users')
@UseInterceptors(ClassSerializerInterceptor) @UseInterceptors(ClassSerializerInterceptor)
@ -28,8 +34,10 @@ export class UserController {
@Get('/') @Get('/')
@Header('Content-Type', 'application/json') @Header('Content-Type', 'application/json')
@UseGuards(AuthGuard, RolesGuard)
@Roles(UserRole.Admin)
@HttpCode(200) @HttpCode(200)
getAllUsers(): Promise<users[]> { getAllUsers(): Promise<QueryUsersResponseDto[]> {
return this.userService.getAllUsers(); return this.userService.getAllUsers();
} }

16
backend/api/src/modules/user/user.service.ts
View File

@ -1,12 +1,20 @@
import { Injectable } from '@nestjs/common'; import { Injectable } from '@nestjs/common';
import { PrismaService } from '../prisma/prisma.service'; import { PrismaService } from '../prisma/prisma.service';
import { users } from '@dist/generated/prisma'; import { QueryUsersResponseDto } from './dto/query-users.dto';
import { UserRole } from '../auth/dto/auth.dto';
@Injectable() @Injectable()
export class UserService { export class UserService {
constructor(private prisma: PrismaService) {} constructor(private prisma: PrismaService) {}
async getAllUsers(): Promise<QueryUsersResponseDto[]> {
async getAllUsers(): Promise<users[]> { const users = await this.prisma.users.findMany();
return this.prisma.users.findMany(); return users.map((user) => ({
id: user.id,
name: user.nama_lengkap,
username: user.username,
role: user.role as UserRole,
created_at: user.created_at || undefined,
updated_at: user.updated_at || undefined,
}));
} }
} }