lstV2/server/services/auth/routes/userAdmin/setUserRoles.ts

import { createRoute, OpenAPIHono, z } from "@hono/zod-openapi";
import { setUserAccess } from "../../controllers/userRoles/setUserRoles.js";
import { apiHit } from "../../../../globalUtils/apiHits.js";
import { apiReturn } from "../../../../globalUtils/apiReturn.js";
import { authMiddleware } from "../../middleware/authMiddleware.js";
import hasCorrectRole from "../../middleware/roleCheck.js";
import { responses } from "../../../../globalUtils/routeDefs/responses.js";

const app = new OpenAPIHono();

const responseSchema = z.object({
    success: z.boolean().openapi({ example: true }),
    message: z.string().optional().openapi({ example: "user access" }),
    data: z.array(z.object({})).optional().openapi({ example: [] }),
});

const UserAccess = z.object({
    username: z
        .string()
        .regex(/^[a-zA-Z0-9_]{3,30}$/)
        .openapi({ example: "smith034" }),
    module: z.string().openapi({ example: "production" }),
    role: z.string().openapi({ example: "viewer" }),
    override: z.string().optional().openapi({ example: "secretString" }),
});

app.openapi(
    createRoute({
        tags: ["Auth:admin"],
        summary: "Sets Users access",
        method: "post",
        path: "/setuseraccess",
        middleware: [
            authMiddleware,
            hasCorrectRole(["admin", "systemAdmin"], "admin"),
        ],
        description: "When logged in you will be able to grant new permissions",
        request: {
            body: {
                content: {
                    "application/json": { schema: UserAccess },
                },
            },
        },
        responses: responses(),
    }),
    async (c) => {
        //apiHit(c, { endpoint: "api/auth/setUserRoles" });
        const { username, module, role, override } = await c.req.json();
        try {
            const access = await setUserAccess(
                username,
                module,
                role,
                override
            );
            //return apiReturn(c, true, access?.message, access?.data, 200);
            return c.json(
                {
                    success: access.success,
                    message: access.message,
                    data: [], //access?.data,
                },
                200
            );
        } catch (error) {
            console.log(error);
            //return apiReturn(c, false, "Error in setting the user access", error, 400);
            return c.json(
                {
                    success: false,
                    message: "Error in setting the user access",
                    data: error,
                },
                400
            );
        }
    }
);
export default app;