lstV2/server/services/auth/routes/userRoles/setUserRoles.ts

import {createRoute, OpenAPIHono, z} from "@hono/zod-openapi";
import {setUserAccess} from "../../controllers/userRoles/setUserRoles.js";
import {apiHit} from "../../../../globalUtils/apiHits.js";
import {apiReturn} from "../../../../globalUtils/apiReturn.js";
import {authMiddleware} from "../../middleware/authMiddleware.js";

const app = new OpenAPIHono();

const responseSchema = z.object({
    success: z.boolean().openapi({example: true}),
    message: z.string().optional().openapi({example: "user access"}),
    data: z.array(z.object({})).optional().openapi({example: []}),
});

const UserAccess = z.object({
    username: z
    .string()
    .regex(/^[a-zA-Z0-9_]{3,30}$/)
    .openapi({example: "smith034"}),
    module: z.string().openapi({example: "production"}),
    role: z.string().openapi({example: "viewer"}),
    override: z.string().optional().openapi({example: "secretString"}),
});

app.openapi(
    createRoute({
        tags: ["Auth"],
        summary: "Sets Users access",
        method: "post",
        path: "/",
        middleware: authMiddleware,
        description: "When logged in you will be able to grant new permissions",
        request: {
            body: {
                content: {
                    "application/json": {schema: UserAccess},
                },
            },
        },
        responses: {
            200: {
                content: {"application/json": {schema: responseSchema}},
                description: "Retrieve the user",
            },
            400: {
                content: {"application/json": {schema: responseSchema}},
                description: "Failed to get user access",
            },
        },
    }),
    async (c) => {
        apiHit(c, {endpoint: "api/auth/setUserRoles"});
        const {username, module, role, override} = await c.req.json();
        try {
            const access = await setUserAccess(username, module, role, override);
            //return apiReturn(c, true, access?.message, access?.data, 200);
            return c.json({success: access.success, message: access.message, data: access.data}, 200);
        } catch (error) {
            console.log(error);
            //return apiReturn(c, false, "Error in setting the user access", error, 400);
            return c.json({success: false, message: "Error in setting the user access", data: error}, 400);
        }
    }
);
export default app;