Skip to content

Commit 2253b40

Browse files
committed
feat: add role-based access control to force password endpoints
- Implemented role-based access control for the 'forcepassword' and 'needtochangepassword' endpoints in the IdentitiesForcePasswordController. - Utilized the UseRoles decorator to enforce permissions based on defined actions and resource access, enhancing security and compliance.
1 parent fd692c2 commit 2253b40

1 file changed

Lines changed: 12 additions & 0 deletions

File tree

apps/api/src/management/identities/identities-forcepassword.controller.ts

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,8 @@ import { ActivationDto } from '~/management/identities/_dto/_parts/activation-dt
77
import { ForcePasswordDto } from '~/management/identities/_dto/force-password-dto';
88
import { IdentitiesForcepasswordService } from '~/management/identities/identities-forcepassword.service';
99
import { NeedChangePasswordDto } from '~/management/identities/_dto/need-change-password.dto';
10+
import { AC_ACTIONS, AC_DEFAULT_POSSESSION } from '~/_common/types/ac-types';
11+
import { UseRoles } from '~/_common/decorators/use-roles.decorator';
1012

1113
@ApiTags('management/identities')
1214
@Controller('identities')
@@ -15,6 +17,11 @@ export class IdentitiesForcePasswordController extends AbstractController {
1517
super();
1618
}
1719
@Post('forcepassword')
20+
@UseRoles({
21+
resource: '/management/identities/forcepassword',
22+
action: AC_ACTIONS.CREATE,
23+
possession: AC_DEFAULT_POSSESSION,
24+
})
1825
@ApiOperation({ summary: 'force le mot de passe de l identite' })
1926
@ApiResponse({ status: HttpStatus.OK })
2027
public async forcePassword(@Res() res: Response, @Body() body: ForcePasswordDto): Promise<Response> {
@@ -32,6 +39,11 @@ export class IdentitiesForcePasswordController extends AbstractController {
3239
}
3340
}
3441
@Post('needtochangepassword')
42+
@UseRoles({
43+
resource: '/management/identities/needtochangepassword',
44+
action: AC_ACTIONS.CREATE,
45+
possession: AC_DEFAULT_POSSESSION,
46+
})
3547
@ApiOperation({ summary: "force l'utilisateur a changer son mot de passe" })
3648
@ApiResponse({ status: HttpStatus.OK })
3749
public async needToChangePassword(@Res() res: Response, @Body() body: NeedChangePasswordDto): Promise<Response> {

0 commit comments

Comments
 (0)