feat: Wave 2 — entities, security guards, API key encryption (15 files)
All checks were successful
Test Asgard Runner / test (push) Successful in 2s
All checks were successful
Test Asgard Runner / test (push) Successful in 2s
Entities:
- Create 5 new TypeORM entities: webstore_config, webstore_categories,
webstore_items, webstore_transactions, module_store (all verified against live DB)
- Fix wipe-profile entity: remove incorrect default {} for pre/post wipe configs
Security:
- Add @RequirePermission guards to 7 controllers (36 endpoints total):
team, webstore, notifications, alerts, analytics, settings, schedules
- Encrypt panel API key with AES-256-GCM in setup service (was plaintext)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Vantz Stockwell
@@ -7,6 +7,7 @@ import {
|
||||
} from '@nestjs/swagger';
|
||||
import { JwtAuthGuard } from '../../common/guards/jwt-auth.guard';
|
||||
import { CurrentTenant } from '../../common/decorators/current-tenant.decorator';
|
||||
import { RequirePermission } from '../../common/decorators/require-permission.decorator';
|
||||
import { NotificationsService } from './notifications.service';
|
||||
import { UpdateConfigDto } from './dto/update-config.dto';
|
||||
|
||||
@@ -18,6 +19,7 @@ export class NotificationsController {
|
||||
constructor(private readonly notificationsService: NotificationsService) {}
|
||||
|
||||
@Get('config')
|
||||
@RequirePermission('notifications.view')
|
||||
@ApiOperation({
|
||||
summary: 'Get notification configuration',
|
||||
description: 'Returns notification settings for this license',
|
||||
@@ -32,6 +34,7 @@ export class NotificationsController {
|
||||
}
|
||||
|
||||
@Put('config')
|
||||
@RequirePermission('notifications.manage')
|
||||
@ApiOperation({
|
||||
summary: 'Update notification configuration',
|
||||
description: 'Update notification settings for this license',
|
||||
|
||||
Reference in New Issue
Block a user