vantzs/corrosion-admin-panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 18 Wiki Activity

feat: Wave 2 — entities, security guards, API key encryption (15 files)
All checks were successful
Test Asgard Runner / test (push) Successful in 2s
Details

Browse Source 
Entities:
- Create 5 new TypeORM entities: webstore_config, webstore_categories,
  webstore_items, webstore_transactions, module_store (all verified against live DB)
- Fix wipe-profile entity: remove incorrect default {} for pre/post wipe configs

Security:
- Add @RequirePermission guards to 7 controllers (36 endpoints total):
  team, webstore, notifications, alerts, analytics, settings, schedules
- Encrypt panel API key with AES-256-GCM in setup service (was plaintext)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Vantz Stockwell
2026-02-21 13:28:48 -05:00
parent 208622000c
commit e1a3ea3b78
15 changed files with 268 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
backend-nest/src/modules/team/team.controller.ts
View File

@@ -17,6 +17,7 @@ import {
import { JwtAuthGuard } from '../../common/guards/jwt-auth.guard';
import { CurrentTenant } from '../../common/decorators/current-tenant.decorator';
import { CurrentUser } from '../../common/decorators/current-user.decorator';
import { RequirePermission } from '../../common/decorators/require-permission.decorator';
import { TeamService } from './team.service';
import { InviteMemberDto } from './dto/invite-member.dto';
import { CreateRoleDto } from './dto/create-role.dto';
@@ -30,6 +31,7 @@ export class TeamController {
constructor(private readonly teamService: TeamService) {}
@Get()
@RequirePermission('team.view')
@ApiOperation({
summary: 'Get team members and roles',
description: 'Returns all team members with their roles and all available roles',
@@ -43,6 +45,7 @@ export class TeamController {
}
@Post('invite')
@RequirePermission('team.manage')
@ApiOperation({
summary: 'Invite a team member',
description: 'Invite a user by email and assign them a role',
@@ -68,6 +71,7 @@ export class TeamController {
}
@Delete(':id')
@RequirePermission('team.manage')
@ApiOperation({
summary: 'Remove a team member',
description: 'Remove a team member by ID',
@@ -88,6 +92,7 @@ export class TeamController {
}
@Post('roles')
@RequirePermission('team.manage')
@ApiOperation({
summary: 'Create a custom role',
description: 'Create a new custom role for this license',
@@ -108,6 +113,7 @@ export class TeamController {
}
@Put('roles/:id')
@RequirePermission('team.manage')
@ApiOperation({
summary: 'Update a role',
description: 'Update role permissions and details',
@@ -133,6 +139,7 @@ export class TeamController {
}
@Delete('roles/:id')
@RequirePermission('team.manage')
@ApiOperation({
summary: 'Delete a role',
description: 'Delete a custom role (cannot delete system roles or roles in use)',