Merge branch 'permissions' of gitlab.com:jetup/rws/api-rws into stage

src/app.module.ts

@@ -8,6 +8,7 @@ import {
 	SmsModule,
 	LogsModule,
 	TaxonomiesModule,
+	PermissionsModule,
 } from './domain'
 import { DatabaseModule, FilesStorageModule, JwtModule, RedisModule } from './libs'
 import { getEnv, stringToBoolean } from './shared'
@@ -27,6 +28,7 @@ const imports = [
 	LogsModule.forRoot(),
 	TaxonomiesModule.forRoot(),
 	FactoriesModule.forRoot(),
+	PermissionsModule.forRoot(),
 	...getRestModules(),
 ]
 

src/config/entities.config.ts

@@ -4,6 +4,7 @@ import { IPS_ENTITIES } from 'src/domain/ips/entities'
 import { LOG_ENTITIES } from 'src/domain/logs/entities'
 import { TAXONOMY_ENTITIES } from 'src/domain/taxonomies/entities'
 import { FACTORY_ENTITIES } from 'src/domain/factories/entities'
+import { PERMISSIONS_ENTITIES } from 'src/domain/permissions/entities'
 
 export const ENTITIES = [
 	...USERS_ENTITIES,
@@ -12,4 +13,5 @@ export const ENTITIES = [
 	...LOG_ENTITIES,
 	...TAXONOMY_ENTITIES,
 	...FACTORY_ENTITIES,
+	...PERMISSIONS_ENTITIES,
 ]

src/core/consts/index.ts

@@ -7,3 +7,10 @@ export const SESSIONS_SERVICE = Symbol('SESSIONS_SERVICE')
 export const SMS_SERVICE = Symbol('SMS_SERVICE')
 export const TAXONOMIES_SERVICE = Symbol('TAXONOMIES_SERVICE')
 export const FACTORIES_SERVICE = Symbol('FACTORIES_SERVICE')
+
+export const PERMISSIONS_SERVICE = Symbol('PERMISSIONS_SERVICE')
+
+/** чи точно потрібно? */
+export const USERS_PERMISSIONS_SERVICE = Symbol('USERS_PERMISSIONS_SERVICE')
+export const PERMISSIONS_GROUPS_SERVICE = Symbol('PERMISSIONS_GROUPS_SERVICE')
+/**  */

src/core/namespaces/index.ts

@@ -5,3 +5,4 @@ export * from './sms.namespace'
 export * from './logs.namespace'
 export * from './taxonomies.namespace'
 export * from './factories.namespace'
+export * from './permissions.namespace'

src/core/namespaces/permissions.namespace.ts

@@ -0,0 +1,153 @@
+import { IPagination, IPaginationResult } from "../interfaces";
+import { Users } from "./users.namespace";
+
+export namespace Permissions {
+	/**
+	 *  Інтерфейс списка з переліком усіх типів дозволів та їх можливих значень
+	 */
+	export interface IPermissionsList {
+		[x: string]: string[] | { [x: string]: string[] }
+	}
+
+  /**
+	 *  Інтерфейс дозволів користувача
+	 */
+  export interface IUserPermissions {
+		/** Ідентифікатор */
+		id: number
+
+    /** Ідентифікатор користувача, до якого відносяться ці дозволи */
+		userId: number
+
+		/** Користувач */
+		user?: Users.UserModel
+
+    /** Дозволи користувача */
+    permissions: string
+
+		/** Дата створення */
+		createdAt: string
+
+		/** Дата останньої зміни */
+		updatedAt: string
+  }
+
+  /**
+	 *  Інтерфейс груп дозволів
+	 */
+  export interface IPermissionsGroup {
+		/** Ідентифікатор */
+		id: number
+
+    /** Ідентифікатор користувача, що створив цю групу дозволів */
+		authorId: number
+
+		/** Користувач - автор групи дозволів */
+		author?: Users.UserModel
+
+		/** Назва групи дозволів */
+		name: string
+
+    /** Група дозволів */
+    permissions: string
+
+		/** Дата створення */
+		createdAt: string
+
+		/** Дата останньої зміни */
+		updatedAt: string
+  }
+
+	export interface SaveUserPermissionsPayload {
+		userId: number
+		permissions: string
+	}
+
+	export interface IPermissionsService {
+
+		/**
+		 * Метод для отримання списку з переліком усіх типів дозволів та їх значень
+		 * @returns Повертає список з переліком усіх типів дозволів та їх значень
+		 */
+
+		getPermissionsList(): Promise<IPermissionsList>
+	}
+
+	export interface IUserPermissionsService {
+		/**
+		 * Метод для створення/зміни дозволів користувача
+		 * @param {SaveUserPermissionsPayload} payload  - Дані дозволів користувача
+		 * @returns Повертає id дозволів користувача
+		 */
+
+		save(payload: SaveUserPermissionsPayload): Promise<IUserPermissions>
+
+		/**
+		 * Метод для видалення дозволів користувача
+		 * @param {number} userId  - ІD користувача
+		 */
+
+		remove(userId: number): Promise<void>
+
+		/**
+		 * Метод для отримання дозволів користувача
+		 * @param {number} userId  - ID користувача
+		 * @returns Повертає дозволи користувача
+		 */
+
+		getOne(userId: number): Promise<IUserPermissions>
+	}
+
+	export interface SavePermissionsGroupPayload {
+		name: string,
+		authorId: number,
+		permissions: string
+	}
+
+	export interface UpdatePermissionsGroupPayload {
+		id: number
+		name?: string,
+		permissions?: string
+	}
+
+	export interface IPermissionsGroupsService {
+		/**
+		 * Метод для створення групи дозволів
+		 * @param {SavePermissionsGroupPayload} payload  - Дані нової групи дозволів
+		 * @returns Повертає id створеної групи дозволів
+		 */
+
+		save(payload: SavePermissionsGroupPayload): Promise<number>
+
+		/**
+		 * Метод для оновлення групи дозволів
+		 * @param {UpdatePermissionsGroupPayload} payload  - Дані для оновлення
+		 * @returns {IPermissionsGroup} Повертає оновлену групу дозволів
+		 */
+
+		update(payload: UpdatePermissionsGroupPayload): Promise<IPermissionsGroup>
+
+		 /**
+			* Метод для видалення групи дозволів
+			* @param {number} id  - Ідентифікатор групи дозволів
+			*/
+
+		remove(id: number): Promise<void>
+
+		/**
+		 * Метод для отримання групи дозволів
+		 * @param {number} id  - ID групи дозволів
+		 * @returns Повертає групy дозволів
+		 */
+
+		getOne(id: number): Promise<IPermissionsGroup>
+
+		/**
+		 * Метод для отримання списку груп дозволів
+		 * @param {IPagination} pagination - Параметри пагінації
+		 * @returns Повертає список груп дозволів та їх кількість
+		 */
+
+		getList(pagination: IPagination): Promise<IPaginationResult<IPermissionsGroup>>
+	}
+}

src/domain/index.ts

@@ -5,3 +5,4 @@ export * from './sms/sms.module'
 export * from './logs/logs.module'
 export * from './taxonomies/taxonomies.module'
 export * from './factories/factories.module'
+export * from './permissions/permissions.module'

src/domain/permissions/consts/index.ts

@@ -0,0 +1,4 @@
+export const USER_PERMISSIONS_REPOSITORY = Symbol('USER_PERMISSIONS_REPOSITORY')
+export const PERMISSIONS_GROUPS_REPOSITORY = Symbol('PERMISSIONS_GROUPS_REPOSITORY')
+
+export * from './permissionsList'

src/domain/permissions/consts/permissionsList.ts

@@ -0,0 +1,215 @@
+import { Permissions } from "src/core";
+
+export const permissionsList: Permissions.IPermissionsList = {
+  // user permissions to factory tasks
+  factory: [
+    "create",
+    "find",
+    "update",
+    "destroy",
+    "not_permission"
+  ],
+  // user permissions to another user's tasks
+  user: [
+    "find",
+    "create",
+    "update",
+    "destroy",
+    "not_permission"
+  ],
+  // user permissions to tabs in menu
+  // if user has no permission to some tab it will not appear in menu
+  tabs: {
+    // user permissions to tab factory
+    factory: [
+      "find",
+      "create",
+      "update",
+      "destroy"
+    ],
+    // user permissions to tab users
+    user: [
+      "create",
+      "find",
+      "update",
+      "destroy",
+      "permissions",
+      "logout",
+      "ban"
+    ],
+    // user permissions to tab permission groups
+    group_permission: [
+      "find",
+      "create",
+      "update",
+      "destroy"
+    ],
+    // user permissions to tab taxonomy
+    taxonomy: [
+      "find",
+      "create",
+      "update",
+      "destroy"
+    ]
+  },
+  // show factory filter
+  filter_factory: []
+}
+
+
+
+// full list of controllers (received from current api)
+// DO NOT DELETE THIS LIST
+
+// {
+//   "archive_task": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy"
+//   ],
+//   "ban_ip": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy"
+//   ],
+//   "chat": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy",
+//     "addchat",
+//     "getchats",
+//     "editchatname",
+//     "subscribetochat",
+//     "unsubscribefromchat",
+//     "getchat",
+//     "addchatmembers",
+//     "removechatmembers",
+//     "changechatnotifications",
+//     "getavalibleusers",
+//     "deletechat",
+//     "readallmessages"
+//   ],
+//   "chatuser": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy"
+//   ],
+//   "comment": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy",
+//     "create_file",
+//     "read"
+//   ],
+//   "document": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy",
+//     "copy",
+//     "read"
+//   ],
+//   "factory": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy"
+//   ],
+//   "group_permission": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy"
+//   ],
+//   "logs": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy"
+//   ],
+//   "message": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy",
+//     "sendmessage",
+//     "editmessage",
+//     "pinmessage",
+//     "unpinmessage",
+//     "deletemessageforme",
+//     "deletemessage",
+//     "replytomessage",
+//     "getchatmessages",
+//     "sendmultiplemessages",
+//     "editmultiplemessages",
+//     "deletemultiplemessages",
+//     "deletemultiplemessagesforme",
+//     "sendphotomessage",
+//     "sendfilemessage",
+//     "downloadfile"
+//   ],
+//   "notification": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy",
+//     "read"
+//   ],
+//   "setting": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy"
+//   ],
+//   "task": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy",
+//     "count_type",
+//     "users_permissions",
+//     "bulk_delete",
+//     "atchive",
+//     "bulk_update",
+//     "override",
+//     "clone"
+//   ],
+//   "taxonomy": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy",
+//     "icon",
+//     "deleteicon"
+//   ],
+//   "user": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy",
+//     "deleteavatar",
+//     "favorite_task",
+//     "unfavorite_task",
+//     "count_job",
+//     "logout",
+//     "send_data_email",
+//     "send_data_sms"
+//   ],
+//   "chat_chatusers__user_chats": [
+//     "create",
+//     "find",
+//     "update",
+//     "destroy"
+//   ],
+//   "ban": [
+//     "find",
+//     "create",
+//     "destroy",
+//     "ban_users"
+//   ]
+// }

src/domain/permissions/entities/index.ts

@@ -0,0 +1,6 @@
+import { PermissionsGroup } from './permissions-group.entity'
+import { UserPermissions } from './user-permissions.entity'
+
+export const PERMISSIONS_ENTITIES = [PermissionsGroup, UserPermissions]
+
+export { PermissionsGroup, UserPermissions }

src/domain/permissions/entities/permissions-group.entity.ts

@@ -0,0 +1,33 @@
+import { Permissions } from "src/core"
+import { User } from "src/domain/users/entities"
+import { Column, CreateDateColumn, Entity, JoinColumn, OneToOne, PrimaryGeneratedColumn, UpdateDateColumn } from "typeorm"
+
+@Entity('permissionsGroups')
+export class PermissionsGroup implements Permissions.IPermissionsGroup {
+	@PrimaryGeneratedColumn()
+	id: number
+
+	@Column()
+	authorId: number
+
+	@OneToOne(
+		() => User,
+		{ onDelete: 'CASCADE' },
+	)
+	@JoinColumn({ name: 'userId' })
+	author?: User
+
+	@Column()
+	name: string
+
+  @Column({
+		type: 'json'
+	})
+	permissions: string
+
+  @CreateDateColumn({ type: 'timestamp', default: () => 'LOCALTIMESTAMP' })
+	createdAt: string
+
+	@UpdateDateColumn({ type: 'timestamp', default: () => 'LOCALTIMESTAMP' })
+	updatedAt: string
+}

src/domain/permissions/entities/user-permissions.entity.ts

@@ -0,0 +1,30 @@
+import { Permissions } from "src/core"
+import { User } from "src/domain/users/entities"
+import { Column, CreateDateColumn, Entity, JoinColumn, OneToOne, PrimaryGeneratedColumn, UpdateDateColumn } from "typeorm"
+
+@Entity('usersPermissions')
+export class UserPermissions implements Permissions.IUserPermissions {
+	@PrimaryGeneratedColumn()
+	id: number
+
+	@Column()
+	userId: number
+
+	@OneToOne(
+		() => User,
+		{ onDelete: 'CASCADE' },
+	)
+	@JoinColumn({ name: 'userId' })
+	user?: User
+
+  @Column({
+		type: 'json'
+	})
+	permissions: string
+
+  @CreateDateColumn({ type: 'timestamp', default: () => 'LOCALTIMESTAMP' })
+	createdAt: string
+
+	@UpdateDateColumn({ type: 'timestamp', default: () => 'LOCALTIMESTAMP' })
+	updatedAt: string
+}

src/domain/permissions/interfaces/index.ts

@@ -0,0 +1 @@
+export * from './permissions-dt.interfaces'

src/domain/permissions/interfaces/permissions-dt.interfaces.ts

@@ -0,0 +1,5 @@
+import { Permissions } from "src/core";
+import { Repository } from "typeorm";
+
+export type IUserPermissionsRepository = Repository<Permissions.IUserPermissions>
+export type IPermissionsGroupRepository = Repository<Permissions.IPermissionsGroup>

src/domain/permissions/permissions.module.ts

@@ -0,0 +1,53 @@
+import { DynamicModule, Module } from "@nestjs/common"
+import { PERMISSIONS_GROUPS_SERVICE, PERMISSIONS_SERVICE, USERS_PERMISSIONS_SERVICE } from "src/core/consts"
+import { provideEntity } from "src/libs"
+import { provideClass } from "src/shared"
+import { PERMISSIONS_GROUPS_REPOSITORY, USER_PERMISSIONS_REPOSITORY } from "./consts"
+import { PermissionsGroup, UserPermissions } from "./entities"
+import { PermissionsGroupsService, PermissionsService, PERMISSIONS_SERVICES, UsersPermissionsService } from "./services"
+
+@Module({})
+export class PermissionsModule {
+
+	static getProviders() {
+		return [
+			provideClass(PERMISSIONS_SERVICE, PermissionsService),
+			provideClass(USERS_PERMISSIONS_SERVICE, UsersPermissionsService),
+			provideClass(PERMISSIONS_GROUPS_SERVICE, PermissionsGroupsService),
+			...PERMISSIONS_SERVICES,
+			provideEntity(USER_PERMISSIONS_REPOSITORY, UserPermissions),
+			provideEntity(PERMISSIONS_GROUPS_REPOSITORY, PermissionsGroup),
+		]
+	}
+
+	static getExports() {
+		return [PERMISSIONS_SERVICE, USERS_PERMISSIONS_SERVICE, PERMISSIONS_GROUPS_SERVICE]
+	}
+
+	// static getImports() {
+	// 	return [
+	// 		SessionsModule.forFeature(),
+	// 		RedisModule.forFeature(),
+	// 		SmsModule.forFeature(),
+	// 		IPsModule.forFeature(),
+	// 	]
+	// }
+
+	static forRoot(): DynamicModule {
+		return {
+			module: PermissionsModule,
+			providers: PermissionsModule.getProviders(),
+			// imports: PermissionsModule.getImports(),
+			exports: PermissionsModule.getExports(),
+		}
+	}
+
+	static forFeature(): DynamicModule {
+		return {
+			module: PermissionsModule,
+			providers: PermissionsModule.getProviders(),
+			// imports: PermissionsModule.getImports(),
+			exports: PermissionsModule.getExports(),
+		}
+	}
+}

src/domain/permissions/services/index.ts

@@ -0,0 +1,7 @@
+import { PermissionsService } from './permissions.service'
+import { UsersPermissionsService } from './users-permissions.service'
+import { PermissionsGroupsService } from './permissions-groups.service'
+
+export const PERMISSIONS_SERVICES = [PermissionsService, UsersPermissionsService, PermissionsGroupsService]
+
+export { PermissionsService, UsersPermissionsService, PermissionsGroupsService }

src/domain/permissions/services/permissions-groups.service.ts

@@ -0,0 +1,38 @@
+import { Inject, Injectable } from "@nestjs/common";
+import { Permissions } from "src/core";
+import { IPagination, IPaginationResult } from "src/core/interfaces";
+import { paginateAndGetMany } from "src/shared";
+import { PERMISSIONS_GROUPS_REPOSITORY } from "../consts";
+import { IPermissionsGroupRepository } from "../interfaces";
+
+@Injectable()
+export class PermissionsGroupsService implements Permissions.IPermissionsGroupsService {
+
+  constructor(
+    @Inject(PERMISSIONS_GROUPS_REPOSITORY) private readonly permissionsGroupsRepository: IPermissionsGroupRepository
+  ){}
+
+  public async save(payload: Permissions.SavePermissionsGroupPayload): Promise<number> {
+    const permissionsGroup = await this.permissionsGroupsRepository.save(payload)
+
+    return permissionsGroup.id
+  }
+
+  public async update(payload: Permissions.UpdatePermissionsGroupPayload): Promise<Permissions.IPermissionsGroup> {
+    return this.permissionsGroupsRepository.save(payload)
+  }
+
+  public async remove(id: number): Promise<void> {
+    await this.permissionsGroupsRepository.delete(id)
+  }
+
+  public async getOne(id: number): Promise<Permissions.IPermissionsGroup> {
+    return this.permissionsGroupsRepository.findOne(id)
+  }
+
+  public async getList(pagination: IPagination): Promise<IPaginationResult<Permissions.IPermissionsGroup>> {
+    const query = this.permissionsGroupsRepository.createQueryBuilder('it')
+
+		return paginateAndGetMany(query, pagination)
+  }
+}

src/domain/permissions/services/permissions.service.ts

@@ -0,0 +1,13 @@
+import { Injectable } from "@nestjs/common";
+import { Permissions } from "src/core";
+import { permissionsList } from "../consts";
+
+@Injectable()
+export class PermissionsService implements Permissions.IPermissionsService {
+
+  private permissions: Permissions.IPermissionsList = permissionsList
+
+  public async getPermissionsList() {
+    return this.permissions
+  }
+}

src/domain/permissions/services/users-permissions.service.ts

@@ -0,0 +1,31 @@
+import { Inject, Injectable } from "@nestjs/common";
+import { Permissions } from "src/core";
+import { USER_PERMISSIONS_REPOSITORY } from "../consts";
+import { IUserPermissionsRepository } from "../interfaces";
+
+@Injectable()
+export class UsersPermissionsService implements Permissions.IUserPermissionsService {
+
+  constructor(
+    @Inject(USER_PERMISSIONS_REPOSITORY) private readonly usersPermissionsRepository: IUserPermissionsRepository
+  ){}
+
+  public async save(payload: Permissions.SaveUserPermissionsPayload): Promise<Permissions.IUserPermissions> {
+    const userPermissions = await this.usersPermissionsRepository.findOne({ userId: payload.userId })
+
+    if (!userPermissions)
+      await this.usersPermissionsRepository.save(payload)
+    else
+      await this.usersPermissionsRepository.update(userPermissions.id, { permissions: payload.permissions })
+
+    return this.usersPermissionsRepository.findOne(userPermissions.id)
+  }
+
+  public async remove(userId: number): Promise<void> {
+    await this.usersPermissionsRepository.delete({ userId })
+  }
+
+  public async getOne(userId: number): Promise<Permissions.IUserPermissions> {
+    return this.usersPermissionsRepository.findOne({ userId })
+  }
+}

src/rest/admin/index.ts

@@ -2,6 +2,7 @@ import { AdminUsersModule } from './users/admin-users.module'
 import { AdminAuthModule } from './auth/admin-auth.module'
 import { AdminLogsModule } from './logs/admin-logs.module'
 import { AdminSessionsModule } from './sessions/admin-sessions.module'
+import { AdminPermissionsModule } from './permissions/permissions.module'
 import { AdminTaxonomiesModule } from './taxonomies/admin-taxonomies.module'
 import { AdminFactoriesModule } from './factories/admin-factories.module'
 
@@ -9,6 +10,7 @@ export const getAdminModules = () => [
 	AdminUsersModule.forRoot(),
 	AdminAuthModule.forRoot(),
 	AdminLogsModule.forRoot(),
+	AdminPermissionsModule.forRoot(),
 	AdminSessionsModule.forRoot(),
 	AdminTaxonomiesModule.forRoot(),
 	AdminFactoriesModule.forRoot(),

src/rest/admin/permissions/controllers/admin-permissions-groups.controller.ts

@@ -0,0 +1,74 @@
+import { Body, Controller, Delete, Get, Param, Post, Put } from "@nestjs/common"
+import { ApiBody, ApiOkResponse, ApiOperation, ApiResponse, ApiTags } from "@nestjs/swagger"
+import { Users } from "src/core"
+import { IPagination } from "src/core/interfaces"
+import { RoleGuard } from "src/domain/sessions/decorators"
+import { ApiImplictPagination, ReqPagination } from "src/shared"
+import { PermissionsGroupDto, PermissionsGroupListDto, SavePermissionsGroupDto, UpdatePermissionsGroupDto } from "../dto"
+import { AdminPermissionsGroupService } from "../services"
+
+@ApiTags('Admin | permissions groups')
+@Controller('admin/permissions-groups')
+export class AdminPermissionsGroupsController {
+	constructor(private readonly permissionsGroupsService: AdminPermissionsGroupService) {}
+
+  @ApiOperation({ summary: 'Створення групи дозволів' })
+	@ApiBody({ type: SavePermissionsGroupDto })
+	@ApiResponse({ status: 201, description: 'Повертає ID групи дозволів', type: Number })
+	@RoleGuard(Users.Role.Admin)
+	@Post()
+	public async saveGroup(@Body() dto: SavePermissionsGroupDto) {
+		return this.permissionsGroupsService.savePermissionsGroup(dto)
+	}
+
+
+  @ApiOperation({ summary: 'Оновлення групи дозволів' })
+  @ApiResponse({
+    status: 201,
+    description: 'Повертає ID групи дозволів',
+    type: PermissionsGroupDto
+  })
+	@RoleGuard(Users.Role.Admin)
+	@Put(':id')
+	public async updateGroup(
+		@Body() dto: UpdatePermissionsGroupDto,
+		@Param('id') id: number,
+	) {
+		return await this.permissionsGroupsService.updatePermissionsGroup(id, dto)
+	}
+
+
+  @ApiOperation({ summary: 'Видалення групи дозволів' })
+	@RoleGuard(Users.Role.Admin)
+	@Delete(':id')
+	public async deleteGroup(@Param('id') id: number) {
+		return await this.permissionsGroupsService.removePermissionsGroup(id)
+	}
+
+
+  @ApiOperation({ summary: 'Отримання групи дозволів' })
+	@ApiOkResponse({
+		status: 200,
+		description: 'Повертає групу дозволів',
+    type: PermissionsGroupDto
+	})
+	@RoleGuard(Users.Role.Admin)
+	@Get(':id')
+	public async getGroup(@Param('id') id: number) {
+		return this.permissionsGroupsService.getPermissionsGroupById(id)
+	}
+
+
+  @ApiOperation({ summary: 'Отримання списку груп дозволів' })
+	@ApiResponse({
+    status: 200,
+    description: 'Список і кількість груп дозволів',
+    type: PermissionsGroupListDto
+  })
+	@ApiImplictPagination()
+	@RoleGuard(Users.Role.Admin)
+	@Get()
+	public async create(@ReqPagination() pagination: IPagination) {
+		return await this.permissionsGroupsService.getList(pagination)
+	}
+}

src/rest/admin/permissions/controllers/admin-permissions.controller.ts

@@ -0,0 +1,22 @@
+import { Controller, Get } from "@nestjs/common";
+import { ApiOkResponse, ApiOperation, ApiTags } from "@nestjs/swagger";
+import { Users } from "src/core";
+import { RoleGuard } from "src/domain/sessions/decorators";
+import { AdminPermissionsService } from "../services";
+
+@ApiTags('Admin | permissions list')
+@Controller('admin/permissions')
+export class AdminPermissionsController {
+	constructor(private readonly permissionsService: AdminPermissionsService) {}
+
+  @ApiOperation({ summary: 'Отримання списку з переліком усіх типів дозволів та їх можливих значень' })
+	@ApiOkResponse({
+		status: 200,
+		description: 'Повертає перелік усіх типів дозволів та їх значень',
+	})
+	@RoleGuard(Users.Role.Admin)
+	@Get()
+	public async getList() {
+		return this.permissionsService.getPermissions()
+	}
+}

src/rest/admin/permissions/controllers/admin-users-permissions.controller.ts

@@ -0,0 +1,44 @@
+import { Body, Controller, Delete, Get, Param, Post } from "@nestjs/common";
+import { ApiBody, ApiOkResponse, ApiOperation, ApiResponse, ApiTags } from "@nestjs/swagger";
+import { Users } from "src/core";
+import { RoleGuard } from "src/domain/sessions/decorators";
+import { SaveUserPermissionsDto, UserPermissionsDto } from "../dto";
+import { AdminUsersPermissionsService } from "../services";
+
+@ApiTags('Admin | users permissions')
+@Controller('admin/users-permissions')
+export class AdminUsersPermissionsController {
+	constructor(private readonly usersPermissionsService: AdminUsersPermissionsService) {}
+
+  @ApiOperation({ summary: 'Створення/зміна дозволів для користувача' })
+	@ApiBody({ type: SaveUserPermissionsDto })
+	@ApiResponse({
+    status: 201,
+    description: 'Повертає ID дозволів користувача',
+    type: UserPermissionsDto
+  })
+	@RoleGuard(Users.Role.Admin)
+	@Post(':userId')
+	public async savePermissions(@Body() dto: SaveUserPermissionsDto, @Param('userId') userId: number) {
+		return this.usersPermissionsService.saveUserPermissions(userId, dto)
+	}
+
+  @ApiOperation({ summary: 'Видалення дозволів користувача' })
+	@RoleGuard(Users.Role.Admin)
+	@Delete(':userId')
+	public async deletePermissions(@Param('userId') userId: number) {
+		return await this.usersPermissionsService.removeUserPermissions(userId)
+	}
+
+  @ApiOperation({ summary: 'Отримання дозволів користувача' })
+	@ApiOkResponse({
+		status: 200,
+		description: 'Повертає дозволи користувача',
+    type: UserPermissionsDto
+	})
+	@RoleGuard(Users.Role.Admin)
+	@Get(':userId')
+	public async getPermissions(@Param('userId') userId: number) {
+		return this.usersPermissionsService.getPermissionsByUserId(userId)
+	}
+}

src/rest/admin/permissions/controllers/index.ts

@@ -0,0 +1,9 @@
+import { AdminPermissionsController } from './admin-permissions.controller'
+import { AdminUsersPermissionsController } from './admin-users-permissions.controller'
+import { AdminPermissionsGroupsController } from './admin-permissions-groups.controller'
+
+export const ADMIN_PERMISSIONS_CONTROLLERS = [
+  AdminPermissionsController,
+  AdminUsersPermissionsController,
+  AdminPermissionsGroupsController
+]

src/rest/admin/permissions/dto/index.ts

@@ -0,0 +1,5 @@
+export * from './save-user-permissions.dto'
+export * from './save-permissions-group.dto'
+export * from './update-permissions-group.dto'
+export * from './user-permissions.dto'
+export * from './permissions-group.dto'

src/rest/admin/permissions/dto/permissions-group.dto.ts

@@ -0,0 +1,33 @@
+import { DtoProperty } from "src/shared"
+
+export class PermissionsGroupDto {
+  @DtoProperty()
+  id: number
+
+  @DtoProperty()
+  authorId: number
+
+  @DtoProperty()
+  name: string
+
+  @DtoProperty()
+  permissions: string
+
+  @DtoProperty()
+  createdAt: string
+
+  @DtoProperty()
+  updatedAt: string
+}
+
+export class PermissionsGroupListDto {
+  @DtoProperty({
+    isArray: true,
+    type: PermissionsGroupDto
+  })
+	items: PermissionsGroupDto[]
+
+  @DtoProperty()
+	count: number
+
+}

src/rest/admin/permissions/dto/save-permissions-group.dto.ts

@@ -0,0 +1,12 @@
+import { DtoProperty } from "src/shared"
+
+export class SavePermissionsGroupDto {
+  @DtoProperty()
+  name: string
+
+	@DtoProperty()
+	authorId: number
+
+	@DtoProperty()
+	permissions: string
+}

src/rest/admin/permissions/dto/save-user-permissions.dto.ts

@@ -0,0 +1,6 @@
+import { DtoProperty } from "src/shared"
+
+export class SaveUserPermissionsDto {
+	@DtoProperty()
+	permissions: string
+}

src/rest/admin/permissions/dto/update-permissions-group.dto.ts

@@ -0,0 +1,9 @@
+import { DtoPropertyOptional } from "src/shared"
+
+export class UpdatePermissionsGroupDto {
+  @DtoPropertyOptional()
+  name: string
+
+	@DtoPropertyOptional()
+	permissions: string
+}

src/rest/admin/permissions/dto/user-permissions.dto.ts

@@ -0,0 +1,18 @@
+import { DtoProperty } from "src/shared"
+
+export class UserPermissionsDto {
+  @DtoProperty()
+  id: number
+
+  @DtoProperty()
+  userId: number
+
+  @DtoProperty()
+  permissions: string
+
+  @DtoProperty()
+  createdAt: string
+
+  @DtoProperty()
+  updatedAt: string
+}

src/rest/admin/permissions/permissions.module.ts

@@ -0,0 +1,17 @@
+import { DynamicModule, Module } from "@nestjs/common";
+import { PermissionsModule } from "src/domain";
+import { JwtModule } from "src/libs";
+import { ADMIN_PERMISSIONS_CONTROLLERS } from "./controllers";
+import { ADMIN_PERMISSIONS_SERVICES } from "./services";
+
+@Module({})
+export class AdminPermissionsModule {
+	static forRoot(): DynamicModule {
+		return {
+			module: AdminPermissionsModule,
+			imports: [PermissionsModule.forFeature(), JwtModule.forFeature()],
+			providers: [...ADMIN_PERMISSIONS_SERVICES],
+			controllers: ADMIN_PERMISSIONS_CONTROLLERS,
+		}
+	}
+}

src/rest/admin/permissions/services/admin-permissions-groups.service.ts

@@ -0,0 +1,30 @@
+import { Inject, Injectable } from "@nestjs/common"
+import { Permissions } from "src/core"
+import { PERMISSIONS_GROUPS_SERVICE } from "src/core/consts"
+import { IPagination } from "src/core/interfaces"
+import { SavePermissionsGroupDto, UpdatePermissionsGroupDto } from "../dto"
+
+@Injectable()
+export class AdminPermissionsGroupService {
+	constructor(@Inject(PERMISSIONS_GROUPS_SERVICE) private readonly permissionsGroupsService: Permissions.IPermissionsGroupsService) {}
+
+  public async savePermissionsGroup(dto: SavePermissionsGroupDto) {
+    return this.permissionsGroupsService.save(dto)
+  }
+
+  public async updatePermissionsGroup(id: number, dto: UpdatePermissionsGroupDto) {
+    return this.permissionsGroupsService.update({ id, ...dto })
+  }
+
+  public async removePermissionsGroup(id: number) {
+    await this.permissionsGroupsService.remove(id)
+  }
+
+  public async getPermissionsGroupById(id: number) {
+    return this.permissionsGroupsService.getOne(id)
+  }
+
+  public async getList(pagination: IPagination) {
+    return this.permissionsGroupsService.getList(pagination)
+  }
+}

src/rest/admin/permissions/services/admin-permissions.service.ts

@@ -0,0 +1,12 @@
+import { Inject, Injectable } from '@nestjs/common'
+import { Permissions } from 'src/core'
+import { PERMISSIONS_SERVICE } from 'src/core/consts'
+
+@Injectable()
+export class AdminPermissionsService {
+	constructor(@Inject(PERMISSIONS_SERVICE) private readonly permissionsService: Permissions.IPermissionsService) {}
+
+	public async getPermissions() {
+		return this.permissionsService.getPermissionsList()
+	}
+}

src/rest/admin/permissions/services/admin-users-permissions.service.ts

@@ -0,0 +1,21 @@
+import { Inject, Injectable } from '@nestjs/common'
+import { Permissions } from 'src/core'
+import { USERS_PERMISSIONS_SERVICE } from 'src/core/consts'
+import { SaveUserPermissionsDto } from '../dto'
+
+@Injectable()
+export class AdminUsersPermissionsService {
+	constructor(@Inject(USERS_PERMISSIONS_SERVICE) private readonly usersPermissionsService: Permissions.IUserPermissionsService) {}
+
+  public async saveUserPermissions(userId: number, dto: SaveUserPermissionsDto) {
+    return this.usersPermissionsService.save({ userId, ...dto })
+  }
+
+  public async removeUserPermissions(userId: number) {
+    await this.usersPermissionsService.remove(userId)
+  }
+
+  public async getPermissionsByUserId(userId: number) {
+    return this.usersPermissionsService.getOne(userId)
+  }
+}

src/rest/admin/permissions/services/index.ts

@@ -0,0 +1,15 @@
+import { AdminPermissionsService } from "./admin-permissions.service"
+import { AdminUsersPermissionsService } from './admin-users-permissions.service'
+import { AdminPermissionsGroupService } from './admin-permissions-groups.service'
+
+export const ADMIN_PERMISSIONS_SERVICES = [
+  AdminPermissionsService,
+  AdminUsersPermissionsService,
+  AdminPermissionsGroupService
+]
+
+export {
+  AdminPermissionsService,
+  AdminUsersPermissionsService,
+  AdminPermissionsGroupService
+}

src/rest/app/index.ts

@@ -2,10 +2,12 @@ import { AppAuthModule } from './auth/auth.module'
 import { AppAccountModule } from './account/account.module'
 import { AppPhoneNumbersModule } from './phone-numbers/phone-numbers.module'
 import { AppFactoriesModule } from './factories/app-factories.module'
+import { AppPermissionsModule } from './permissions/permissions.module'
 
 export const getRestAppModules = () => [
 	AppAuthModule.forRoot(),
 	AppAccountModule.forRoot(),
 	AppPhoneNumbersModule.forRoot(),
 	AppFactoriesModule.forRoot(),
+	AppPermissionsModule.forRoot(),
 ]

src/rest/app/permissions/controllers/index.ts

@@ -0,0 +1,3 @@
+import { AppPermissionsController } from './permissions.controller'
+
+export const APP_PERMISSIONS_CONTROLLERS = [AppPermissionsController]

src/rest/app/permissions/controllers/permissions.controller.ts

@@ -0,0 +1,20 @@
+import { Controller, Get } from "@nestjs/common";
+import { ApiOkResponse, ApiOperation, ApiTags } from "@nestjs/swagger";
+import { AppPermissionsService } from "../services";
+
+@ApiTags('App | permissions')
+@Controller('app/permissions')
+export class AppPermissionsController {
+	constructor(private readonly permissionsService: AppPermissionsService) {}
+
+  @ApiOperation({ summary: 'Отримання списку з переліком усіх типів дозволів та їх можливих значень' })
+	@ApiOkResponse({
+		status: 200,
+		description: 'Повертає перелік усіх типів дозволів та їх значень',
+	})
+	// @RoleGuard(Users.Role.User)
+	@Get()
+	public async getList() {
+		return this.permissionsService.getPermissions()
+	}
+}

src/rest/app/permissions/permissions.module.ts

@@ -0,0 +1,16 @@
+import { DynamicModule, Module } from "@nestjs/common";
+import { PermissionsModule } from "src/domain";
+import { APP_PERMISSIONS_CONTROLLERS } from "./controllers";
+import { APP_PERMISSIONS_SERVICES } from "./services";
+
+@Module({})
+export class AppPermissionsModule {
+	static forRoot(): DynamicModule {
+		return {
+			module: AppPermissionsModule,
+			imports: [PermissionsModule.forFeature()],
+			providers: [...APP_PERMISSIONS_SERVICES],
+			controllers: APP_PERMISSIONS_CONTROLLERS,
+		}
+	}
+}

src/rest/app/permissions/services/app-permissions.service.ts

@@ -0,0 +1,12 @@
+import { Inject, Injectable } from '@nestjs/common'
+import { Permissions } from 'src/core'
+import { PERMISSIONS_SERVICE } from 'src/core/consts'
+
+@Injectable()
+export class AppPermissionsService {
+	constructor(@Inject(PERMISSIONS_SERVICE) private readonly permissionsService: Permissions.IPermissionsService) {}
+
+	public async getPermissions() {
+		return this.permissionsService.getPermissionsList()
+	}
+}

src/rest/app/permissions/services/index.ts

@@ -0,0 +1,5 @@
+import { AppPermissionsService } from "./app-permissions.service"
+
+export const APP_PERMISSIONS_SERVICES = [AppPermissionsService]
+
+export { AppPermissionsService }

src/shared/decorators/dto-property.decorator.ts

@@ -1,12 +1,12 @@
 import { applyDecorators } from '@nestjs/common'
-import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger'
+import { ApiProperty, ApiPropertyOptional, ApiPropertyOptions } from '@nestjs/swagger'
 import { Expose } from 'class-transformer'
 import { IsNotEmpty, IsOptional } from 'class-validator'
 
-export function DtoProperty() {
-	return applyDecorators(ApiProperty(), Expose(), IsNotEmpty())
+export function DtoProperty(options?: ApiPropertyOptions) {
+	return applyDecorators(ApiProperty(options), Expose(), IsNotEmpty())
 }
 
-export function DtoPropertyOptional() {
-	return applyDecorators(ApiPropertyOptional(), Expose(), IsOptional())
+export function DtoPropertyOptional(options?: ApiPropertyOptions) {
+	return applyDecorators(ApiPropertyOptional(options), Expose(), IsOptional())
 }