94 done BACK

.vscode/settings.json

+{
+    "workbench.colorCustomizations": {
+        "activityBar.activeBackground": "#65c89b",
+        "activityBar.background": "#65c89b",
+        "activityBar.foreground": "#15202b",
+        "activityBar.inactiveForeground": "#15202b99",
+        "activityBarBadge.background": "#945bc4",
+        "activityBarBadge.foreground": "#e7e7e7",
+        "commandCenter.border": "#15202b99",
+        "sash.hoverBorder": "#65c89b",
+        "statusBar.background": "#42b883",
+        "statusBar.foreground": "#15202b",
+        "statusBarItem.hoverBackground": "#359268",
+        "statusBarItem.remoteBackground": "#42b883",
+        "statusBarItem.remoteForeground": "#15202b",
+        "titleBar.activeBackground": "#42b883",
+        "titleBar.activeForeground": "#15202b",
+        "titleBar.inactiveBackground": "#42b88399",
+        "titleBar.inactiveForeground": "#15202b99"
+    },
+    "peacock.color": "#42b883"
+}
\ No newline at end of file

src/controllers/products.ts

@@ -4,6 +4,7 @@ import { config } from '../index.config'
 import { auth } from '../middlewares/auth'
 import { productService, ProductService } from '../services/products'
 import { permission } from '../middlewares/permission'
+import { ERoles } from '../enums/ERoles'
 
 const storage = multer.diskStorage({
     destination(req, file, callback) {
@@ -24,10 +25,10 @@ export class ProductsController {
 
     constructor() {
         this.router = express.Router()
-        this.router.get('/', permission('USER'), this.getProducts)
+        this.router.get('/', auth, this.getProducts)
         this.router.get('/:id', auth, this.getProductById)
-        this.router.post('/', [auth, upload.single('image')], this.addProduct)
-        this.router.delete('/:id', auth, this.deleteProductById)
+        this.router.post('/', [permission(ERoles.SUPER_ADMIN), upload.single('image')], this.addProduct)
+        this.router.delete('/:id', permission(ERoles.SUPER_ADMIN), this.deleteProductById)
         this.service = productService
     }
 

src/controllers/user.ts

@@ -7,6 +7,8 @@ import IUserGetDto from "../interfaces/IUserGetDto"
 import { auth } from "../middlewares/auth"
 import IRequestWithTokenData from "../interfaces/IRequestWithTokenData"
 import jwt from 'jsonwebtoken'
+import { permission } from "../middlewares/permission"
+import { ERoles } from "../enums/ERoles"
 
 
 
@@ -16,11 +18,11 @@ export class UserController {
     constructor() {
         this.service = userService
         this.router = express.Router()
-        this.router.get('/', auth, this.getUsers)
+        this.router.get('/', permission(ERoles.ADMIN, ERoles.SUPER_ADMIN), this.getUsers)
         this.router.post('/', this.createUser)
         this.router.post('/login', this.login)
         this.router.get('/token', auth, this.checkToken)
-        this.router.put('/', auth, this.editUser)
+        this.router.put('/', permission(ERoles.ADMIN), this.editUser)
         this.router.post('/forgot-password', this.sendEmailPassword)
         this.router.put('/reset-password', this.resetPassword)
     }
@@ -28,14 +30,20 @@ export class UserController {
         return this.router
     }
     private createUser = async (req: Request, res: Response): Promise<void> => {
-        const response: IResponse<IUserGetDto | undefined> = await this.service.createUser(req.body)
+        const response: IResponse<IUserGetDto | undefined> = await this.service.createUser({
+            username: req.body.username,
+            password: req.body.password
+        })
         res.status(200).send(response)
     }
 
     private editUser = async (expressReq: Request, res: Response): Promise<void> => {
         const req = expressReq as IRequestWithTokenData
         const user = req.dataFromToken as IUserGetDto
-        const response: IResponse<IUserGetDto | undefined> = await this.service.editUser(req.body, user._id)
+        const response: IResponse<IUserGetDto | undefined> = await this.service.editUser({
+            username: req.body.username,
+            password: req.body.password
+        }, user._id)
         res.status(200).send(response)
     }
 

src/enums/ERoles.ts

+export enum ERoles {
+    ADMIN = 'ADMIN',
+    USER = 'USER',
+    SUPER_ADMIN = 'SUPER_ADMIN'
+}
\ No newline at end of file

src/enums/EStatuses.ts

-export const enum EStatuses {
-    OK = 1,
-    NOT_OK = 0
+export enum EStatuses {
+    NOT_OK = 0,
+    OK = 1
 }
\ No newline at end of file

src/middlewares/permission.ts

@@ -3,7 +3,7 @@ import { EStatuses } from "../enums/EStatuses";
 import IResponse from "../interfaces/IResponse";
 import jwt from 'jsonwebtoken'
 import IRequestWithTokenData from "../interfaces/IRequestWithTokenData";
-export const permission = (role: string) => {
+export const permission = (...roles: string[]) => {
     return (expressReq: Request, res: Response, next: NextFunction) => {
         const req = expressReq as IRequestWithTokenData
         if (req.method === 'OPTIONS') {
@@ -11,7 +11,7 @@ export const permission = (role: string) => {
         }
         try {
             const data = jwt.verify(req.get('Authorization') || '', process.env.SECRET_KEY || '')
-            if (data && typeof data == 'object' && data.role === role) {
+            if (data && typeof data == 'object' && roles.includes(data.role)) {
                 req.dataFromToken = data
                 next()
             } else {

src/models/mongo/User.ts

 import mongoose, { Schema } from 'mongoose'
 import IUser from '../../interfaces/IUser'
 import bcrypt from 'bcrypt'
+import { ERoles } from '../../enums/ERoles'
 
 const UserSchema: Schema = new Schema<IUser>({
     username: {
@@ -15,7 +16,8 @@ const UserSchema: Schema = new Schema<IUser>({
     role: {
         type: String,
         required: true,
-        default: 'USER'
+        default: 'USER',
+        enum: Object.values(ERoles)
     }
 })