feature/API-70/adjust-role-guards-permission#108
Merged
andres15alvarez merged 1 commit intodevfrom May 17, 2025
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces several changes to enhance role-based access control, improve functionality for branch-specific operations, and refactor the codebase for better modularity and maintainability. The most significant updates include expanding
UserRole.BRANCH_ADMINpermissions, adding branch-specific logic to inventory and order operations, and refactoring the order-related services into separate modules.Role-based Access Control Enhancements:
@Rolesdecorators inCouponController,PromoController, andOrderControllerto includeUserRole.BRANCH_ADMIN, granting branch administrators access to create, update, delete, and manage coupons, promos, and orders. [1] [2] [3] [4]Branch-specific Logic:
InventoryControllerto ensure that branch administrators can only create, update, or delete inventory items for their assigned branch. [1] [2] [3]OrderControllerto restrict branch administrators to managing orders within their branch and added branch ID handling for bulk updates and status changes. [1] [2]Service Refactoring:
OrderServiceintoOrderServiceandOrderDeliveryService, improving separation of concerns and modularity. Updated relevant imports and constructors in controllers and gateways. [1] [2] [3] [4] [5]Codebase Simplification:
EmailControllertest file, likely due to redundancy or deprecation.InventoryServicemethods to include branch-specific filtering forupdateandremoveoperations, ensuring data integrity across branches.These changes collectively improve the system's security, maintainability, and scalability by enforcing stricter role-based access and modularizing key functionalities.