diff --git a/src/shared/auth/role.guard.ts b/src/shared/auth/role.guard.ts index e6ae1ede1d..c5e7f98469 100644 --- a/src/shared/auth/role.guard.ts +++ b/src/shared/auth/role.guard.ts @@ -13,6 +13,7 @@ class RoleGuardClass implements CanActivate { UserRole.SUPER_ADMIN, UserRole.SUPPORT, UserRole.COMPLIANCE, + UserRole.REALUNIT, ], [UserRole.USER]: [UserRole.VIP, UserRole.BETA, UserRole.ADMIN, UserRole.SUPER_ADMIN, UserRole.CUSTODY], [UserRole.VIP]: [UserRole.ADMIN, UserRole.SUPER_ADMIN], @@ -20,6 +21,7 @@ class RoleGuardClass implements CanActivate { [UserRole.SUPPORT]: [UserRole.COMPLIANCE, UserRole.ADMIN, UserRole.SUPER_ADMIN], [UserRole.COMPLIANCE]: [UserRole.ADMIN, UserRole.SUPER_ADMIN], [UserRole.BANKING_BOT]: [UserRole.ADMIN, UserRole.SUPER_ADMIN], + [UserRole.REALUNIT]: [UserRole.ADMIN, UserRole.SUPER_ADMIN], [UserRole.ADMIN]: [UserRole.SUPER_ADMIN], [UserRole.DEBUG]: [UserRole.ADMIN, UserRole.SUPER_ADMIN], [UserRole.CLIENT_COMPANY]: [UserRole.KYC_CLIENT_COMPANY], diff --git a/src/shared/auth/user-role.enum.ts b/src/shared/auth/user-role.enum.ts index 5ccc54cebf..0e26733ce6 100644 --- a/src/shared/auth/user-role.enum.ts +++ b/src/shared/auth/user-role.enum.ts @@ -9,6 +9,7 @@ export enum UserRole { SUPPORT = 'Support', COMPLIANCE = 'Compliance', CUSTODY = 'Custody', + REALUNIT = 'RealUnit', DEBUG = 'Debug', // service roles diff --git a/src/subdomains/supporting/realunit/controllers/realunit.controller.ts b/src/subdomains/supporting/realunit/controllers/realunit.controller.ts index 1d89531666..0d124d0b78 100644 --- a/src/subdomains/supporting/realunit/controllers/realunit.controller.ts +++ b/src/subdomains/supporting/realunit/controllers/realunit.controller.ts @@ -422,7 +422,7 @@ export class RealUnitController { @ApiExcludeEndpoint() @ApiOperation({ summary: 'Get RealUnit quotes' }) @ApiOkResponse({ type: [RealUnitQuoteDto], description: 'List of open RealUnit requests (quotes)' }) - @UseGuards(AuthGuard(), RoleGuard(UserRole.ADMIN), UserActiveGuard()) + @UseGuards(AuthGuard(), RoleGuard(UserRole.REALUNIT), UserActiveGuard()) async getAdminQuotes(@Query() { limit, offset }: RealUnitAdminQueryDto): Promise { return this.realunitService.getAdminQuotes(limit, offset); } @@ -432,7 +432,7 @@ export class RealUnitController { @ApiExcludeEndpoint() @ApiOperation({ summary: 'Get RealUnit transactions' }) @ApiOkResponse({ type: [RealUnitTransactionDto], description: 'List of completed RealUnit transactions' }) - @UseGuards(AuthGuard(), RoleGuard(UserRole.ADMIN), UserActiveGuard()) + @UseGuards(AuthGuard(), RoleGuard(UserRole.REALUNIT), UserActiveGuard()) async getAdminTransactions(@Query() { limit, offset }: RealUnitAdminQueryDto): Promise { return this.realunitService.getAdminTransactions(limit, offset); } @@ -443,7 +443,7 @@ export class RealUnitController { @ApiOperation({ summary: 'Confirm payment received for a open RealUnit request (quote)' }) @ApiParam({ name: 'id', description: 'Transaction request ID' }) @ApiOkResponse({ description: 'Payment confirmed and shares allocated' }) - @UseGuards(AuthGuard(), RoleGuard(UserRole.ADMIN), UserActiveGuard()) + @UseGuards(AuthGuard(), RoleGuard(UserRole.REALUNIT), UserActiveGuard()) async confirmPaymentReceived(@Param('id') id: string): Promise { await this.realunitService.confirmPaymentReceived(+id); } @@ -451,7 +451,7 @@ export class RealUnitController { @Put('admin/registration/:kycStepId/forward') @ApiBearerAuth() @ApiExcludeEndpoint() - @UseGuards(AuthGuard(), RoleGuard(UserRole.ADMIN), UserActiveGuard()) + @UseGuards(AuthGuard(), RoleGuard(UserRole.REALUNIT), UserActiveGuard()) async forwardRegistration(@Param('kycStepId') kycStepId: string): Promise { await this.realunitService.forwardRegistrationToAktionariat(+kycStepId); }