Skip to content

Dev #76

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
AdityaDRathore wants to merge 35 commits into
base: main
Choose a base branch
from
Open

Dev #76

AdityaDRathore wants to merge 35 commits into from

Conversation

@AdityaDRathore
Copy link
Owner

@AdityaDRathore AdityaDRathore commented Jun 7, 2025

Authorization Utilities & Integration**

  • Task 3.1: Permission Checking Utilities
    • Create reusable permission checking functions.
    • Implement helper methods for common permission patterns.
    • Add caching for frequently checked permissions.
  • Task 3.2: Audit Logging
    • Implement audit logging for sensitive operations.
    • Create structured log format for security events.
    • Ensure PII protection in logs.
  • Task 3.3: Route Protection Implementation
    • Apply role requirements to all defined routes.
    • Group routes by required permission level.
    • Implement resource-specific access controls.
  • Task 3.4: Testing & Documentation
    • Create comprehensive tests for authorization system.
    • Document authorization patterns for developers.
    • Update API documentation with permission requirements.

@AdityaDRathore
Merge pull request #74 from AdityaDRathore/main
bfbbbfa 
main changes to dev
@AdityaDRathore
Add test setup file for Prisma client with database connection and cl…
a492ff1 
…eanup
@AdityaDRathore
Add integration tests for authentication routes
624949f
@AdityaDRathore
Add utility functions for testing authentication and user management
0d5f0ee
@AdityaDRathore
Add tests for RBAC middleware functionality
c724f44
@AdityaDRathore
Add tests for authentication and role-checking middleware
ef6563e
@AdityaDRathore
Add tests for permission checking functionality
f401cc9
@AdityaDRathore
Add email and organizationId to user object in authentication middleware
d4bfe15
@AdityaDRathore
Add requireSameOrganization middleware and getUserPermissions utility…
86b2e63 
… function
@AdityaDRathore
Refactor Jest configuration for improved test matching and coverage c…
8c9202e 
…ollection
@AdityaDRathore
Add supertest and its type definitions for enhanced testing capabilities
6ba475e
@AdityaDRathore
Fix missing newline at end of test setup file
f7341c8
@AdityaDRathore
Format error message in requireSameOrganization middleware for improv…
07cf029 
…ed readability
@AdityaDRathore
Fix missing comma in import statement and add newline at end of permi…
3ad9c15 
…ssionChecker test file
@AdityaDRathore
Refactor auth middleware tests to use MockResponse type and improve t…
a23828f 
…ype casting for middleware calls
@AdityaDRathore
Refactor RBAC middleware tests to use MockResponse type and improve t…
a066313 
…ype casting for middleware calls
@AdityaDRathore
Refactor auth routes tests for improved readability by consolidating …
db59a96 
…request chaining
@AdityaDRathore
Refactor authTestUtils to enhance type safety and improve mock respon…
7540014 
…se implementation
@AdityaDRathore
Fix formatting in rbacMiddleware test by removing unnecessary newline
b288a5d
@AdityaDRathore
Update JWT_SECRET defaults in environment config to match authTestUtils
6ae15b3
@AdityaDRathore
Enhance validation and error handling in AuthController; add min leng…
c6d87b5 
…th for password, required fields, and optional organizationId in registerSchema
@AdityaDRathore
Enhance error handling in authentication middleware; include specific…
6ce3f65 
… error codes for authentication required, user not found, and JWT errors
@AdityaDRathore
Add error handling middleware to manage application errors and log un…
009cb96 
…expected errors
@AdityaDRathore
Refactor AuthService to include organizationId in registration and lo…
5458f71 
…gin; add refreshToken to LoginResponse and improve duration parsing logic
@AdityaDRathore
Refactor permission tests to use constants for permissions and improv…
b699b79 
…e organization handling in admin tests
@AdityaDRathore
Refactor authentication middleware tests to improve organization hand…
48ac360 
…ling and add user not found scenario
@AdityaDRathore
Refactor RBAC middleware tests to improve organization handling and e…
13c203d 
…nsure unique user emails
@AdityaDRathore
Refactor auth routes tests to improve organization handling, enhance …
2384177 
…user data structure, and ensure proper error handling for registration and login processes.
@AdityaDRathore
Refactor test setup to improve logger handling, enhance database conn…
27a9a48 
…ection logic, and ensure proper cleanup of test data.
@AdityaDRathore
Refactor auth test utilities to remove direct PrismaClient instantiat…
bf4c7fc 
…ion, enhance organization of mock response, and ensure all required fields are present in test data.
@AdityaDRathore
Enhance error handling by adding optional errorCode parameter to AppE…
a2fd7f3 
…rror class and export logger instance for improved accessibility
@AdityaDRathore
Refactor error handling and improve organization in middleware and te…
3db41eb 
…sts; add errorCode to AppError class for enhanced error reporting
@AdityaDRathore
Testsetup passes linting and formatting checks
88cb2ad
@AdityaDRathore
Complete tasks for Day 3: Authorization Utilities & Integration in th…
28836e6 
…e backend implementation plan
@AdityaDRathore
Merge pull request #75 from AdityaDRathore/feature/db_test
ddd5757 
Feature/db test

 Authorization Utilities & Integration**

* [x] Task 3.1: Permission Checking Utilities
    * [x] Create reusable permission checking functions.
    * [x] Implement helper methods for common permission patterns.
    * [x] Add caching for frequently checked permissions.
* [x] Task 3.2: Audit Logging
    * [x] Implement audit logging for sensitive operations.
    * [x] Create structured log format for security events.
    * [x] Ensure PII protection in logs.
* [x] Task 3.3: Route Protection Implementation
    * [x] Apply role requirements to all defined routes.
    * [x] Group routes by required permission level.
    * [x] Implement resource-specific access controls.
* [x] Task 3.4: Testing & Documentation
    * [x] Create comprehensive tests for authorization system.
    * [x] Document authorization patterns for developers.
    * [x] Update API documentation with permission requirements.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AdityaDRathore