fix: added API params validations (#1124)

pranalidhanavade · web-flow · commit 5169969c1de6 · 2025-03-03T11:56:54.000+05:30
* fix: added API params validations

Signed-off-by: pranalidhanavade &lt;pranali.dhanavade@ayanworks.com&gt;

* fix: removed  unneccessary roles from role gaurd

Signed-off-by: pranalidhanavade &lt;pranali.dhanavade@ayanworks.com&gt;

---------

Signed-off-by: pranalidhanavade &lt;pranali.dhanavade@ayanworks.com&gt;
diff --git a/apps/api-gateway/src/agent-service/agent-service.controller.ts b/apps/api-gateway/src/agent-service/agent-service.controller.ts
@@ -71,8 +71,10 @@ export class AgentController {
     summary: 'Get the agent health details',
     description: 'Get the agent health details for the organization'
   })
-  @UseGuards(AuthGuard('jwt'))
-  async getAgentHealth(@Param('orgId') orgId: string, @User() reqUser: user, @Res() res: Response): Promise<Response> {
+  @UseGuards(AuthGuard('jwt'), OrgRolesGuard)
+  @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.HOLDER, OrgRoles.ISSUER, OrgRoles.SUPER_ADMIN, OrgRoles.MEMBER, OrgRoles.VERIFIER)
+  
+  async getAgentHealth(@Param('orgId') orgId: string, @User() reqUser: user, @Res() res: Response): Promise<Response> {    
     const agentData = await this.agentService.getAgentHealth(reqUser, orgId);
 
     const finalResponse: IResponse = {
diff --git a/apps/api-gateway/src/fido/fido.controller.ts b/apps/api-gateway/src/fido/fido.controller.ts
@@ -30,7 +30,7 @@ export class FidoController {
      * @returns User details
      */
     @Get('/passkey/:email')
-    @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.HOLDER, OrgRoles.ISSUER, OrgRoles.SUPER_ADMIN, OrgRoles.SUPER_ADMIN, OrgRoles.MEMBER)
+    @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.HOLDER, OrgRoles.ISSUER, OrgRoles.SUPER_ADMIN, OrgRoles.MEMBER)
     @ApiBearerAuth()
     @ApiOperation({ summary: 'Fetch fido user details', description: 'Retrieve the details of a FIDO user by their email address.' })
     @ApiResponse({ status: HttpStatus.OK, description: 'Success', type: ApiResponseDto })
@@ -169,7 +169,7 @@ export class FidoController {
      * @returns Updated device name
      */
     @Put('/passkey/:credentialId')
-    @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.HOLDER, OrgRoles.ISSUER, OrgRoles.SUPER_ADMIN, OrgRoles.SUPER_ADMIN, OrgRoles.MEMBER)
+    @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.HOLDER, OrgRoles.ISSUER, OrgRoles.SUPER_ADMIN, OrgRoles.MEMBER)
     @ApiBearerAuth()
     @ApiOperation({ summary: 'Update fido user device name', description: 'Update the device name of a FIDO user.' })
     @ApiQuery({ name: 'deviceName', required: true })
@@ -196,7 +196,7 @@ export class FidoController {
      * @returns Success message
      */
     @Delete('/passkey/:credentialId')
-    @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.HOLDER, OrgRoles.ISSUER, OrgRoles.SUPER_ADMIN, OrgRoles.SUPER_ADMIN, OrgRoles.MEMBER)
+    @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.HOLDER, OrgRoles.ISSUER, OrgRoles.SUPER_ADMIN, OrgRoles.MEMBER)
     @ApiBearerAuth()
     @ApiOperation({ summary: 'Delete fido user device', description: 'Delete a FIDO user device by its credential ID.' })
     @ApiResponse({ status: HttpStatus.OK, description: 'Success', type: ApiResponseDto })
diff --git a/apps/api-gateway/src/organization/organization.controller.ts b/apps/api-gateway/src/organization/organization.controller.ts
@@ -315,7 +315,7 @@ export class OrganizationController {
  */
 
   @Get('/:orgId/users')
-  @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.HOLDER, OrgRoles.ISSUER, OrgRoles.SUPER_ADMIN, OrgRoles.SUPER_ADMIN, OrgRoles.MEMBER)
+  @Roles(OrgRoles.OWNER, OrgRoles.ADMIN, OrgRoles.HOLDER, OrgRoles.ISSUER, OrgRoles.SUPER_ADMIN, OrgRoles.MEMBER)
   @ApiBearerAuth()
   @UseGuards(AuthGuard('jwt'), OrgRolesGuard)
   @ApiResponse({ status: HttpStatus.OK, description: 'Success', type: ApiResponseDto })
