Mquiuqui
diff --git a/‎api/config/jsonSecret.js
+2-2 b/‎api/config/jsonSecret.js
+2-2
diff --git a/‎api/controllers/authController.js
+9-10 b/‎api/controllers/authController.js
+9-10
diff --git a/‎api/controllers/permissaoController.js
+64 b/‎api/controllers/permissaoController.js
+64
diff --git a/‎api/controllers/roleController.js
+65 b/‎api/controllers/roleController.js
+65
diff --git a/‎api/controllers/segurancaController.js
+31 b/‎api/controllers/segurancaController.js
+31
diff --git a/‎api/controllers/usuarioController.js
+25-36 b/‎api/controllers/usuarioController.js
+25-36
diff --git a/‎api/middleware/autenticado.js
+25 b/‎api/middleware/autenticado.js
+25
diff --git a/‎api/middleware/permissoes.js
+36 b/‎api/middleware/permissoes.js
+36
@@ -1,3 +1,3 @@
-module.exports={
-    secret: "e96d16e0e97ce4f1bc397156eb34c9a8"
+module.exports = {
+    secret: "c940b61c49f2a0a1bf3de506ca33a605"
 }
@@ -2,21 +2,20 @@ const AuthService = require('../services/authService')
 
 const authService = new AuthService()
 
-class AuthController{
+class AuthController {
+    static async login(req, res) {
+        const { email, senha } = req.body
 
-    static async login(req,res){
-        const {email ,senha } = req.body
-
-        try{
+        try {
             const login = await authService.login({email, senha})
-
+    
             res.status(200).send(login)
-        }catch(error){
-            res.status(401).send({message:error.message})
+        } catch (error) {
+            res.status(401).send({ message: error.message})
         }
 
     }
-    
+
 }
-module.exports = AuthController
 
+module.exports = AuthController
@@ -0,0 +1,64 @@
+const PermissaoService = require('../services/permissaoService')
+const permissaoService = new PermissaoService()
+
+class PermissaoController {
+    static async cadastrar(req, res) {
+        const { nome, descricao } = req.body
+
+        try {
+            const permissao = await permissaoService.cadastrar({ nome, descricao})
+
+            res.status(201).send(permissao)
+        } catch (error) {
+            res.status(400).send({ message: error.message})
+        }
+    }
+
+    static async buscarTodasPermissoes(req, res) {
+        const permissoes = await permissaoService.buscarTodasPermissoes()
+        
+        res.status(200).json(permissoes)
+    }
+    
+    static async buscarPermissaoPorId(req, res) {
+        try {
+            const { id } = req.params
+            const permissao = await permissaoService.buscarPermissaoPorId(id)
+            
+            res.status(200).json(permissao)  
+        } catch (error) {
+            console.log('Message error: ', error.message)
+            res.status(400).send({ message: error.message })
+        }
+    }
+    
+    static async deletarPermissaoPorId(req, res) {
+        const { id } = req.params
+        
+        try {
+            await permissaoService.deletarPermissaoPorId(id)
+            
+            res.status(200).send({ message: 'Permissão deletada com sucesso!' })
+            
+        } catch (error) {
+            console.log('Message error: ', error.message)
+            res.status(400).send({ message: error.message })
+        }
+    }
+    
+    static async editarPermissao(req, res) {
+        const { id } = req.params
+        const { nome, descricao } = req.body
+        
+        try {
+            const role = await permissaoService.editarPermissao({ id, nome, descricao })
+            
+            res.status(200).json(role)
+        } catch (error) {
+            console.log('Message error: ', error.message)
+            res.status(400).send({ message: error.message })
+        }
+    }
+}
+
+module.exports = PermissaoController
@@ -0,0 +1,65 @@
+const RoleService = require('../services/roleService')
+const roleService = new RoleService()
+
+class RoleController {
+    static async cadastrar(req, res) {
+        const { nome, descricao } = req.body
+
+        try {
+            const role = await roleService.cadastrar({ nome, descricao })
+
+            res.status(201).send(role)
+        } catch (error) {
+            res.status(400).send({ message: error.message })
+        }
+    }
+
+    static async buscarTodasRoles(req, res) {
+        const roles = await roleService.buscarTodasRoles()
+        
+        res.status(200).json(roles)
+    }
+    
+    static async buscarRolePorId(req, res) {       
+        try {
+            const { id } = req.params
+            const role = await roleService.buscarRolePorId(id)
+            
+            res.status(200).json(role)
+            
+        } catch (error) {
+            console.log('Message error: ', error.message)
+            res.status(400).send({ message: error.message }) 
+        }
+    }
+    
+    static async deletarRolePorId(req, res) {
+        const { id } = req.params
+        
+        try {
+            await roleService.deletarRolePorId(id)
+            
+            res.status(200).send({ message: 'Role deletada com sucesso!' })
+            
+        } catch (error) {
+            console.log('Message error: ', error.message)
+            res.status(400).send({ message: error.message }) 
+        }
+    }
+    
+    static async editarRole(req, res) {
+        const { id } = req.params
+        const { nome, descricao } = req.body
+        
+        try {
+            const role = await roleService.editarRole({ id, nome, descricao })
+            
+            res.status(200).json(role)
+        } catch (error) {
+            console.log('Message error: ', error.message)
+            res.status(400).send({ message: error.message }) 
+        }
+    }
+}
+
+module.exports = RoleController
@@ -0,0 +1,31 @@
+const SegurancaService = require('../services/segurancaService')
+const segurancaService = new SegurancaService()
+
+class SegurancaController {
+    static async cadastrarAcl(req, res) {
+        const { roles, permissoes } = req.body
+        const { usuarioId } = req
+
+        try {
+            const acl = await segurancaService.cadastrarAcl({ roles, permissoes, usuarioId})
+
+            res.status(201).send(acl)
+        } catch (error) {
+            res.status(400).send({ message: error.message})
+        }
+    }
+
+    static async cadastrarPermissoesRoles(req, res) {
+        const { roleId, permissoes } = req.body
+
+        try {
+            const permissoesRole = await segurancaService.cadastrarPermissoesRoles({ roleId, permissoes})
+
+            res.status(201).send(permissoesRole)
+        } catch (error) {
+            res.status(400).send({ message: error.message})
+        }
+    }
+}
+
+module.exports = SegurancaController
@@ -1,74 +1,63 @@
 const UsuarioService = require('../services/usuarioService')
+
 const usuarioService = new UsuarioService()
 
 class UsuarioController {
-    static async cadastrar(req,res){
-
-        try{
-            const {nome, email, senha } = req.body
+    static async cadastrar(req, res) {
+        const { nome, email, senha } = req.body
 
-            const usuario = await usuarioService.cadastrar({nome,email,senha})
+        try {
+            const usuario = await usuarioService.cadastrar({ nome, email, senha})
 
             res.status(201).send(usuario)
-        }catch(error){
-            res.status(400).send({ message: error.message })
+        } catch (error) {
+            res.status(400).send({ message: error.message})
         }
 
     }
 
-    static async listar(req,res){
-
-        try{
-
-            const usuario = await usuarioService.listar()
-    
-            res.status(201).send(usuario)
-        }catch(error){
-            res.status(400).send({ message: error.message })
-        }
+    static async buscarTodosUsuarios(req, res) {
+        const usuarios = await usuarioService.buscarTodosUsuarios()
 
+        res.status(200).json(usuarios)
     }
 
     static async buscarUsuarioPorId(req, res) {
         try {
             const { id } = req.params
             const usuario = await usuarioService.buscarUsuarioPorId(id)
-            
-            res.status(200).json(usuario) 
+
+            res.status(200).json(usuario)
         } catch (error) {
-            console.log('Message error: ', error.message)
-            res.status(400).send({ message: error.message })
+            res.status(400).send({ message: error.message }) 
         }
     }
 
-    static async deletarUsuarioPorId(req, res) {
+    static async editarUsuario(req, res) {
         const { id } = req.params
-        
+        const { nome, email } = req.body
+
         try {
-            await usuarioService.deletarUsuarioPorId(id)
-            
-            res.status(200).send({ message: 'Usuario deletada com sucesso!' })
-            
+            const usuario = await usuarioService.editarUsuario({ id, nome, email })
+
+            res.status(200).json(usuario)
         } catch (error) {
-            console.log('Message error: ', error.message)
             res.status(400).send({ message: error.message })
         }
     }
-    
-    static async editarUsuario(req, res) {
+
+    static async deletarUsuario(req, res) {
         const { id } = req.params
-        const { nome, email, senha } = req.body
-        
+
         try {
-            const usuario = await usuarioService.editarUsuario({ id, nome, email, senha })
+            await usuarioService.deletarUsuario(id)
+
+            res.status(200).send({ message: 'Usuario deletado com sucesso!' })
 
-            res.status(200).json(usuario)
         } catch (error) {
-            console.log('Message error: ', error.message)
             res.status(400).send({ message: error.message })
         }
     }
-
 }
 
 module.exports = UsuarioController
@@ -0,0 +1,25 @@
+const { verify, decode } = require('jsonwebtoken')
+const jsonSecret = require('../config/jsonSecret')
+
+module.exports = async (req, res, next) => {
+    const token = req.headers.authorization
+
+    if (!token) {
+        return res.status(401).send('Access token nao informado')
+    }
+
+    const [, accessToken] = token.split(" ")
+
+    try {
+        verify(accessToken, jsonSecret.secret)
+
+        const { id, email} = await decode(accessToken)
+
+        req.usuarioId = id
+        req.usuarioEmail = email
+
+        return next()
+    } catch (error) {
+        res.status(401).send('Usuario não autorizado')
+    }
+}
@@ -0,0 +1,36 @@
+const database = require('../models')
+
+const permissoes = (listaPermissoes) => {
+    return async (req, res, next) => {
+        const { usuarioId } = req
+
+        const usuario = await database.usuarios.findOne({
+            include: [
+                {
+                    model: database.permissoes,
+                    as: 'usuario_permissoes',
+                    attributes: ['id', 'nome']
+                }
+            ],
+            where: {
+                id: usuarioId
+            }
+        })
+
+        if (!usuario) {
+            return res.status(401).send('Usuario não cadastrado')
+        }
+
+        const permissoesCadastradas = usuario.usuario_permissoes
+            .map((permissao) => permissao.nome)
+            .some((permissao) => listaPermissoes.includes(permissao))
+
+        if (!permissoesCadastradas) {
+            return res.status(401).send('Usuario nao possui acesso a essa rota')
+        }
+
+        return next()
+    }
+}
+
+module.exports = permissoes
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`		`-module.exports={`
`2`		`- secret: "e96d16e0e97ce4f1bc397156eb34c9a8"`
	`1`	`+module.exports = {`
	`2`	`+ secret: "c940b61c49f2a0a1bf3de506ca33a605"`
`3`	`3`	`}`