bakend get all files api changes

src/controllers/upload.controller.ts

@@ -294,7 +294,6 @@ const getAllFiles = async (c: Context) => {
             maxKeys?: number;
             continuationToken?: string
         };
-
         const { folder, maxKeys = 100, continuationToken } = validatedQuery || {};
 
         const result = await s3Service.getAllFiles(folder, maxKeys, continuationToken);
@@ -311,6 +310,7 @@ const getAllFiles = async (c: Context) => {
             },
         })
     } catch (error: any) {
+        console.log("error", error);
         return res.FailureResponse(c, 500, {
             message: "Failed to get all files",
             error: error.message,

src/middleware/auth.middleware.ts

@@ -7,7 +7,7 @@ import redisConn from "@/config/redis.config";
 import redisConstants from "@/global/redis-constants";
 import { getValidPinSession } from "@/core/session";
 import crypto from "crypto";
-import { UserRole } from "@/models/User.model";
+import { UserRole, type IUserAttributes } from "@/models/User.model";
 
 
 
@@ -151,8 +151,28 @@ const pinSessionMiddleware: MiddlewareHandler = async (c: Context, next: Next) =
     }
 };
 
+function checkPermissions(roles: UserRole[]) {
+    return async (c: Context, next: Next) => {
+        const user = c.get('user') as IUserAttributes;
+
+        if (!user) {
+            return res.FailureResponse(c, 401, { message: "Unauthorized." });
+        }
+
+        if (!roles.includes(user.role)) {
+            return res.FailureResponse(c, 403, {
+                message: "Forbidden, you don't have permission to perform this action."
+            });
+        }
+
+        await next(); // ✅ IMPORTANT
+    };
+}
+
+
 
 export default {
     authMiddleware,
+    checkPermissions,
     pinSessionMiddleware,
 };

src/routes/upload.routes.ts

@@ -4,6 +4,7 @@ import { uploadImageMiddleware } from '@/middleware/multer.middleware' // rewrit
 import uploadController from "@/controllers/upload.controller";
 import { validateBody, validateQuery, validateParams } from "@/utils/validation";
 import uploadValidation from "@/validation/upload.validation";
+import { UserRole } from "@/models";
 
 export class UploadRouter {
     /** Each router owns its own Hono instance */
@@ -17,55 +18,56 @@ export class UploadRouter {
 
     private MultipartUpload() {
         // Multipart upload
-        this.router.post('/initiate', 
-            Middleware.authMiddleware, 
-            validateBody(uploadValidation.initiateUploadValidation), 
+        this.router.post('/initiate',
+            Middleware.authMiddleware,
+            validateBody(uploadValidation.initiateUploadValidation),
             uploadController.initiateUpload
         )
-        this.router.post('/chunk/file/:uploadId', 
-            Middleware.authMiddleware, 
+        this.router.post('/chunk/file/:uploadId',
+            Middleware.authMiddleware,
             validateParams(uploadValidation.uploadIdValidation),
             uploadController.uploadChunk
         )
-        this.router.post('/complete/file/:uploadId', 
-            Middleware.authMiddleware, 
+        this.router.post('/complete/file/:uploadId',
+            Middleware.authMiddleware,
             validateParams(uploadValidation.uploadIdValidation),
-            validateBody(uploadValidation.completeUploadValidation), 
+            validateBody(uploadValidation.completeUploadValidation),
             uploadController.completeUpload
         )
-        this.router.post('/abort/file/:uploadId', 
-            Middleware.authMiddleware, 
+        this.router.post('/abort/file/:uploadId',
+            Middleware.authMiddleware,
             validateParams(uploadValidation.uploadIdValidation),
-            validateBody(uploadValidation.abortUploadValidation), 
+            validateBody(uploadValidation.abortUploadValidation),
             uploadController.abortUpload
         )
-        this.router.get('/parts/file/:uploadId', 
-            Middleware.authMiddleware, 
+        this.router.get('/parts/file/:uploadId',
+            Middleware.authMiddleware,
             validateParams(uploadValidation.uploadIdValidation),
-            validateQuery(uploadValidation.getPartsValidation), 
+            validateQuery(uploadValidation.getPartsValidation),
             uploadController.getPartsByUploadKey
         )
     }
 
     private UploadImagesOrFiles() {
         // Image upload (max 5 files)
-        this.router.post('/file', 
-            Middleware.authMiddleware, 
-            uploadImageMiddleware, 
+        this.router.post('/file',
+            Middleware.authMiddleware,
+            uploadImageMiddleware,
             uploadController.uploadFile
         )
-        this.router.get('/file/get-file', 
-            Middleware.authMiddleware, 
+        this.router.get('/file/get-file',
+            Middleware.authMiddleware,
             validateQuery(uploadValidation.fileNameValidation),
             uploadController.getFiles
         )
-        this.router.delete('/file/:fileName', 
-            Middleware.authMiddleware, 
+        this.router.delete('/file/:fileName',
+            Middleware.authMiddleware,
             validateParams(uploadValidation.fileNameValidation),
             uploadController.deleteFile
         )
-        this.router.get('/file/get-all-files', 
+        this.router.get('/file/get-all-files',
             Middleware.authMiddleware,
+            Middleware.checkPermissions([UserRole.ADMIN]),
             validateQuery(uploadValidation.getAllFilesValidation),
             uploadController.getAllFiles
         )

src/services/user.service.ts

@@ -1,5 +1,4 @@
 import constants from "@/global/constants";
-import jwt from "@/utils/jwt-token";
 import { type IUserSessionAttributes } from "@/models/UserSession.model";
 import userRepository from "@/repository/user.repository";
 import { type IUserAttributes } from "@/models/User.model";