feat: defined register permission and get all permissions api endpoints

api/src/routes/api/index.ts

@@ -18,6 +18,7 @@ import groupRouter from './group'
 import clientRouter from './client'
 import authRouter from './auth'
 import sessionRouter from './session'
+import permissionRouter from './permission'
 
 const router = express.Router()
 
@@ -36,6 +37,7 @@ router.use('/group', desktopRestrict, groupRouter)
 router.use('/stp', authenticateAccessToken, stpRouter)
 router.use('/code', authenticateAccessToken, codeRouter)
 router.use('/user', desktopRestrict, userRouter)
+router.use('/permission', desktopRestrict, permissionRouter)
 router.use(
   '/',
   swaggerUi.serve,

api/src/routes/api/permission.ts

@@ -0,0 +1,35 @@
+import express from 'express'
+import { PermissionController } from '../../controllers/'
+import { authenticateAccessToken, verifyAdmin } from '../../middlewares'
+import { registerPermissionValidation } from '../../utils'
+
+const permissionRouter = express.Router()
+const controller = new PermissionController()
+
+permissionRouter.get('/', authenticateAccessToken, async (req, res) => {
+  try {
+    const response = await controller.getAllPermissions()
+    res.send(response)
+  } catch (err: any) {
+    res.status(403).send(err.toString())
+  }
+})
+
+permissionRouter.post(
+  '/',
+  authenticateAccessToken,
+  verifyAdmin,
+  async (req, res) => {
+    const { error, value: body } = registerPermissionValidation(req.body)
+    if (error) return res.status(400).send(error.details[0].message)
+
+    try {
+      const response = await controller.createPermission(body)
+      res.send(response)
+    } catch (err: any) {
+      res.status(403).send(err.toString())
+    }
+  }
+)
+
+export default permissionRouter