Новое начало

.vscode/extensions.json

@@ -0,0 +1,10 @@
+{
+  "recommendations": [
+    "dbaeumer.vscode-eslint",
+    "esbenp.prettier-vscode",
+    "yoavbls.pretty-ts-errors",
+    "wayou.vscode-todo-highlight",
+    "gruntfuggly.todo-tree",
+    "mhutchie.git-graph"
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,8 @@
+{
+  "editor.bracketPairColorization.enabled": true,
+  "editor.guides.bracketPairs": true,
+  "editor.formatOnSave": true,
+  "editor.defaultFormatter": "esbenp.prettier-vscode",
+  "editor.codeActionsOnSave": ["source.fixAll.eslint"],
+  "eslint.validate": ["javascript", "javascriptreact", "typescript"]
+}

package-lock.json

@@ -23,7 +23,7 @@
         "slonik": "^37.2.0",
         "uuid": "^10.0.0",
         "winston": "^3.17.0",
-        "zod": "^3.22.4"
+        "zod": "^3.24.2"
       },
       "devDependencies": {
         "@types/bcrypt": "^5.0.2",
@@ -32,7 +32,7 @@
         "@types/express": "^4.17.21",
         "@types/jsonwebtoken": "^9.0.5",
         "@types/multer": "^1.4.11",
-        "@types/node": "^20.17.16",
+        "@types/node": "^20.11.3",
         "@types/nodemailer": "^6.4.16",
         "@types/pg": "^8.10.9",
         "@types/uuid": "^10.0.0",
@@ -5204,9 +5204,9 @@
       }
     },
     "node_modules/zod": {
-      "version": "3.22.4",
-      "resolved": "https://registry.npmjs.org/zod/-/zod-3.22.4.tgz",
-      "integrity": "sha512-iC+8Io04lddc+mVqQ9AZ7OQ2MrUKGN+oIQyq1vemgt46jwCwLfhq7/pwnBnNXXXZb8VTVLKwp9EDkx+ryxIWmg==",
+      "version": "3.24.2",
+      "resolved": "https://registry.npmjs.org/zod/-/zod-3.24.2.tgz",
+      "integrity": "sha512-lY7CDW43ECgW9u1TcT3IoXHflywfVqDYze4waEz812jR/bZ8FHDsl7pFQoSZTz5N+2NqRXs8GBwnAwo3ZNxqhQ==",
       "funding": {
         "url": "https://github.com/sponsors/colinhacks"
       }

package.json

@@ -6,6 +6,7 @@
   "type": "module",
   "imports": {
     "#*": "./src/*",
+    "#api": "./src/api/api.ts",
     "#db": "./src/db/db.ts",
     "#db-shema": "./src/db/db-shema.ts",
     "#exceptions": "./src/exceptions/",
@@ -41,7 +42,7 @@
     "slonik": "^37.2.0",
     "uuid": "^10.0.0",
     "winston": "^3.17.0",
-    "zod": "^3.22.4"
+    "zod": "^3.24.2"
   },
   "devDependencies": {
     "@types/bcrypt": "^5.0.2",

src/api/api.ts

@@ -0,0 +1,412 @@
+import { z } from "zod";
+
+class authApi {
+  // /auth/registration
+  public POST_Registration = {
+    req: z.object({
+      email: z.string().email(),
+    }),
+    res: z.discriminatedUnion("code", [
+      z.object({
+        code: z.enum(["pinIsSent"]),
+        transactionId: z.string().uuid(),
+      }),
+      z.object({
+        code: z.enum(["pinIsNotSent"]),
+      }),
+      z.object({
+        code: z.enum(["alreadyExists"]),
+      }),
+    ]),
+  };
+
+  // /auth/confirm-registration
+  public POST_ConfirmRegistration = {
+    req: z.object({
+      password: z.string(),
+      name: z.string(),
+      transactionId: z.string().uuid(),
+      confirmPin: z.number().min(1000).max(9999),
+    }),
+    res: z.discriminatedUnion("code", [
+      z.object({
+        code: z.literal("registered"),
+        accessToken: z.string(),
+        refreshToken: z.string(),
+        userData: z.object({
+          email: z.string().email(),
+          userId: z.string().uuid(),
+        }),
+      }),
+      z.object({ code: z.literal("pinIsWrong"), triesRemained: z.number() }),
+      z.object({ code: z.literal("pinIsRotten") }),
+      z.object({ code: z.literal("tooManyTries") }),
+    ]),
+  };
+
+  // /auth/login
+  public POST_Login = {
+    req: z.object({
+      email: z.string().email(),
+      password: z.string(),
+    }),
+    res: z.discriminatedUnion("code", [
+      z.object({
+        code: z.enum(["success"]),
+
+        accessToken: z.string(),
+        refreshToken: z.string(),
+        userData: z.object({
+          email: z.string(),
+          userId: z.string().uuid(),
+        }),
+      }),
+      z.object({
+        code: z.enum(["userNotFound"]),
+      }),
+      z.object({
+        code: z.enum(["passIsWrong"]),
+
+        triesRemained: z.number(),
+      }),
+      z.object({
+        code: z.enum(["tooManyTries"]),
+
+        unblockingDate: z.string().datetime(),
+      }),
+    ]),
+  };
+
+  // /auth/logout
+  public POST_Logout = {
+    res: z.object({
+      code: z.enum(["success"]),
+    }),
+  };
+
+  // /auth/logout-all-devices
+  public POST_LogoutAllDevices = {
+    res: z.object({
+      code: z.enum(["success"]),
+    }),
+  };
+
+  // /auth/refresh
+  public POST_Refresh = {
+    res: z.object({
+      code: z.enum(["success"]),
+
+      accessToken: z.string(),
+      refreshToken: z.string(),
+      userData: z.object({
+        email: z.string().email(),
+        userId: z.string().uuid(),
+      }),
+    }),
+  };
+}
+export const AuthApi = new authApi();
+
+class companiesApi {
+  POST_Company = {
+    req: z.object({
+      name: z.string(),
+      timezone: z.string(),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+    }),
+  };
+
+  GET_UserCompanies = {
+    res: z.object({
+      code: z.enum(["success"]),
+      companies: z.array(
+        z.object({
+          companyId: z.string().uuid(),
+          name: z.string(),
+          timezone: z.string(),
+        }),
+      ),
+    }),
+  };
+
+  GET_Company = {
+    req: z.object({
+      companyId: z.string().uuid(),
+    }),
+
+    res: z.object({
+      code: z.enum(["success"]),
+
+      company: z.object({
+        companyId: z.string().uuid(),
+        name: z.string(),
+        ownerId: z.string().uuid(),
+        timezone: z.string(),
+
+        events: z.array(
+          z.object({
+            eventId: z.string().uuid(),
+            localName: z.string(),
+            timezone: z.string(),
+            companyId: z.string().uuid(),
+            dates: z.array(z.string().datetime()),
+          }),
+        ),
+      }),
+    }),
+  };
+}
+export const CompaniesApi = new companiesApi();
+
+class eventsManagementApi {
+  POST_Event = {
+    req: z.object({
+      localName: z.string(),
+      timezone: z.string().optional(),
+      dates: z.array(z.string()),
+      companyId: z.string().uuid(),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+      eventId: z.string().uuid(),
+    }),
+  };
+
+  GET_Event = {
+    req: z.object({ eventId: z.string().uuid() }).strict(),
+    res: z.object({
+      code: z.enum(["success"]),
+      event: z.object({
+        eventId: z.string().uuid(),
+        localName: z.string(),
+        timezone: z.string(),
+        dates: z.array(z.string().datetime()),
+        programPoints: z.array(
+          z.object({
+            programPointId: z.string().uuid(),
+            name: z.string(),
+            startDate: z.string().datetime(),
+            endDate: z.string().datetime(),
+            roomId: z.string().uuid().nullable(),
+            isInternal: z.boolean(),
+          }),
+        ),
+
+        rooms: z.array(
+          z.object({
+            roomId: z.string().uuid(),
+            name: z.string(),
+          }),
+        ),
+
+        taskBlocks: z.array(
+          z.object({
+            taskBlockId: z.string().uuid(),
+            name: z.string(),
+          }),
+        ),
+
+        managers: z.array(
+          z.object({
+            userId: z.string().uuid(),
+            name: z.string(),
+            email: z.string().email(),
+          }),
+        ),
+
+        roles: z.array(
+          z.object({
+            roleId: z.string().uuid(),
+            name: z.string(),
+          }),
+        ),
+      }),
+    }),
+  };
+
+  POST_ProgramPoint = {
+    req: z.object({
+      eventId: z.string().uuid(),
+
+      name: z.string(),
+      startDate: z.string(),
+      endDate: z.string(),
+      roomId: z.string().uuid().nullable(),
+      isInternal: z.boolean(),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+      programPointId: z.string().uuid(),
+    }),
+  };
+
+  PATCH_Event = {
+    req: z.object({
+      eventId: z.string().uuid(),
+
+      localName: z.string().optional(),
+      timezone: z.string().optional(),
+      dates: z.array(z.string()).optional(),
+
+      programPoint: z
+        .object({
+          programPointId: z.string().uuid(),
+          name: z.string(),
+          startDate: z.string(),
+          endDate: z.string(),
+          roomId: z.string().uuid().nullable(),
+        })
+        .optional(),
+
+      role: z
+        .object({
+          roleId: z.string().uuid(),
+          name: z.string(),
+        })
+        .optional(),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+    }),
+  };
+
+  POST_Role = {
+    req: z.object({
+      eventId: z.string().uuid(),
+      name: z.string(),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+      roleId: z.string().uuid(),
+    }),
+  };
+}
+
+export const EventsManagementApi = new eventsManagementApi();
+
+class locationsManagementApi {
+  POST_Location = {
+    req: z.object({
+      name: z.string(),
+      eventId: z.string().uuid(),
+      rooms: z.array(
+        z.object({
+          name: z.string(),
+          parentId: z.string().uuid().nullable(),
+        }),
+      ),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+      locationId: z.string().uuid(),
+    }),
+  };
+
+  GET_EventLocations = {
+    req: z.object({
+      eventId: z.string().uuid(),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+      locations: z.array(
+        z.object({
+          locationId: z.string().uuid(),
+          name: z.string(),
+          rooms: z.array(
+            z.object({
+              roomId: z.string().uuid(),
+              name: z.string(),
+              parentId: z.string().uuid().nullable(),
+            }),
+          ),
+        }),
+      ),
+    }),
+  };
+}
+
+export const LocationsManagementApi = new locationsManagementApi();
+
+class tasksManagementApi {
+  POST_TaskBlock = {
+    req: z.object({
+      eventId: z.string().uuid(),
+      name: z.string(),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+    }),
+  };
+
+  PATCH_TaskBlock = {
+    req: z.object({
+      taskBlockId: z.string().uuid(),
+      name: z.string(),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+    }),
+  };
+
+  POST_Task = {
+    req: z.object({
+      name: z.string(),
+      startDate: z.string().nullable(),
+      endDate: z.string().nullable(),
+      accountableId: z.string().uuid().nullable(),
+      isTodo: z.boolean(),
+      programPointId: z.string().uuid().nullable(),
+      roomId: z.string().uuid().nullable(),
+      taskBlockId: z.string().uuid(),
+      executors: z.array(z.string()),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+    }),
+  };
+
+  PATCH_Task = {
+    req: z.object({
+      taskId: z.string().uuid(),
+
+      name: z.string().optional(),
+      startDate: z.string().nullable().optional(),
+      endDate: z.string().nullable().optional(),
+      accountableId: z.string().uuid().nullable().optional(),
+      isTodo: z.boolean().optional(),
+      programPointId: z.string().uuid().nullable().optional(),
+      roomId: z.string().uuid().nullable().optional(),
+      executors: z.array(z.string()).optional(),
+    }),
+    res: z.object({
+      code: z.enum(["success"]),
+    }),
+  };
+
+  GET_TaskBlock = {
+    req: z.object({ taskBlockId: z.string().uuid() }).strict(),
+    res: z.object({
+      code: z.enum(["success"]),
+      taskBlockId: z.string().uuid(),
+      name: z.string(),
+      tasks: z.array(
+        z.object({
+          taskId: z.string().uuid(),
+          name: z.string(),
+          startDate: z.string().datetime().nullable(),
+          endDate: z.string().datetime().nullable(),
+          accountableId: z.string().uuid().nullable(),
+          isTodo: z.boolean(),
+          programPointId: z.string().uuid().nullable(),
+          roomId: z.string().uuid().nullable(),
+          taskBlockId: z.string().uuid(),
+          executors: z.array(z.string()),
+        }),
+      ),
+    }),
+  };
+}
+
+export const TasksManagementApi = new tasksManagementApi();

src/api/auth-api.ts

@@ -1,87 +0,0 @@
-import { z } from "zod";
-
-class authApi {
-  // /auth/registration
-  public ZRegistration = {
-    req: z.object({
-      email: z.string().email(),
-    }),
-    res: z.object({
-      code: z.enum(["pinIsSent", "pinIsNotSent", "alreadyExists"]),
-      transactionId: z.string().uuid().optional(),
-    }),
-  };
-
-  // /auth/confirm-registration
-  public ZConfirmRegistration = {
-    req: z.object({
-      password: z.string(),
-      name: z.string(),
-      transactionId: z.string().uuid(),
-      confirmPin: z.number().min(1000).max(9999),
-    }),
-    res: z.discriminatedUnion("code", [
-      z.object({
-        code: z.literal("registered"),
-        userData: z.object({
-          accessToken: z.string(),
-          refreshToken: z.string(),
-          email: z.string().email(),
-          userId: z.string().uuid(),
-        }),
-      }),
-      z.object({ code: z.literal("pinIsWrong"), triesRemained: z.number() }),
-      z.object({ code: z.literal("pinIsRotten") }),
-      z.object({ code: z.literal("tooManyTries") }),
-    ]),
-  };
-
-  // /auth/login
-  public ZLogin = {
-    req: z.object({
-      email: z.string().email(),
-      password: z.string(),
-    }),
-    res: z.object({
-      code: z.enum(["userNotFound", "passIsWrong", "tooManyTries", "success"]),
-      triesRemained: z.number().optional(),
-      userData: z
-        .object({
-          accessToken: z.string(),
-          refreshToken: z.string(),
-          email: z.string().email(),
-          userId: z.string().uuid(),
-        })
-        .optional(),
-    }),
-  };
-
-  // /auth/logout
-  public ZLogout = {
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-
-  // /auth/logout-all-devices
-  public ZLogoutAllDevices = {
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-
-  // /auth/refresh
-  public ZRefresh = {
-    res: z.object({
-      code: z.enum(["success"]),
-      userData: z.object({
-        accessToken: z.string(),
-        refreshToken: z.string(),
-        email: z.string().email(),
-        userId: z.string().uuid(),
-      }),
-    }),
-  };
-}
-
-export const AuthApi = new authApi();

src/api/companies-management-api.ts

@@ -1,99 +0,0 @@
-import { z } from "zod";
-
-class companyManagementApi {
-  // /companies-management/create-company
-  ZCreateCompany = {
-    req: z.object({
-      name: z.string(),
-      timezone: z.string(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-
-  // /companies-management/get-user-companies
-  ZGetUserCompanies = {
-    res: z.object({
-      code: z.enum(["success"]),
-      companies: z.array(
-        z.object({
-          company_id: z.string().uuid(),
-          name: z.string(),
-          owner_id: z.string().uuid(),
-          timezone: z.string(),
-        }),
-      ),
-    }),
-  };
-
-  ZGetCompany = {
-    req: z.object({
-      companyId: z.string().uuid(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-      company: z.object({
-        company_id: z.string().uuid(),
-        name: z.string(),
-        owner_id: z.string().uuid(),
-        timezone: z.string(),
-
-        events: z.array(
-          z.object({
-            event_id: z.string().uuid(),
-            local_name: z.string(),
-            timezone: z.string(),
-            company_id: z.string().uuid(),
-            dates: z.array(z.date()),
-          }),
-        ),
-
-        employees: z.array(
-          z.object({
-            user_id: z.string().uuid(),
-            user_name: z.string(),
-            role_id: z.string().uuid(),
-            role_name: z.string(),
-          }),
-        ),
-      }),
-    }),
-  };
-
-  ZGetCompanyByEvent = {
-    req: z.object({
-      eventId: z.string().uuid(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-      company: z.object({
-        company_id: z.string().uuid(),
-        name: z.string(),
-        owner_id: z.string().uuid(),
-        timezone: z.string(),
-
-        events: z.array(
-          z.object({
-            event_id: z.string().uuid(),
-            local_name: z.string(),
-            timezone: z.string(),
-            company_id: z.string().uuid(),
-            dates: z.array(z.date()),
-          }),
-        ),
-
-        employees: z.array(
-          z.object({
-            user_id: z.string().uuid(),
-            user_name: z.string(),
-            role_id: z.string().uuid(),
-            role_name: z.string(),
-          }),
-        ),
-      }),
-    }),
-  };
-}
-
-export const CompanyManagementApi = new companyManagementApi();

src/api/events-management-api.ts

@@ -1,142 +0,0 @@
-import { z } from "zod";
-
-class eventsManagementApi {
-  ZCreateEvent = {
-    req: z.object({
-      localName: z.string(),
-      timezone: z.string().optional(),
-      dates: z.array(z.string()),
-      companyId: z.string().uuid(),
-      rolesToAdd: z.array(
-        z.object({
-          roleId: z.string().uuid(),
-          name: z.string(),
-          description: z.string(),
-          permissions: z.array(
-            z.object({
-              permissionId: z.string(),
-              permissionValueId: z.string(),
-            }),
-          ),
-        }),
-      ),
-      staff: z.array(
-        z.object({
-          userId: z.string().uuid(),
-          roleId: z.string().uuid(),
-        }),
-      ),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-      event_id: z.string().uuid(),
-    }),
-  };
-
-  ZGetEventSystemRoles = {
-    res: z.object({
-      code: z.enum(["success"]),
-      roles: z.array(
-        z.object({
-          role_id: z.string().uuid(),
-          name: z.string(),
-          description: z.string(),
-        }),
-      ),
-    }),
-  };
-
-  ZGetEvent = {
-    req: z.object({ eventId: z.string().uuid() }).strict(),
-    res: z.object({
-      code: z.enum(["success"]),
-      event: z.object({
-        event_id: z.string().uuid(),
-        local_name: z.string(),
-        timezone: z.string(),
-        dates: z.array(z.date()),
-        programPoints: z.array(
-          z.object({
-            program_point_id: z.string().uuid(),
-            name: z.string(),
-            start_date: z.date(),
-            end_date: z.date(),
-            room_id: z.string().uuid().nullable(),
-            is_internal: z.boolean(),
-          }),
-        ),
-
-        rooms: z.array(
-          z.object({
-            room_id: z.string().uuid(),
-            name: z.string(),
-          }),
-        ),
-
-        taskBlocks: z.array(
-          z.object({
-            task_block_id: z.string().uuid(),
-            name: z.string(),
-          }),
-        ),
-
-        staff: z.array(
-          z.object({
-            user_id: z.string().uuid(),
-            name: z.string(),
-            role_id: z.string().uuid(),
-            role_name: z.string(),
-          }),
-        ),
-
-        roles: z.array(
-          z.object({
-            role_id: z.string().uuid(),
-            name: z.string(),
-            description: z.string(),
-            is_system: z.boolean(),
-          }),
-        ),
-      }),
-    }),
-  };
-
-  ZCreateProgramPoint = {
-    req: z.object({
-      eventId: z.string().uuid(),
-
-      name: z.string(),
-      startDate: z.string(),
-      endDate: z.string(),
-      roomId: z.string().uuid().nullable(),
-      isInternal: z.boolean(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-
-  ZUpdateEvent = {
-    req: z.object({
-      eventId: z.string().uuid(),
-      localName: z.string().optional(),
-      timezone: z.string().optional(),
-      dates: z.array(z.string()).optional(),
-
-      programPoint: z
-        .object({
-          programPointId: z.string().uuid(),
-          name: z.string(),
-          startDate: z.string(),
-          endDate: z.string(),
-          roomId: z.string().uuid().nullable(),
-        })
-        .optional(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-}
-
-export const EventsManagementApi = new eventsManagementApi();

src/api/locations-management-api.ts

@@ -1,43 +0,0 @@
-import { z } from "zod";
-
-class locationsManagementApi {
-  ZCreateLocation = {
-    req: z.object({
-      name: z.string(),
-      eventId: z.string().uuid(),
-      rooms: z.array(
-        z.object({
-          name: z.string(),
-          parentId: z.string().uuid().nullable(),
-        }),
-      ),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-
-  ZGetEventLocations = {
-    req: z.object({
-      eventId: z.string().uuid(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-      locations: z.array(
-        z.object({
-          location_id: z.string().uuid(),
-          name: z.string(),
-          rooms: z.array(
-            z.object({
-              room_id: z.string().uuid(),
-              name: z.string(),
-              parent_id: z.string().uuid().nullable(),
-            }),
-          ),
-        }),
-      ),
-    }),
-  };
-}
-
-export const LocationsManagementApi = new locationsManagementApi();

src/api/permissions-api.ts

@@ -1,41 +0,0 @@
-import { z } from "zod";
-
-class permissionsApi {
-  private ZEntityPermission = z.object({
-    permission_id: z.string().uuid(),
-    possible_entity_type: z.string(),
-    overrided_permission_value_id: z.string().uuid(),
-  });
-
-  private ZEntity = z.lazy(() =>
-    z.object({
-      current_entity_id: z.string(),
-      current_entity_type_id: z.string(),
-      entity_permissions: z.array(this.ZEntityPermission),
-      children: z.array(this.ZEntity).optional(),
-    }),
-  );
-
-  ZRole = z.object({
-    role_id: z.string().uuid(),
-    entities: z.array(this.ZEntity),
-  });
-
-  // private ZShortEventRole = z.object({
-  //     role_id: z.string().uuid(),
-  //     name: z.string(),
-  //     description: z.string(),
-  // });
-
-  public ZGetRolePermissions = {
-    req: z.object({
-      roleId: z.string().uuid(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-      role: this.ZRole,
-    }),
-  };
-}
-
-export const PermissionsApi = new permissionsApi();

src/api/tasks-management-api.ts

@@ -1,84 +0,0 @@
-import { z } from "zod";
-
-class tasksManagementApi {
-  ZCreateTaskBlock = {
-    req: z.object({
-      eventId: z.string().uuid(),
-      name: z.string(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-
-  ZUpdateTaskBlock = {
-    req: z.object({
-      taskBlockId: z.string().uuid(),
-      name: z.string(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-
-  ZCreateTask = {
-    req: z.object({
-      name: z.string(),
-      startDate: z.string().nullable(),
-      endDate: z.string().nullable(),
-      accountableId: z.string().uuid().nullable(),
-      isTodo: z.boolean(),
-      programPointId: z.string().uuid().nullable(),
-      roomId: z.string().uuid().nullable(),
-      taskBlockId: z.string().uuid(),
-      executors: z.array(z.string()),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-
-  ZUpdateTask = {
-    req: z.object({
-      taskId: z.string().uuid(),
-
-      name: z.string().optional(),
-      startDate: z.string().nullable().optional(),
-      endDate: z.string().nullable().optional(),
-      // TODO: сделать optional на фронте
-      accountableId: z.string().uuid().nullable().optional(),
-      isTodo: z.boolean().optional(),
-      programPointId: z.string().uuid().nullable().optional(),
-      roomId: z.string().uuid().nullable().optional(),
-      executors: z.array(z.string()).optional(),
-    }),
-    res: z.object({
-      code: z.enum(["success"]),
-    }),
-  };
-
-  ZGetBlockTasks = {
-    req: z.object({ taskBlockId: z.string().uuid() }).strict(),
-    res: z.object({
-      code: z.enum(["success"]),
-      task_block_id: z.string().uuid(),
-      name: z.string(),
-      tasks: z.array(
-        z.object({
-          task_id: z.string().uuid(),
-          name: z.string(),
-          start_date: z.date().nullable(),
-          end_date: z.date().nullable(),
-          accountable_id: z.string().uuid().nullable(),
-          is_todo: z.boolean(),
-          program_point_id: z.string().uuid().nullable(),
-          room_id: z.string().uuid().nullable(),
-          task_block_id: z.string().uuid(),
-          executors: z.array(z.string()),
-        }),
-      ),
-    }),
-  };
-}
-
-export const TasksManagementApi = new tasksManagementApi();

src/db/db-interrceptors.ts

@@ -7,7 +7,6 @@ import {
 } from "slonik";
 
 import { logger } from "../plugins/logger.js";
-import { ApiError } from "#exceptions/api-error.js";
 import { UnexpectedError } from "#exceptions/unexpected-errors.js";
 
 export const createLoggerInterceptor = (): Interceptor => {

src/db/db-service.ts

@@ -2,9 +2,13 @@ import { db } from "#db";
 
 import { sql } from "slonik";
 import { z } from "zod";
-import { ZDbShema } from "./db-shema.js";
+import { DbShema } from "./db-shema.js";
 import { logger } from "#logger";
 
+function camelToSnake(str: string) {
+  return str.replace(/([A-Z])/g, "_$1").toLowerCase();
+}
+
 // база данных
 class DbService {
   async checkDbShema() {
@@ -35,19 +39,19 @@ class DbService {
             c.column_name;
         `);
 
-    logger.silly("Текущая бд: ", dbColumns, "Необходимая БД: ", ZDbShema);
+    logger.silly("Текущая бд: ", dbColumns, "Необходимая БД: ", DbShema);
 
     // перебор схем
-    for (const shema in ZDbShema) {
+    for (const shema in DbShema) {
       // перебор таблиц
-      for (const table in ZDbShema[shema]) {
+      for (const table in DbShema[shema]) {
         // перебор столбцов
-        for (const column in ZDbShema[shema][table]) {
+        for (const column in DbShema[shema][table]) {
           const foundColumn = dbColumns.find(
             (c) =>
-              c.table_schema === shema &&
-              c.table_name === table &&
-              c.column_name === column,
+              c.table_schema === camelToSnake(shema) &&
+              c.table_name === camelToSnake(table) &&
+              c.column_name === camelToSnake(column),
           );
 
           // если нет столбца

src/db/db-shema.ts

@@ -1,171 +1,128 @@
 import { z } from "zod";
 
-const ZDbShema = {
-  events_management: {
-    events: {
-      event_id: z.string().uuid(),
-      local_name: z.string(),
-      timezone: z.string(),
-      company_id: z.string().uuid(),
+const DbShema = {
+  ev: {
+    eventDates: {
+      eventId: z.string().uuid(),
+      date: z.string().datetime(),
     },
-
-    event_dates: {
-      event_id: z.string().uuid(),
-      date: z.date(),
+    eventLocations: {
+      eventId: z.string().uuid(),
+      locationId: z.string().uuid(),
     },
-
-    program_points: {
-      program_point_id: z.string().uuid(),
-      name: z.string().min(1),
-      start_date: z.date(),
-      end_date: z.date(),
-      event_id: z.string().uuid(),
-      room_id: z.string().uuid().nullable(),
-      group: z.string(),
-      is_internal: z.boolean(),
+    eventManagers: {
+      eventId: z.string().uuid(),
+      userId: z.string().uuid(),
     },
-  },
-
-  companies_management: {
-    companies: {
-      company_id: z.string().uuid(),
-      name: z.string(),
-      owner_id: z.string().uuid(),
+    events: {
+      eventId: z.string().uuid(),
+      localName: z.string(),
       timezone: z.string(),
+      companyId: z.string().uuid(),
     },
-  },
-
-  tasks_management: {
-    tasks: {
-      task_id: z.string().uuid(),
-      name: z.string(),
-      start_date: z.date().nullable(),
-      end_date: z.date().nullable(),
-      accountable_id: z.string().uuid().nullable(),
-      is_todo: z.boolean(),
-      program_point_id: z.string().uuid().nullable(),
-      room_id: z.string().uuid().nullable(),
-      task_block_id: z.string().uuid(),
-    },
-
-    task_blocks: {
-      task_block_id: z.string().uuid(),
-      name: z.string(),
-      event_id: z.string().uuid(),
-    },
-
-    task_executors: {
-      task_id: z.string().uuid(),
-      user_id: z.string().uuid(),
-    },
-  },
-
-  locations_management: {
     locations: {
-      location_id: z.string().uuid(),
+      locationId: z.string().uuid(),
       name: z.string(),
-      event_id: z.string().uuid(),
+      eventId: z.string().uuid(),
     },
-
-    rooms: {
-      room_id: z.string().uuid(),
+    perms: {
+      permId: z.string(),
       name: z.string(),
-      location_id: z.string().uuid(),
-      parent_id: z.string().uuid().nullable(),
-    },
-
-    event_locations: {
-      event_id: z.string().uuid(),
-      location_id: z.string().uuid(),
+      defaultValue: z.boolean(),
     },
-  },
-
-  users_management: {
-    users: {
-      user_id: z.string().uuid(),
-      email: z.string().email(),
-      name: z.string(),
-      password: z.string(),
-      wrong_pass_tries: z.number(),
+    programPoints: {
+      programPointId: z.string().uuid(),
+      name: z.string().min(1),
+      startDate: z.string().datetime(),
+      endDate: z.string().datetime(),
+      eventId: z.string().uuid(),
+      roomId: z.string().uuid().nullable(),
+      group: z.string(),
+      isInternal: z.boolean(),
     },
-
-    user_refresh_tokens: {
-      refresh_token: z.string(),
-      user_id: z.string().uuid(),
+    roleTokens: {
+      token: z.string().uuid(),
+      roleId: z.string().uuid(),
+      capacity: z.number(),
     },
-
-    confirm_pins: {
-      transaction_id: z.string().uuid(),
-      email: z.string().email(),
-      confirm_pin: z.number().min(1000).max(9999),
-      create_time: z.date(),
-      wrong_pin_tries: z.number(),
+    roleTokenConnections: {
+      connectionId: z.string().uuid(),
+      token: z.string().uuid(),
+      username: z.string(),
     },
-  },
-
-  permissions_management: {
-    user_roles: {
-      user_id: z.string().uuid(),
-      role_id: z.string().uuid(),
-      entity_id: z.string().uuid(),
+    roles: {
+      roleId: z.string().uuid(),
+      eventId: z.string().uuid(),
+      name: z.string(),
     },
-
-    non_default_roles_overrides: {
-      entity_id: z.string().uuid(),
-      role_id: z.string().uuid(),
-      permission_id: z.string(),
-      permission_value_id: z.string(),
+    rolesOverrides: {
+      roleId: z.string().uuid(),
+      permId: z.string(),
+      newValue: z.boolean(),
     },
-
-    roles: {
-      role_id: z.string().uuid(),
+    rooms: {
+      roomId: z.string().uuid(),
       name: z.string(),
-      description: z.string(),
-      entity_id: z.string().uuid().nullable(),
-      entity_type_id: z.string(),
-      is_system: z.boolean(),
+      locationId: z.string().uuid(),
+      parentId: z.string().uuid().nullable(),
     },
-
-    permissions: {
-      permission_id: z.string().uuid(),
+    taskBlocks: {
+      taskBlockId: z.string().uuid(),
       name: z.string(),
-      entity_type_id: z.string(),
+      eventId: z.string().uuid(),
     },
-
-    permission_values: {
-      permission_value_id: z.string(),
-      permission_id: z.string(),
+    taskExecutors: {
+      taskId: z.string().uuid(),
+      roleId: z.string().uuid(),
+    },
+    tasks: {
+      taskId: z.string().uuid(),
       name: z.string(),
-      is_default: z.boolean(),
-      parent_id: z.string().uuid().nullable(),
+      startDate: z.string().datetime().nullable(),
+      endDate: z.string().datetime().nullable(),
+      accountableId: z.string().uuid().nullable(),
+      isTodo: z.boolean(),
+      programPointId: z.string().uuid().nullable(),
+      roomId: z.string().uuid().nullable(),
+      taskBlockId: z.string().uuid(),
+      checklist: z.array(
+        z.object({
+          checklistItemId: z.string().uuid(),
+          name: z.string(),
+          isDone: z.boolean(),
+        }),
+      ),
     },
+  },
 
-    cached_user_permissions: {
-      user_id: z.string().uuid(),
-      entity_id: z.string().uuid(),
-      permission_id: z.string(),
-      permission_value_id: z.string(),
+  usr: {
+    companies: {
+      companyId: z.string().uuid(),
+      name: z.string(),
+      ownerId: z.string().uuid(),
+      timezone: z.string(),
     },
 
-    default_roles_overrides: {
-      role_id: z.string().uuid(),
-      permission_id: z.string(),
-      permission_value_id: z.string(),
+    confirmPins: {
+      transactionId: z.string().uuid(),
+      email: z.string().email(),
+      confirmPin: z.number().min(1000).max(9999),
+      createTime: z.string().datetime(),
+      wrongPinTries: z.number(),
     },
-  },
 
-  entities_management: {
-    entities: {
-      entity_id: z.string().uuid(),
-      entity_type_id: z.string(),
-      parent_id: z.string().uuid().nullable(),
+    userRefreshTokens: {
+      refreshToken: z.string(),
+      userId: z.string().uuid(),
     },
-
-    entity_types: {
-      entity_type_id: z.string().uuid(),
+    users: {
+      userId: z.string().uuid(),
+      email: z.string().email(),
       name: z.string(),
+      password: z.string(),
+      wrongPassTries: z.number(),
     },
   },
 };
 
-export { ZDbShema };
+export { DbShema };

src/db/db.ts

@@ -5,6 +5,7 @@ import {
   createLoggerInterceptor,
 } from "./db-interrceptors.js";
 import { config } from "#config";
+import dayjs from "dayjs";
 
 const host = config.DB_HOST;
 const port = config.DB_PORT;
@@ -27,6 +28,12 @@ const pool = await createPool(
           return value === null ? value : Number(value);
         },
       },
+      {
+        name: "timestamp",
+        parse: (value) => {
+          return value === null ? value : dayjs.utc(value).toISOString();
+        },
+      },
     ],
   },
 ).then((p) => {

src/middlewares/error-middleware.ts

@@ -9,12 +9,12 @@ export default function (err, req, res, next) {
   if (err instanceof ApiError) {
     return res
       .status(err.status)
-      .json({ message: err.message, errors: err.errors });
+      .json({ message: err.message, err: err.errors });
   }
 
   if (err instanceof ZodError) {
-    logger.error({ message: "Ошибка валидации", err: err });
-    return res.status(400).json({ message: "Ошибка валидации", err: err });
+    logger.error({ message: "Ошибка валидации ZOD", err: err });
+    return res.status(400).json({ message: "Ошибка валидации ZOD", err: err });
   }
 
   if (err instanceof SchemaValidationError) {

src/modules/companies-management/companies-router.ts

@@ -5,11 +5,11 @@ export default router;
 
 // db
 import { db } from "#db";
-import { ZDbShema } from "#db-shema";
+import { DbShema } from "#db-shema";
 import { sql } from "slonik";
 
 // api
-import { CompanyManagementApi } from "#api/companies-management-api.js";
+import { CompaniesApi } from "#api";
 
 // error
 // import { ApiError } from "#exceptions/api-error.ts";
@@ -27,113 +27,79 @@ import { z } from "zod";
 import { v7 as uuidv7 } from "uuid";
 // import { logger } from "#logger";
 import { UserUtils } from "#utils/user-utils.js";
-import { EntityesService } from "#modules/entities-management/entityes-service.js";
 import { RouterUtils } from "#utils/router-utils.js";
 import { ApiError } from "#exceptions/api-error.js";
 import { CompaniesService } from "./companies-service.js";
-import { CheckPermissionsService } from "#modules/permissions-management/check-permissions-service.js";
-import { config } from "#config";
 
 dayjs.extend(utc);
 
-// TODO транзакции
-router.post("/create-company", async (req, res, next) => {
+// TODO: транзакции
+router.post("/company", async (req, res, next) => {
   try {
     // валидация запроса
-    const { name, timezone } = CompanyManagementApi.ZCreateCompany.req.parse(
-      req.body,
-    );
+    const { name, timezone } = CompaniesApi.POST_Company.req.parse(req.body);
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
     const companyId = uuidv7();
 
-    // entity
-    await EntityesService.createEntity(companyId, "company");
-
     // company
     await db.query(
       sql.unsafe`
-      insert into companies_management.companies
+      insert into usr.companies
         (company_id, name, owner_id, timezone)
       values
         (${companyId}, ${name}, ${userId}, ${timezone})`,
     );
 
-    // добавляем юзера в компанию
-    const MANAGER_ROLE_ID = config.COMPANY_DEFAULT_ROLE_MANAGER_ID;
-    if (!MANAGER_ROLE_ID) {
-      throw Error("COMPANY_DEFAULT_ROLE_MANAGER_ID is not defined");
-    }
-
-    await db.query(
-      sql.unsafe`
-      insert into permissions_management.user_roles
-        (user_id, role_id, entity_id)
-      values
-        (${userId}, ${MANAGER_ROLE_ID}, ${companyId})`,
-    );
-
-    RouterUtils.validAndSendResponse(
-      CompanyManagementApi.ZCreateCompany.res,
-      res,
-      { code: "success" },
-    );
+    RouterUtils.validAndSendResponse(CompaniesApi.POST_Company.res, res, {
+      code: "success",
+    });
   } catch (e) {
     next(e);
   }
 });
 
-router.post("/get-user-companies", async (req, res, next) => {
+router.get("/user-companies", async (req, res, next) => {
   try {
     const userId = UserUtils.getUserFromReq(req).userId;
 
     const companies = await db.any(
       sql.type(
         z.object({
-          company_id: ZDbShema.companies_management.companies.company_id,
-          name: ZDbShema.companies_management.companies.name,
-          owner_id: ZDbShema.companies_management.companies.owner_id,
-          timezone: ZDbShema.companies_management.companies.timezone,
+          companyId: DbShema.usr.companies.companyId,
+          name: DbShema.usr.companies.name,
+          timezone: DbShema.usr.companies.timezone,
         }),
       )`
         select
-          c.company_id,
+          c.company_id as "companyId",
           c."name",
-          c.owner_id,
           c.timezone
         from
-          companies_management.companies c
-        join permissions_management.cached_user_permissions cup on
-          c.company_id = cup.entity_id
+          usr.companies c
         where
-          cup.user_id = ${userId} and entity_type_id = 'company' and permission_id = 'view_company' and permission_value_id = 'view_company_true'
+          c.owner_id = ${userId}
         `,
     );
 
-    RouterUtils.validAndSendResponse(
-      CompanyManagementApi.ZGetUserCompanies.res,
-      res,
-      { code: "success", companies: [...companies] },
-    );
+    RouterUtils.validAndSendResponse(CompaniesApi.GET_UserCompanies.res, res, {
+      code: "success",
+      companies: [...companies],
+    });
   } catch (e) {
     next(e);
   }
 });
 
-router.post("/get-company", async (req, res, next) => {
+router.get("/company/:companyId", async (req, res, next) => {
   try {
     // валидация запроса
-    const { companyId } = CompanyManagementApi.ZGetCompany.req.parse(req.body);
+    const { companyId } = CompaniesApi.GET_Company.req.parse(req.params);
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
-    await CheckPermissionsService.checkEntityPermission(
-      companyId,
-      userId,
-      "view_company",
-      "view_company_true",
-    );
+    await CompaniesService.checkCompanyAccess(userId, companyId);
 
     const company = await CompaniesService.getCompanyById(companyId);
 
@@ -141,79 +107,12 @@ router.post("/get-company", async (req, res, next) => {
       throw ApiError.BadRequest("Company not found", "Компания не найдена");
     }
 
-    const REQUIRED_PERMISSION = "view_event_true";
+    const events = await CompaniesService.getCompanyEvents(companyId);
 
-    const events = await CompaniesService.getUserCompanyEvents(
-      userId,
-      company.company_id,
-      REQUIRED_PERMISSION,
-    );
-
-    RouterUtils.validAndSendResponse(
-      CompanyManagementApi.ZGetCompany.res,
-      res,
-      { code: "success", company: { ...company, events: [...events] } },
-    );
-  } catch (e) {
-    next(e);
-  }
-});
-
-router.post("/get-company-by-event", async (req, res, next) => {
-  try {
-    // валидация запроса
-    const { eventId } = CompanyManagementApi.ZGetCompanyByEvent.req.parse(
-      req.body,
-    );
-
-    const userId = UserUtils.getUserFromReq(req).userId;
-
-    await CheckPermissionsService.checkEntityPermission(
-      eventId,
-      userId,
-      "view_event",
-      "view_event_true",
-    );
-
-    const companyId = await db.maybeOneFirst(
-      sql.type(
-        z.object({
-          company_id: ZDbShema.companies_management.companies.company_id,
-        }),
-      )`
-        select
-          c.company_id
-        from
-          companies_management.companies c
-        join events_management.events e on
-          c.company_id = e.company_id
-        where
-          e.event_id = ${eventId} 
-      `,
-    );
-    if (!companyId) {
-      throw ApiError.BadRequest("Company not found", "Компания не найдена");
-    }
-
-    const company = await CompaniesService.getCompanyById(companyId);
-
-    if (!company) {
-      throw ApiError.BadRequest("Company not found", "Компания не найдена");
-    }
-
-    const REQUIRED_PERMISSION = "view_event_true";
-
-    const events = await CompaniesService.getUserCompanyEvents(
-      userId,
-      company.company_id,
-      REQUIRED_PERMISSION,
-    );
-
-    RouterUtils.validAndSendResponse(
-      CompanyManagementApi.ZGetCompanyByEvent.res,
-      res,
-      { code: "success", company: { ...company, events: [...events] } },
-    );
+    RouterUtils.validAndSendResponse(CompaniesApi.GET_Company.res, res, {
+      code: "success",
+      company: { ...company, events: [...events] },
+    });
   } catch (e) {
     next(e);
   }

src/modules/companies-management/companies-service.ts

@@ -3,45 +3,67 @@
 import { db } from "#db";
 import { sql } from "slonik";
 import { z } from "zod";
-import { ZDbShema } from "#db/db-shema.js";
+import { DbShema } from "#db/db-shema.js";
+import { ApiError } from "#exceptions/api-error.js";
 
 class companiesService {
-  async getUserCompanyEvents(
-    userId: string,
-    companyId: string,
-    requiredPermission: string,
-  ) {
-    const DbEventsTypes = ZDbShema.events_management.events;
+  async checkCompanyAccess(userId: string, companyId: string) {
+    const companyData = await db.maybeOne(
+      sql.type(
+        z.object({
+          name: DbShema.usr.companies.name,
+          timezone: DbShema.usr.companies.timezone,
+        }),
+      )`
+    select 
+      name,
+      timezone
+    from 
+      usr.companies
+    where
+      company_id = ${companyId} and
+      owner_id = ${userId}
+    limit 1
+      `,
+    );
+
+    if (!companyData) {
+      throw ApiError.ForbiddenError();
+    }
+
+    return {
+      comapnyId: companyId,
+      ownerId: userId,
+      name: companyData.name,
+      timezone: companyData.timezone,
+    };
+  }
+
+  async getCompanyEvents(companyId: string) {
     const events = await db.any(
       sql.type(
         z.object({
-          event_id: DbEventsTypes.event_id,
-          local_name: DbEventsTypes.local_name,
-          timezone: DbEventsTypes.timezone,
-          company_id: DbEventsTypes.company_id,
-          dates: z.array(ZDbShema.events_management.event_dates.date),
+          eventId: DbShema.ev.events.eventId,
+          localName: DbShema.ev.events.localName,
+          timezone: DbShema.ev.events.timezone,
+          companyId: DbShema.ev.events.companyId,
+          dates: z.array(DbShema.ev.eventDates.date),
         }),
       )`
         SELECT
-          e.event_id,
-          e.local_name,
+          e.event_id as "eventId",
+          e.local_name as "localName",
           e.timezone,
-          e.company_id,
+          e.company_id as "companyId",
           COALESCE(ARRAY_REMOVE(ARRAY_AGG(ed."date"), NULL), '{}') AS dates
         FROM
-          events_management.events e
-        JOIN 
-          permissions_management.cached_user_permissions cup 
-        ON
-          e.event_id = cup.entity_id
-        LEFT JOIN 
-          events_management.event_dates ed 
+          ev.events e
+        LEFT JOIN
+          ev.event_dates ed
         ON
           e.event_id = ed.event_id
         WHERE
           e.company_id = ${companyId}
-          AND cup.user_id = ${userId}
-          AND cup.permission_value_id = ${requiredPermission}
         GROUP BY
           e.event_id,
           e.local_name,
@@ -57,54 +79,21 @@ class companiesService {
     const company = await db.maybeOne(
       sql.type(
         z.object({
-          company_id: ZDbShema.companies_management.companies.company_id,
-          name: ZDbShema.companies_management.companies.name,
-          owner_id: ZDbShema.companies_management.companies.owner_id,
-          timezone: ZDbShema.companies_management.companies.timezone,
-          employees: z.array(
-            z.object({
-              user_id: ZDbShema.permissions_management.user_roles.user_id,
-              user_name: ZDbShema.users_management.users.name,
-              role_id: ZDbShema.permissions_management.user_roles.role_id,
-              role_name: ZDbShema.permissions_management.roles.name,
-            }),
-          ),
+          companyId: DbShema.usr.companies.companyId,
+          name: DbShema.usr.companies.name,
+          ownerId: DbShema.usr.companies.ownerId,
+          timezone: DbShema.usr.companies.timezone,
         }),
       )`
         select
-          c.company_id,
+          c.company_id as "companyId",
           c."name",
-          c.owner_id,
-          c.timezone,
-          coalesce(
-                      json_agg(
-                        json_build_object(
-            'user_id',
-          ur.user_id,
-          'user_name',
-          u.name,
-          'role_id',
-          ur.role_id,
-          'role_name',
-          r."name" 
-                        )
-                      ) filter (
-        where
-          ur.user_id is not null),
-          '[]'::json
-                    ) as employees
+          c.owner_id as "ownerId",
+          c.timezone
         from
-          companies_management.companies c
-        left join permissions_management.user_roles ur on
-          c.company_id = ur.entity_id
-        join permissions_management.roles r on
-          ur.role_id = r.role_id
-        join users_management.users u on
-          ur.user_id = u.user_id
+          usr.companies c
         where
           c.company_id = ${companyId}
-        group by
-          c.company_id
         `,
     );
 

src/modules/entities-management/entityes-service.ts

@@ -1,20 +0,0 @@
-import { db } from "#db/db.js";
-import { sql } from "slonik";
-
-class entityesService {
-  async createEntity(
-    entityId: string,
-    entityTypeId: "company" | "event" | "task_block" | "task",
-    parentId?: string,
-  ) {
-    await db.query(
-      sql.unsafe`
-      insert into entities_management.entities 
-        (entity_id, entity_type_id, parent_id)
-      values 
-        (${entityId}, ${entityTypeId}, ${parentId || null})`,
-    );
-  }
-}
-
-export const EntityesService = new entityesService();

src/modules/events-management/events-router.ts

@@ -5,11 +5,11 @@ export default router;
 
 // db
 import { db } from "#db";
-import { ZDbShema } from "#db-shema";
+import { DbShema } from "#db-shema";
 import { sql } from "slonik";
 
 // api
-import { EventsManagementApi } from "#api/events-management-api.js";
+import { EventsManagementApi } from "#api";
 
 // error
 import { ApiError } from "#exceptions/api-error.ts";
@@ -27,62 +27,38 @@ import { z } from "zod";
 import { v7 as uuidv7 } from "uuid";
 // import { logger } from "#logger";
 import { UserUtils } from "#utils/user-utils.js";
-import { CheckPermissionsService } from "#modules/permissions-management/check-permissions-service.js";
-import { EntityesService } from "#modules/entities-management/entityes-service.js";
 import { RouterUtils } from "#utils/router-utils.js";
-import { AllPermissionsValues } from "#modules/permissions-management/permissions-types.js";
+import { CompaniesService } from "#modules/companies-management/companies-service.js";
+import { EventsService } from "./events-service.js";
 
 dayjs.extend(utc);
 
-router.post("/create-event", async (req, res, next) => {
+router.post("/event", async (req, res, next) => {
   try {
     // валидация запроса
-    const { localName, dates, timezone, companyId, rolesToAdd, staff } =
-      EventsManagementApi.ZCreateEvent.req.parse(req.body);
+    const { localName, dates, timezone, companyId } =
+      EventsManagementApi.POST_Event.req.parse(req.body);
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
-    // проверка прав
-    await CheckPermissionsService.checkEntityPermission(
-      companyId,
+    const company = await CompaniesService.checkCompanyAccess(
       userId,
-      "create_event",
-      "create_event_true",
+      companyId,
     );
 
     // если тз не указана, то ставим тз компании
     let tz = timezone;
     if (!tz) {
-      const userTz = (
-        await db.one(
-          sql.type(
-            z.object({
-              timezone: ZDbShema.companies_management.companies.timezone,
-            }),
-          )`
-          select 
-            timezone 
-          from 
-            companies_management.companies 
-          where 
-            company_id = ${companyId}`,
-        )
-      ).timezone;
-
-      tz = userTz;
+      tz = company.timezone;
     }
     //
 
     const eventId = uuidv7();
 
-    // создаём ентити
-    // TODO заменить на процедуру
-    await EntityesService.createEntity(eventId, "event");
-
     // создаём ивент
     await db.query(
       sql.unsafe`
-      insert into events_management.events 
+      insert into ev.events 
         (event_id, local_name, timezone, company_id) 
       values 
         (${eventId}, ${localName}, ${tz}, ${companyId})`,
@@ -92,129 +68,57 @@ router.post("/create-event", async (req, res, next) => {
     for (const date of dates) {
       await db.query(
         sql.unsafe`
-        insert into events_management.event_dates 
+        insert into ev.event_dates 
           (event_id, date) 
         values 
           (${eventId}, ${date})`,
       );
     }
 
-    // вставляем новые роли ивента
-    for (const role of rolesToAdd) {
-      // роль
-      await db.query(
-        sql.unsafe`
-        insert into 
-          permissions_management.roles
-        (role_id, name, description, entity_id, is_system)
-        values
-          (${role.roleId}, ${role.name}, ${role.description}, ${eventId}, false)`,
-      );
-
-      // права
-      for (const permission of role.permissions) {
-        await db.query(
-          sql.unsafe`
-          insert into permissions_management.non_default_roles_overrides
-            (entity_id, role_id, permission_id, permission_value_id)
-          values
-            (${eventId}, ${role.roleId}, ${permission.permissionId}, ${permission.permissionValueId})
-    `,
-        );
-      }
-    }
-
-    // добавляем юзеров
-
-    for (const user of staff) {
-      await db.query(
-        sql.unsafe`
-      insert into 
-        permissions_management.user_roles
-      (user_id, role_id, entity_id)
-      values
-        (${user.userId}, ${user.roleId}, ${eventId})`,
-      );
-    }
-
-    RouterUtils.validAndSendResponse(
-      EventsManagementApi.ZCreateEvent.res,
-      res,
-      {
-        code: "success",
-        event_id: eventId,
-      },
+    // менеджер
+    await db.query(
+      sql.unsafe`
+      insert into ev.event_managers 
+        (event_id, user_id) 
+      values 
+        (${eventId}, ${userId})`,
     );
-  } catch (e) {
-    next(e);
-  }
-});
-
-router.post("/get-event-system-roles", async (req, res, next) => {
-  try {
-    const systemRoles = await db.any(sql.type(
-      z.object({
-        role_id: ZDbShema.permissions_management.roles.role_id,
-        name: ZDbShema.permissions_management.roles.name,
-        description: ZDbShema.permissions_management.roles.description,
-      }),
-    )`
-      select
-        *
-      from
-        permissions_management.roles
-      where
-        is_system = true
-        and entity_type_id = 'event'
-    `);
 
-    RouterUtils.validAndSendResponse(
-      EventsManagementApi.ZGetEventSystemRoles.res,
-      res,
-      {
-        code: "success",
-        roles: [...systemRoles],
-      },
-    );
+    RouterUtils.validAndSendResponse(EventsManagementApi.POST_Event.res, res, {
+      code: "success",
+      eventId: eventId,
+    });
   } catch (e) {
     next(e);
   }
 });
 
-router.post("/get-event", async (req, res, next) => {
+router.get("/event/:eventId", async (req, res, next) => {
   try {
     // валидация запроса
-    const { eventId } = EventsManagementApi.ZGetEvent.req.parse(req.body);
+    const { eventId } = EventsManagementApi.GET_Event.req.parse(req.params);
     const userId = UserUtils.getUserFromReq(req).userId;
 
-    // проверка прав
-    await CheckPermissionsService.checkEntityPermission(
-      eventId,
-      userId,
-      "view_event",
-      "view_event_true",
-    );
+    await EventsService.checkEventAccess(userId, eventId);
 
-    // TODO проверить везде ARRAY_AGG
     // event
-    const DbEventsTypes = ZDbShema.events_management.events;
     const event = await db.maybeOne(
       sql.type(
         z.object({
-          event_id: DbEventsTypes.event_id,
-          local_name: DbEventsTypes.local_name,
-          timezone: DbEventsTypes.timezone,
-          dates: z.array(ZDbShema.events_management.event_dates.date),
+          eventId: DbShema.ev.events.eventId,
+          localName: DbShema.ev.events.localName,
+          timezone: DbShema.ev.events.timezone,
+          dates: z.array(DbShema.ev.eventDates.date),
         }),
       )`
           select
-            e.event_id,
-            e.local_name,
+            e.event_id as "eventId",
+            e.local_name as "localName",
             e.timezone,
             COALESCE(ARRAY_REMOVE(ARRAY_AGG(ed."date"), NULL), '{}') AS dates
           from
-            events_management.events e
-          left join events_management.event_dates ed on
+            ev.events e
+          left join ev.event_dates ed on
             e.event_id = ed.event_id
           where
             e.event_id = ${eventId}
@@ -224,147 +128,124 @@ router.post("/get-event", async (req, res, next) => {
             e.timezone;
         `,
     );
-
     if (!event) throw ApiError.BadRequest("EventNotFound", "Ивент не найден");
 
     // points
-    const DbPointsType = ZDbShema.events_management.program_points;
+    const DbPointsType = DbShema.ev.programPoints;
     const programPoints = await db.any(
       sql.type(
         z.object({
-          program_point_id: DbPointsType.program_point_id,
+          programPointId: DbPointsType.programPointId,
           name: DbPointsType.name,
-          start_date: DbPointsType.start_date,
-          end_date: DbPointsType.end_date,
-          room_id: DbPointsType.room_id,
-          is_internal: DbPointsType.is_internal,
+          startDate: DbPointsType.startDate,
+          endDate: DbPointsType.endDate,
+          roomId: DbPointsType.roomId,
+          isInternal: DbPointsType.isInternal,
         }),
       )`
         select
-          program_point_id,
+          program_point_id as "programPointId",
           name,
-          start_date,
-          end_date,
-          room_id,
-          is_internal
+          start_date as "startDate",
+          end_date as "endDate",
+          room_id as "roomId",
+          is_internal as "isInternal"
         from
-          events_management.program_points
+          ev.program_points
         where
           event_id = ${eventId}
         `,
     );
 
-    // комнаты ивента
-    const eventRoomsIds: string[] = programPoints
-      .map((point) => point.room_id)
-      .filter((roomId) => roomId !== null);
-
-    //
     // rooms
-    let rooms: readonly {
-      name: string;
-      room_id: string;
-    }[] = [];
-
-    // TODO ошибка в in?
-    if (eventRoomsIds.length > 0) {
-      rooms = await db.any(
-        sql.type(
-          z.object({
-            room_id: ZDbShema.locations_management.rooms.room_id,
-            name: ZDbShema.locations_management.rooms.name,
-            location_id: ZDbShema.locations_management.rooms.location_id,
-          }),
-        )`
+    const rooms = await db.any(
+      sql.type(
+        z.object({
+          roomId: DbShema.ev.rooms.roomId,
+          name: DbShema.ev.rooms.name,
+          locationId: DbShema.ev.rooms.locationId,
+        }),
+      )`
           select
-            room_id, name, location_id
+            r.room_id as "roomId", 
+            r.name, 
+            r.location_id as "locationId"
           from
-            locations_management.rooms
+            ev.rooms r
+          join ev.locations l on
+            l.location_id = r.location_id
           where
-            room_id in (${sql.join(eventRoomsIds, sql.fragment`, `)})
+            l.event_id = ${eventId}
           `,
-      );
-    }
+    );
 
     // task-blocks
-    // TODO вынести
-    const REQUIRED_TB_PERMISSION: AllPermissionsValues = "view_task_block_true";
+    // TODO: вынести
     const taskBlocks = await db.any(
       sql.type(
         z.object({
-          task_block_id: ZDbShema.tasks_management.task_blocks.task_block_id,
-          name: ZDbShema.tasks_management.task_blocks.name,
+          taskBlockId: DbShema.ev.taskBlocks.taskBlockId,
+          name: DbShema.ev.taskBlocks.name,
         }),
       )`
         select
-          tb.task_block_id,
+          tb.task_block_id as "taskBlockId",
           tb.name
         from
-          tasks_management.task_blocks tb
-          -- permissions
-        join permissions_management.cached_user_permissions cup on
-          tb.task_block_id = cup.entity_id
+          ev.task_blocks tb
         where
-          tb.event_id = ${eventId} and
-          cup.user_id = ${userId} and
-          cup.permission_value_id = ${REQUIRED_TB_PERMISSION}
+          tb.event_id = ${eventId}
         `,
     );
 
-    const staff = await db.any(
+    const managers = await db.any(
       sql.type(
         z.object({
-          user_id: ZDbShema.users_management.users.user_id,
-          name: ZDbShema.users_management.users.name,
-          role_id: ZDbShema.permissions_management.roles.role_id,
-          role_name: ZDbShema.permissions_management.roles.name,
+          userId: DbShema.ev.eventManagers.userId,
+          name: DbShema.usr.users.name,
+          email: DbShema.usr.users.email,
         }),
       )`
         select
-          u.user_id,
+          em.user_id as "userId",
           u.name,
-          ur.role_id,
-          r.name as role_name
-        from
-          users_management.users u
-        join permissions_management.user_roles ur on
-          u.user_id = ur.user_id
-        join permissions_management.roles r on
-          r.role_id = ur.role_id
-        where ur.entity_id = ${eventId}
+          u.email
+        from 
+          ev.event_managers em
+        join
+          usr.users u on
+          em.user_id = u.user_id
+        where
+          em.event_id = ${eventId}
         `,
     );
 
     const roles = await db.any(
       sql.type(
         z.object({
-          role_id: ZDbShema.permissions_management.roles.role_id,
-          name: ZDbShema.permissions_management.roles.name,
-          description: ZDbShema.permissions_management.roles.description,
-          is_system: ZDbShema.permissions_management.roles.is_system,
+          roleId: DbShema.ev.roles.roleId,
+          name: DbShema.ev.roles.name,
         }),
       )`
         select
-          r.role_id,
-          r.name,
-          r.description,
-          r.is_system
+          r.role_id as "roleId",
+          r.name
         from
-          permissions_management.roles r
+          ev.roles r
         where
-          entity_type_id = 'event' and (is_system or entity_id = ${eventId})
+          r.event_id = ${eventId}
         `,
     );
 
     // res
-    RouterUtils.validAndSendResponse(EventsManagementApi.ZGetEvent.res, res, {
+    RouterUtils.validAndSendResponse(EventsManagementApi.GET_Event.res, res, {
       code: "success",
       event: {
         ...event,
         programPoints: [...programPoints],
         rooms: [...rooms],
         taskBlocks: [...taskBlocks],
-        staff: [...staff],
+        managers: [...managers],
         roles: [...roles],
       },
     });
@@ -373,28 +254,22 @@ router.post("/get-event", async (req, res, next) => {
   }
 });
 
-router.post("/create-program-point", async (req, res, next) => {
+router.post("/program-point", async (req, res, next) => {
   try {
     // валидация запроса
     const { name, startDate, endDate, eventId, roomId, isInternal } =
-      EventsManagementApi.ZCreateProgramPoint.req.parse(req.body);
+      EventsManagementApi.POST_ProgramPoint.req.parse(req.body);
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
     // проверка прав
-    await CheckPermissionsService.checkEntityPermission(
-      eventId,
-      userId,
-      "edit_event",
-      "edit_event_true",
-    );
+    await EventsService.checkEventAccess(userId, eventId);
 
     const programPointId = uuidv7();
 
-    // event
     await db.query(
       sql.unsafe`
-        insert into events_management.program_points
+        insert into ev.program_points
           (program_point_id, name, start_date, end_date, room_id, event_id, is_internal)
         values
           (${programPointId}, ${name}, ${startDate}, ${endDate}, ${roomId}, ${eventId}, ${isInternal})
@@ -402,41 +277,37 @@ router.post("/create-program-point", async (req, res, next) => {
     );
 
     RouterUtils.validAndSendResponse(
-      EventsManagementApi.ZCreateProgramPoint.res,
+      EventsManagementApi.POST_ProgramPoint.res,
       res,
-      { code: "success" },
+      { code: "success", programPointId },
     );
   } catch (e) {
     next(e);
   }
 });
 
-router.post("/update-event", async (req, res, next) => {
+router.patch("/event", async (req, res, next) => {
   try {
     // валидация запроса
-    const { eventId, localName, dates, timezone, programPoint } =
-      EventsManagementApi.ZUpdateEvent.req.parse(req.body);
+    const { eventId, localName, dates, timezone, programPoint, role } =
+      EventsManagementApi.PATCH_Event.req.parse(req.body);
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
     // проверка прав
-    await CheckPermissionsService.checkEntityPermission(
-      eventId,
-      userId,
-      "edit_event",
-      "edit_event_true",
-    );
+    await EventsService.checkEventAccess(userId, eventId);
 
     // change localName, timezone
     await db.query(
       sql.unsafe`
-    update events_management.events
+    update ev.events
     set
       ${sql.join(
         [
           localName
             ? sql.unsafe`local_name = ${localName}`
             : sql.unsafe`local_name = local_name`,
+
           timezone
             ? sql.unsafe`timezone = ${timezone}`
             : sql.unsafe`timezone = timezone`,
@@ -451,7 +322,7 @@ router.post("/update-event", async (req, res, next) => {
     if (dates) {
       await db.query(
         sql.unsafe`
-        delete from events_management.event_dates
+        delete from ev.event_dates
         where
           event_id = ${eventId}`,
       );
@@ -459,7 +330,7 @@ router.post("/update-event", async (req, res, next) => {
       for (const date of dates) {
         await db.query(
           sql.unsafe`
-          insert into events_management.event_dates 
+          insert into ev.event_dates 
             (event_id, date) 
           values 
             (${eventId}, ${date})`,
@@ -467,10 +338,11 @@ router.post("/update-event", async (req, res, next) => {
       }
     }
 
+    // TODO: преверить безопасность pp и roles
     if (programPoint) {
       await db.query(
         sql.unsafe`
-        update events_management.program_points
+        update ev.program_points
         set
           name = ${programPoint.name},
           start_date = ${programPoint.startDate},
@@ -481,13 +353,50 @@ router.post("/update-event", async (req, res, next) => {
       );
     }
 
-    RouterUtils.validAndSendResponse(
-      EventsManagementApi.ZUpdateEvent.res,
-      res,
-      {
-        code: "success",
-      },
+    if (role) {
+      await db.query(
+        sql.unsafe`
+        update ev.roles
+        set
+          name = ${role.name}
+        where
+          role_id = ${role.roleId}`,
+      );
+    }
+
+    RouterUtils.validAndSendResponse(EventsManagementApi.PATCH_Event.res, res, {
+      code: "success",
+    });
+  } catch (e) {
+    next(e);
+  }
+});
+
+router.post("/role", async (req, res, next) => {
+  try {
+    // валидация запроса
+    const { name, eventId } = EventsManagementApi.POST_Role.req.parse(req.body);
+
+    const userId = UserUtils.getUserFromReq(req).userId;
+
+    // проверка прав
+    await EventsService.checkEventAccess(userId, eventId);
+
+    const roleId = uuidv7();
+
+    // create role
+    await db.query(
+      sql.unsafe`
+      insert into ev.roles
+        (role_id, name, event_id)
+      values
+        (${roleId}, ${name}, ${eventId})`,
     );
+
+    RouterUtils.validAndSendResponse(EventsManagementApi.POST_Role.res, res, {
+      code: "success",
+      roleId,
+    });
   } catch (e) {
     next(e);
   }

src/modules/events-management/events-service.ts

@@ -0,0 +1,86 @@
+// types
+
+import { db } from "#db";
+import { sql } from "slonik";
+import { ApiError } from "#exceptions/api-error.js";
+import { DbShema } from "#db/db-shema.js";
+import { z } from "zod";
+
+class eventsService {
+  async checkEventAccess(userId: string, eventId: string) {
+    const isExist = await db.exists(
+      sql.unsafe`
+      select 
+        1 
+      from 
+        ev.event_managers 
+      where
+        event_id = ${eventId} and
+        user_id = ${userId}
+        `,
+    );
+
+    if (!isExist) {
+      throw ApiError.ForbiddenError();
+    }
+
+    return true;
+  }
+
+  async getEventIdByOther({
+    taskBlockId,
+    taskId,
+  }: {
+    taskBlockId?: string;
+    taskId?: string;
+  }): Promise<string> {
+    if (taskBlockId) {
+      const eventId = await db.maybeOneFirst(
+        sql.type(z.object({ eventId: DbShema.ev.taskBlocks.eventId }))`
+        select
+          event_id as "eventId"
+        from
+          ev.task_blocks
+        where
+          task_block_id = ${taskBlockId}
+        `,
+      );
+
+      if (!eventId) {
+        throw ApiError.BadRequest("TaskBlockNotFound", "TaskBlockNotFound");
+      }
+
+      return eventId;
+    }
+
+    if (taskId) {
+      const taskBlockId = await db.maybeOneFirst(
+        sql.type(z.object({ taskBlockId: DbShema.ev.taskBlocks.taskBlockId }))`
+        select
+          task_block_id as "taskBlockId"
+        from
+          ev.tasks
+        where
+          task_id = ${taskId}
+        limit 1
+        `,
+      );
+
+      if (!taskBlockId)
+        throw ApiError.BadRequest("TaskNotFound", "TaskNotFound");
+
+      const eventId = this.getEventIdByOther({ taskBlockId });
+
+      if (!eventId) throw ApiError.BadRequest("TaskNotFound", "TaskNotFound");
+
+      return eventId;
+    }
+
+    throw ApiError.BadRequest(
+      "getEventIdByOther IncorrectParams",
+      "getEventIdByOther IncorrectParams",
+    );
+  }
+}
+
+export const EventsService = new eventsService();

src/modules/locations-management/locations-router.ts

@@ -5,7 +5,7 @@ export default router;
 
 // db
 import { db } from "#db";
-import { ZDbShema } from "#db-shema";
+import { DbShema } from "#db-shema";
 import { sql } from "slonik";
 
 // error
@@ -24,33 +24,28 @@ import { z } from "zod";
 import { v7 as uuidv7 } from "uuid";
 // import { logger } from "#logger";
 import { UserUtils } from "#utils/user-utils.js";
-import { LocationsManagementApi } from "#api/locations-management-api.js";
-import { CheckPermissionsService } from "#modules/permissions-management/check-permissions-service.js";
+import { LocationsManagementApi } from "#api";
 import { RouterUtils } from "#utils/router-utils.js";
+import { EventsService } from "#modules/events-management/events-service.js";
 
 dayjs.extend(utc);
 
-router.post("/create-location", async (req, res, next) => {
+router.post("/location", async (req, res, next) => {
   try {
     // валидация запроса
     const { name, eventId, rooms } =
-      LocationsManagementApi.ZCreateLocation.req.parse(req.body);
+      LocationsManagementApi.POST_Location.req.parse(req.body);
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
-    await CheckPermissionsService.checkEntityPermission(
-      eventId,
-      userId,
-      "edit_event",
-      "edit_event_true",
-    );
+    await EventsService.checkEventAccess(userId, eventId);
 
     const locationId = uuidv7();
 
     // location
     await db.query(
       sql.unsafe`
-         insert into locations_management.locations
+         insert into ev.locations
            (location_id, name, event_id)
          values
            (${locationId}, ${name}, ${eventId})`,
@@ -61,7 +56,7 @@ router.post("/create-location", async (req, res, next) => {
       const roomId = uuidv7();
       await db.query(
         sql.unsafe`
-          insert into locations_management.rooms
+          insert into ev.rooms
             (room_id, location_id, name, parent_id)
           values
             (${roomId}, ${locationId}, ${room.name}, ${room.parentId})
@@ -70,10 +65,11 @@ router.post("/create-location", async (req, res, next) => {
     }
 
     RouterUtils.validAndSendResponse(
-      LocationsManagementApi.ZCreateLocation.res,
+      LocationsManagementApi.POST_Location.res,
       res,
       {
         code: "success",
+        locationId,
       },
     );
   } catch (e) {
@@ -81,58 +77,53 @@ router.post("/create-location", async (req, res, next) => {
   }
 });
 
-router.post("/get-event-locations", async (req, res, next) => {
+router.get("/event-locations/:eventId", async (req, res, next) => {
   try {
     // валидация запроса
-    const { eventId } = LocationsManagementApi.ZGetEventLocations.req.parse(
-      req.body,
+    const { eventId } = LocationsManagementApi.GET_EventLocations.req.parse(
+      req.params,
     );
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
-    await CheckPermissionsService.checkEntityPermission(
-      eventId,
-      userId,
-      "edit_event",
-      "edit_event_true",
-    );
+    await EventsService.checkEventAccess(userId, eventId);
 
     const locations = await db.any(
       sql.type(
         z.object({
-          location_id: ZDbShema.locations_management.locations.location_id,
-          name: ZDbShema.locations_management.locations.name,
+          locationId: DbShema.ev.locations.locationId,
+          name: DbShema.ev.locations.name,
           rooms: z.array(
             z.object({
-              room_id: ZDbShema.locations_management.rooms.room_id,
-              name: ZDbShema.locations_management.rooms.name,
-              parent_id: ZDbShema.locations_management.rooms.parent_id,
+              roomId: DbShema.ev.rooms.roomId,
+              name: DbShema.ev.rooms.name,
+              parentId: DbShema.ev.rooms.parentId,
             }),
           ),
         }),
       )` 
         SELECT
-            l.location_id,
+            l.location_id as "locationId",
             l.name,
             COALESCE(
                 json_agg(
                     jsonb_build_object(
-                        'room_id', r.room_id,
+                        'roomId', r.room_id,
                         'name', r.name,
-                        'parent_id', r.parent_id
+                        'parentId', r.parent_id
                     )
                 ) FILTER (WHERE r.room_id IS NOT NULL),
                 '[]'::json
             ) AS rooms
-        FROM locations_management.locations l
-        LEFT JOIN locations_management.rooms r ON l.location_id = r.location_id
+        FROM ev.locations l
+        LEFT JOIN ev.rooms r ON l.location_id = r.location_id
         WHERE l.event_id = ${eventId}
         GROUP BY l.location_id, l.name;
               `,
     );
 
     RouterUtils.validAndSendResponse(
-      LocationsManagementApi.ZGetEventLocations.res,
+      LocationsManagementApi.GET_EventLocations.res,
       res,
       {
         code: "success",

src/modules/permissions-management/check-permissions-service.ts

@@ -1,40 +0,0 @@
-// types
-
-import { ApiError } from "#exceptions/api-error.js";
-import { db } from "#db";
-import { sql } from "slonik";
-import { AllPermissions, AllPermissionsValues } from "./permissions-types.js";
-
-class checkPermissionsService {
-  async checkEntityPermission(
-    entityId: string,
-    userId: string,
-    requiredPermission: AllPermissions,
-    requiredPermissionValues: AllPermissionsValues | AllPermissionsValues[],
-  ) {
-    if (typeof requiredPermissionValues === "string") {
-      requiredPermissionValues = [requiredPermissionValues];
-    }
-
-    const isFound = await db.exists(sql.unsafe`
-    select * from
-      permissions_management.cached_user_permissions
-    where
-      entity_id = ${entityId} and
-      user_id = ${userId} and
-      permission_id = ${requiredPermission} and
-      permission_value_id IN (${sql.join(
-        requiredPermissionValues.map((value) => sql.unsafe`${value}`),
-        sql.fragment`, `,
-      )})
-    `);
-
-    if (!isFound) {
-      throw ApiError.ForbiddenError();
-    }
-
-    return true;
-  }
-}
-
-export const CheckPermissionsService = new checkPermissionsService();

src/modules/permissions-management/permissions-router.ts

@@ -1,83 +0,0 @@
-// router
-import express from "express";
-const router = express.Router();
-export default router;
-
-// db
-import { db } from "#db";
-import { ZDbShema } from "#db-shema";
-import { sql } from "slonik";
-
-// error
-// import { ApiError } from "#exceptions/api-error.ts";
-
-// dayjs
-import dayjs from "dayjs";
-import utc from "dayjs/plugin/utc.js";
-dayjs.extend(utc);
-import timezone from "dayjs/plugin/timezone.js";
-dayjs.extend(timezone);
-
-// other
-import { z } from "zod";
-
-// import { logger } from "#logger";
-import { UserUtils } from "#utils/user-utils.js";
-
-import { CheckPermissionsService } from "#modules/permissions-management/check-permissions-service.js";
-import { RouterUtils } from "#utils/router-utils.js";
-import { PermissionsApi } from "#api/permissions-api.js";
-import { ApiError } from "#exceptions/api-error.js";
-
-router.post("/get-role-permissions", async (req, res, next) => {
-  try {
-    // валидация запроса
-    const { roleId } = PermissionsApi.ZGetRolePermissions.req.parse(req.body);
-
-    const eventId = await db.maybeOneFirst(
-      sql.type(
-        z.object({
-          event_id: ZDbShema.events_management.events.event_id,
-        }),
-      )`
-            select
-                event_id
-            from
-                permissions_management.roles
-            where 
-                role_id = ${roleId}
-            `,
-    );
-
-    if (!eventId) {
-      throw ApiError.BadRequest("Role not found", "Role not found");
-    }
-
-    const userId = UserUtils.getUserFromReq(req).userId;
-
-    await CheckPermissionsService.checkEntityPermission(
-      userId,
-      eventId,
-      "view_event",
-      "view_event_true",
-    );
-
-    const role = await db.maybeOneFirst(
-      sql.type(z.object({ get_role_tree: PermissionsApi.ZRole }))`
-          select get_role_tree(${roleId})
-            `,
-    );
-
-    if (!role) {
-      throw ApiError.BadRequest("Role not found", "Role not found");
-    }
-
-    RouterUtils.validAndSendResponse(
-      PermissionsApi.ZGetRolePermissions.res,
-      res,
-      { code: "success", role },
-    );
-  } catch (e) {
-    next(e);
-  }
-});

src/modules/permissions-management/permissions-types.ts

@@ -1,75 +0,0 @@
-export const PERMISSIONS = {
-  view_company: {
-    entityType: "company",
-    values: ["view_company_true", "view_company_false"],
-  },
-  create_event: {
-    entityType: "company",
-    values: ["create_event_true", "create_event_false"],
-  },
-  edit_company_name: {
-    entityType: "company",
-    values: ["edit_company_name_true", "edit_company_name_false"],
-  },
-
-  edit_company_timezone: {
-    entityType: "company",
-    values: ["edit_company_timezone_true", "edit_company_timezone_false"],
-  },
-
-  add_users_to_company: {
-    entityType: "company",
-    values: ["add_users_to_company_true", "add_users_to_company_false"],
-  },
-
-  delete_company: {
-    entityType: "company",
-    values: ["delete_company_true", "delete_company_false"],
-  },
-
-  // event
-  view_event: {
-    entityType: "event",
-    values: ["view_event_true", "view_event_false"],
-  },
-  edit_event: {
-    entityType: "event",
-    values: ["edit_event_true", "edit_event_false"],
-  },
-
-  create_task_block: {
-    entityType: "event",
-    values: ["create_task_block_true", "create_task_block_false"],
-  },
-
-  // task block
-  view_task_block: {
-    entityType: "task_block",
-    values: ["view_task_block_true", "view_task_block_false"],
-  },
-
-  edit_task_block: {
-    entityType: "task_block",
-    values: ["edit_task_block_true", "edit_task_block_false"],
-  },
-
-  create_task: {
-    entityType: "task_block",
-    values: ["create_task_true", "create_task_false"],
-  },
-
-  // task
-  view_task: {
-    entityType: "task",
-    values: ["view_task_true", "view_task_false"],
-  },
-
-  edit_task: {
-    entityType: "task",
-    values: ["edit_task_true", "edit_task_false"],
-  },
-} as const;
-
-export type AllPermissionsValues =
-  (typeof PERMISSIONS)[keyof typeof PERMISSIONS]["values"][number];
-export type AllPermissions = keyof typeof PERMISSIONS;

src/modules/tasks-management/task-blocks-router.ts

@@ -5,7 +5,6 @@ export default router;
 
 // db
 import { db } from "#db";
-import { ZDbShema } from "#db-shema";
 import { sql } from "slonik";
 
 // api
@@ -20,53 +19,43 @@ dayjs.extend(utc);
 import timezone from "dayjs/plugin/timezone.js";
 dayjs.extend(timezone);
 
-// other
-import { z } from "zod";
-
 import { v7 as uuidv7 } from "uuid";
 // import { logger } from "#logger";
 import { UserUtils } from "#utils/user-utils.js";
-import { EntityesService } from "#modules/entities-management/entityes-service.js";
 import { RouterUtils } from "#utils/router-utils.js";
-import { TasksManagementApi } from "#api/tasks-management-api.js";
-import { CheckPermissionsService } from "#modules/permissions-management/check-permissions-service.js";
+import { TasksManagementApi } from "#api";
+import { EventsService } from "#modules/events-management/events-service.js";
+import { z } from "zod";
+import { DbShema } from "#db/db-shema.js";
 import { ApiError } from "#exceptions/api-error.js";
 
 dayjs.extend(utc);
 
-router.post("/create-task-block", async (req, res, next) => {
+router.post("/task-block", async (req, res, next) => {
   try {
     // валидация запроса
-    const { name, eventId } = TasksManagementApi.ZCreateTaskBlock.req.parse(
+    const { name, eventId } = TasksManagementApi.POST_TaskBlock.req.parse(
       req.body,
     );
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
     // проверка прав
-    await CheckPermissionsService.checkEntityPermission(
-      eventId,
-      userId,
-      "create_task_block",
-      "create_task_block_true",
-    );
+    await EventsService.checkEventAccess(userId, eventId);
 
     const blockId = uuidv7();
 
-    // create entity
-    await EntityesService.createEntity(blockId, "task_block", eventId);
-
     // create block
     await db.query(
       sql.unsafe`
-      insert into tasks_management.task_blocks
+      insert into ev.task_blocks
         (task_block_id, name, event_id)
       values
         (${blockId}, ${name}, ${eventId})`,
     );
 
     RouterUtils.validAndSendResponse(
-      TasksManagementApi.ZCreateTaskBlock.res,
+      TasksManagementApi.POST_TaskBlock.res,
       res,
       { code: "success" },
     );
@@ -75,46 +64,22 @@ router.post("/create-task-block", async (req, res, next) => {
   }
 });
 
-router.post("/update-task-block", async (req, res, next) => {
+router.patch("/task-block", async (req, res, next) => {
   try {
     // валидация запроса
-    const { taskBlockId, name } = TasksManagementApi.ZUpdateTaskBlock.req.parse(
+    const { taskBlockId, name } = TasksManagementApi.PATCH_TaskBlock.req.parse(
       req.body,
     );
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
-    const eventId = await db.maybeOneFirst(
-      sql.type(
-        z.object({
-          event_id: ZDbShema.events_management.events.event_id,
-        }),
-      )`
-      select
-        event_id
-      from
-        tasks_management.task_blocks
-      where 
-        task_block_id = ${taskBlockId}
-      `,
-    );
+    const eventId = await EventsService.getEventIdByOther({ taskBlockId });
 
-    if (!eventId) {
-      throw ApiError.BadRequest("Task block not found", "Task block not found");
-    }
+    await EventsService.checkEventAccess(userId, eventId);
 
-    // проверка прав
-    await CheckPermissionsService.checkEntityPermission(
-      eventId,
-      userId,
-      "edit_task_block",
-      "edit_task_block_true",
-    );
-
-    // block
     await db.query(
       sql.unsafe`
-      update tasks_management.task_blocks
+      update ev.task_blocks
       set
         name = ${name}
       where
@@ -122,7 +87,7 @@ router.post("/update-task-block", async (req, res, next) => {
     );
 
     RouterUtils.validAndSendResponse(
-      TasksManagementApi.ZUpdateTaskBlock.res,
+      TasksManagementApi.PATCH_TaskBlock.res,
       res,
       { code: "success" },
     );
@@ -130,3 +95,101 @@ router.post("/update-task-block", async (req, res, next) => {
     next(e);
   }
 });
+
+router.get("/task-block/:taskBlockId", async (req, res, next) => {
+  try {
+    // валидация запроса
+    const { taskBlockId } = TasksManagementApi.GET_TaskBlock.req.parse(
+      req.params,
+    );
+
+    const userId = UserUtils.getUserFromReq(req).userId;
+
+    const eventId = await EventsService.getEventIdByOther({ taskBlockId });
+
+    await EventsService.checkEventAccess(userId, eventId);
+
+    const taskBlock = await db.maybeOne(
+      sql.type(
+        z.object({
+          taskBlockId: DbShema.ev.taskBlocks.taskBlockId,
+          name: DbShema.ev.taskBlocks.name,
+        }),
+      )`
+    select
+      task_block_id as "taskBlockId",
+      name
+      from ev.task_blocks
+      where task_block_id = ${taskBlockId}
+    `,
+    );
+
+    if (!taskBlock) {
+      throw ApiError.BadRequest("Task block not found", "Task block not found");
+    }
+
+    const ZDbTasks = DbShema.ev.tasks;
+    const tasks = await db.any(
+      sql.type(
+        z.object({
+          taskId: ZDbTasks.taskId,
+          name: ZDbTasks.name,
+          startDate: ZDbTasks.startDate,
+          endDate: ZDbTasks.endDate,
+          isTodo: ZDbTasks.isTodo,
+          accountableId: ZDbTasks.accountableId,
+          taskBlockId: ZDbTasks.taskBlockId,
+          programPointId: ZDbTasks.programPointId,
+          roomId: ZDbTasks.roomId,
+          executors: z.array(DbShema.ev.taskExecutors.roleId),
+        }),
+      )`
+          select
+            t.task_id as "taskId",
+            t.name,
+            t.start_date as "startDate",
+            t.end_date as "endDate",
+            t.is_todo as "isTodo",
+            t.accountable_id as "accountableId",
+            t.task_block_id as "taskBlockId",
+            t.program_point_id as "programPointId",
+            t.room_id as "roomId",
+            coalesce(ARRAY_REMOVE(ARRAY_AGG(te.role_id),
+            null),
+            '{}') as executors
+          from
+            ev.tasks t
+            --	executors
+          left join ev.task_executors te on
+            t.task_id = te.task_id
+          where
+            t.task_block_id = ${taskBlockId}
+            -- для executors
+          group by
+            t.task_id,
+            t.name,
+            t.start_date,
+            t.end_date,
+            t.is_todo,
+            t.accountable_id,
+            t.task_block_id,
+            t.program_point_id,
+            t.room_id
+  `,
+    );
+
+    // res
+    RouterUtils.validAndSendResponse(
+      TasksManagementApi.GET_TaskBlock.res,
+      res,
+      {
+        code: "success",
+        taskBlockId: taskBlock.taskBlockId,
+        name: taskBlock.name,
+        tasks: [...tasks],
+      },
+    );
+  } catch (e) {
+    next(e);
+  }
+});

src/modules/tasks-management/tasks-router.ts

@@ -5,7 +5,6 @@ export default router;
 
 // db
 import { db } from "#db";
-import { ZDbShema } from "#db-shema";
 import { sql } from "slonik";
 
 // api
@@ -20,23 +19,15 @@ dayjs.extend(utc);
 import timezone from "dayjs/plugin/timezone.js";
 dayjs.extend(timezone);
 
-// other
-import { z } from "zod";
-
 import { v7 as uuidv7 } from "uuid";
-// import { logger } from "#logger";
 import { UserUtils } from "#utils/user-utils.js";
-import { EntityesService } from "#modules/entities-management/entityes-service.js";
 import { RouterUtils } from "#utils/router-utils.js";
-import { TasksManagementApi } from "#api/tasks-management-api.js";
-import { CheckPermissionsService } from "#modules/permissions-management/check-permissions-service.js";
-import { ApiError } from "#exceptions/api-error.js";
-import { logger } from "#plugins/logger.js";
-import { AllPermissionsValues } from "#modules/permissions-management/permissions-types.js";
+import { TasksManagementApi } from "#api";
+import { EventsService } from "#modules/events-management/events-service.js";
 
 dayjs.extend(utc);
 
-router.post("/create-task", async (req, res, next) => {
+router.post("/task", async (req, res, next) => {
   try {
     // валидация запроса
     const {
@@ -49,27 +40,22 @@ router.post("/create-task", async (req, res, next) => {
       executors,
       roomId,
       accountableId,
-    } = TasksManagementApi.ZCreateTask.req.parse(req.body);
+    } = TasksManagementApi.POST_Task.req.parse(req.body);
 
     const userId = UserUtils.getUserFromReq(req).userId;
+    //
 
     // проверка прав
-    await CheckPermissionsService.checkEntityPermission(
-      taskBlockId,
-      userId,
-      "create_task",
-      "create_task_true",
-    );
+    const eventId = await EventsService.getEventIdByOther({ taskBlockId });
+    await EventsService.checkEventAccess(userId, eventId);
+    //
 
     const taskId = uuidv7();
 
-    // create entity
-    await EntityesService.createEntity(taskId, "task", taskBlockId);
-
     // create task
     await db.query(
       sql.unsafe`
-      insert into tasks_management.tasks
+      insert into ev.tasks
         (task_id, name, start_date, end_date, accountable_id, is_todo, task_block_id, program_point_id, room_id)
       values
         (${taskId}, ${name}, ${startDate}, ${endDate}, ${accountableId}, ${isTodo}, ${taskBlockId}, ${programPointId}, ${roomId})`,
@@ -79,14 +65,14 @@ router.post("/create-task", async (req, res, next) => {
     for (const executorId of executors) {
       await db.query(
         sql.unsafe`
-        insert into tasks_management.task_executors
-          (task_id, user_id)
+        insert into ev.task_executors
+          (task_id, role)
         values
           (${taskId}, ${executorId})`,
       );
     }
 
-    RouterUtils.validAndSendResponse(TasksManagementApi.ZUpdateTask.res, res, {
+    RouterUtils.validAndSendResponse(TasksManagementApi.POST_Task.res, res, {
       code: "success",
     });
   } catch (e) {
@@ -94,7 +80,7 @@ router.post("/create-task", async (req, res, next) => {
   }
 });
 
-router.post("/update-task", async (req, res, next) => {
+router.patch("/task", async (req, res, next) => {
   try {
     // валидация запроса
     const {
@@ -107,22 +93,18 @@ router.post("/update-task", async (req, res, next) => {
       executors,
       roomId,
       accountableId,
-    } = TasksManagementApi.ZUpdateTask.req.parse(req.body);
+    } = TasksManagementApi.PATCH_Task.req.parse(req.body);
 
     const userId = UserUtils.getUserFromReq(req).userId;
 
     // проверка прав
-    await CheckPermissionsService.checkEntityPermission(
-      taskId,
-      userId,
-      "edit_task",
-      "edit_task_true",
-    );
+    const eventId = await EventsService.getEventIdByOther({ taskId });
+    await EventsService.checkEventAccess(userId, eventId);
 
     // edit task
     await db.query(
       sql.unsafe`
-      UPDATE tasks_management.tasks
+      UPDATE ev.tasks
       SET
         ${sql.join(
           [
@@ -158,141 +140,28 @@ router.post("/update-task", async (req, res, next) => {
       // del executors
       await db.query(
         sql.unsafe`
-      delete from tasks_management.task_executors
+      delete from ev.task_executors
       where
         task_id = ${taskId}`,
       );
 
       // add executors
+      // TODO: вынести и слить с event-block
       for (const executorId of executors) {
         await db.query(
           sql.unsafe`
-        insert into tasks_management.task_executors
-          (task_id, user_id)
+        insert into ev.task_executors
+          (task_id, role_id)
         values
           (${taskId}, ${executorId})`,
         );
       }
     }
 
-    RouterUtils.validAndSendResponse(TasksManagementApi.ZUpdateTask.res, res, {
+    RouterUtils.validAndSendResponse(TasksManagementApi.PATCH_Task.res, res, {
       code: "success",
     });
   } catch (e) {
     next(e);
   }
 });
-
-router.post("/get-task-block", async (req, res, next) => {
-  try {
-    // валидация запроса
-    const { taskBlockId } = TasksManagementApi.ZGetBlockTasks.req.parse(
-      req.body,
-    );
-
-    const userId = UserUtils.getUserFromReq(req).userId;
-
-    CheckPermissionsService.checkEntityPermission(
-      taskBlockId,
-      userId,
-      "view_task_block",
-      "view_task_block_true",
-    );
-
-    const taskBlock = await db.maybeOne(
-      sql.type(
-        z.object({
-          task_block_id: ZDbShema.tasks_management.task_blocks.task_block_id,
-          name: ZDbShema.tasks_management.task_blocks.name,
-        }),
-      )`
-    select
-      task_block_id,
-      name
-      from tasks_management.task_blocks
-      where task_block_id = ${taskBlockId}
-    `,
-    );
-
-    if (!taskBlock) {
-      throw ApiError.BadRequest("Task block not found", "Task block not found");
-    }
-
-    const REQUIRED_PERMISSION: AllPermissionsValues = "view_task_true";
-    const ZDbTasks = ZDbShema.tasks_management.tasks;
-    const tasks = await db.any(
-      sql.type(
-        z.object({
-          task_id: ZDbTasks.task_id,
-          name: ZDbTasks.name,
-          start_date: ZDbTasks.start_date,
-          end_date: ZDbTasks.end_date,
-          is_todo: ZDbTasks.is_todo,
-          accountable_id: ZDbTasks.accountable_id,
-          task_block_id: ZDbTasks.task_block_id,
-          program_point_id: ZDbTasks.program_point_id,
-          room_id: ZDbTasks.room_id,
-          executors: z.array(ZDbShema.tasks_management.task_executors.user_id),
-        }),
-      )`
-          select
-            t.task_id,
-            t.name,
-            t.start_date,
-            t.end_date,
-            t.is_todo,
-            t.accountable_id,
-            t.task_block_id,
-            t.program_point_id,
-            t.room_id,
-            coalesce(ARRAY_REMOVE(ARRAY_AGG(te.user_id),
-            null),
-            '{}') as executors
-          from
-            tasks_management.tasks t
-            --	executors
-          left join tasks_management.task_executors te on
-            t.task_id = te.task_id
-            --	permissions
-          join permissions_management.cached_user_permissions cup on
-            t.task_id = cup.entity_id
-          where
-            --	perm
-            cup.user_id = ${userId}
-            and
-                      cup.permission_value_id = ${REQUIRED_PERMISSION}
-            and
-            --
-                    t.task_block_id = ${taskBlockId}
-            -- для executors
-          group by
-            t.task_id,
-            t.name,
-            t.start_date,
-            t.end_date,
-            t.is_todo,
-            t.accountable_id,
-            t.task_block_id,
-            t.program_point_id,
-            t.room_id
-  `,
-    );
-
-    logger.info(tasks);
-    logger.info({ userId, taskBlockId, REQUIRED_PERMISSION });
-
-    // res
-    RouterUtils.validAndSendResponse(
-      TasksManagementApi.ZGetBlockTasks.res,
-      res,
-      {
-        code: "success",
-        task_block_id: taskBlock.task_block_id,
-        name: taskBlock.name,
-        tasks: [...tasks],
-      },
-    );
-  } catch (e) {
-    next(e);
-  }
-});

src/modules/users-management/auth/routers/auth-router.ts

@@ -5,11 +5,11 @@ export default router;
 
 // db
 import { db } from "#db";
-import { ZDbShema } from "#db-shema";
+import { DbShema } from "#db-shema";
 import { sql } from "slonik";
 
 // api
-import { AuthApi } from "#api/auth-api.js";
+import { AuthApi } from "#api";
 
 // error
 import { ApiError } from "#exceptions/api-error.js";
@@ -35,17 +35,17 @@ dayjs.extend(utc);
 router.post("/registration", async (req, res, next) => {
   try {
     // валидация запроса
-    const { email } = AuthApi.ZRegistration.req.parse(req.body);
+    const { email } = AuthApi.POST_Registration.req.parse(req.body);
 
     // проверка на существование пользователя
     const isUserExist = await db.exists(
-      sql.unsafe`select email from users_management.users where email = ${email}`,
+      sql.unsafe`select email from usr.users where email = ${email}`,
     );
 
     // если пользователь уже зарегистрирован
     if (isUserExist) {
       RouterUtils.validAndSendResponse(
-        AuthApi.ZRegistration.res,
+        AuthApi.POST_Registration.res,
         res,
         { code: "alreadyExists" },
         400,
@@ -60,15 +60,15 @@ router.post("/registration", async (req, res, next) => {
       await ConfirmPinsService.sendConfirmPin(transactionId, email);
     } catch {
       RouterUtils.validAndSendResponse(
-        AuthApi.ZRegistration.res,
+        AuthApi.POST_Registration.res,
         res,
-        { code: "pinIsNotSent", transactionId },
+        { code: "pinIsNotSent" },
         400,
       );
       return;
     }
 
-    RouterUtils.validAndSendResponse(AuthApi.ZRegistration.res, res, {
+    RouterUtils.validAndSendResponse(AuthApi.POST_Registration.res, res, {
       code: "pinIsSent",
       transactionId: transactionId,
     });
@@ -82,7 +82,7 @@ router.post("/confirm-registration", async (req, res, next) => {
   try {
     // валидация запроса
     const { password, name, transactionId, confirmPin } =
-      AuthApi.ZConfirmRegistration.req.parse(req.body);
+      AuthApi.POST_ConfirmRegistration.req.parse(req.body);
 
     // проверка пина
     const pinInfo = await ConfirmPinsService.checkConfirmPin(
@@ -93,7 +93,7 @@ router.post("/confirm-registration", async (req, res, next) => {
     // если пин протухший
     if (pinInfo.status === "rotten") {
       RouterUtils.validAndSendResponse(
-        AuthApi.ZConfirmRegistration.res,
+        AuthApi.POST_ConfirmRegistration.res,
         res,
         { code: "pinIsRotten" },
         400,
@@ -104,7 +104,7 @@ router.post("/confirm-registration", async (req, res, next) => {
     // слишком много попыток
     if (pinInfo.status === "tooManyTries") {
       RouterUtils.validAndSendResponse(
-        AuthApi.ZConfirmRegistration.res,
+        AuthApi.POST_ConfirmRegistration.res,
         res,
         { code: "tooManyTries" },
         400,
@@ -115,7 +115,7 @@ router.post("/confirm-registration", async (req, res, next) => {
     // неправильный
     if (pinInfo.status === "wrong") {
       RouterUtils.validAndSendResponse(
-        AuthApi.ZConfirmRegistration.res,
+        AuthApi.POST_ConfirmRegistration.res,
         res,
         {
           code: "pinIsWrong",
@@ -133,7 +133,7 @@ router.post("/confirm-registration", async (req, res, next) => {
     const userId = uuidv7();
     await db.query(
       sql.unsafe`
-      insert into users_management.users 
+      insert into usr.users 
         (user_id, email, name, password) 
       values 
         (${userId}, ${email}, ${name}, ${hashPassword})`,
@@ -152,15 +152,19 @@ router.post("/confirm-registration", async (req, res, next) => {
       // secure: true, //после включения https
     });
 
-    RouterUtils.validAndSendResponse(AuthApi.ZConfirmRegistration.res, res, {
-      code: "registered",
-      userData: {
+    RouterUtils.validAndSendResponse(
+      AuthApi.POST_ConfirmRegistration.res,
+      res,
+      {
+        code: "registered",
         accessToken,
         refreshToken,
-        email,
-        userId,
+        userData: {
+          email,
+          userId,
+        },
       },
-    });
+    );
   } catch (e) {
     next(e);
   }
@@ -169,27 +173,29 @@ router.post("/confirm-registration", async (req, res, next) => {
 router.post("/login", async (req, res, next) => {
   try {
     // валидация запроса
-    const { email, password } = AuthApi.ZLogin.req.parse(req.body);
+    const { email, password } = AuthApi.POST_Login.req.parse(req.body);
 
     // поиск юзера
     const user = await db.maybeOne(
       sql.type(
         z.object({
-          user_id: ZDbShema.users_management.users.user_id,
-          password: ZDbShema.users_management.users.password,
-          wrong_pass_tries: ZDbShema.users_management.users.wrong_pass_tries,
+          userId: DbShema.usr.users.userId,
+          password: DbShema.usr.users.password,
+          wrongPassTries: DbShema.usr.users.wrongPassTries,
         }),
       )`
       select 
-        user_id, password, wrong_pass_tries 
+        user_id as "userId", 
+        password, 
+        wrong_pass_tries as "wrongPassTries"
       from 
-        users_management.users 
+        usr.users 
       where 
         email = ${email}`,
     );
     if (!user) {
       RouterUtils.validAndSendResponse(
-        AuthApi.ZLogin.res,
+        AuthApi.POST_Login.res,
         res,
         {
           code: "userNotFound",
@@ -200,12 +206,14 @@ router.post("/login", async (req, res, next) => {
     }
 
     // если количество попыток превышено
-    if (user.wrong_pass_tries > config.PASSWORD_MAX_TRIES - 1) {
+    if (user.wrongPassTries > config.PASSWORD_MAX_TRIES - 1) {
       RouterUtils.validAndSendResponse(
-        AuthApi.ZLogin.res,
+        AuthApi.POST_Login.res,
         res,
         {
           code: "tooManyTries",
+          // TODO: сделать дату разблокировки
+          unblockingDate: new Date().toISOString(),
         },
         400,
       );
@@ -215,12 +223,11 @@ router.post("/login", async (req, res, next) => {
     // проверка пароля
     const isPassEquals = await bcript.compare(password, user.password);
     if (!isPassEquals) {
-      await UserAuthService.authTriesIncrement(user.user_id);
-      const triesRemained =
-        config.PASSWORD_MAX_TRIES - 1 - user.wrong_pass_tries;
+      await UserAuthService.authTriesIncrement(user.userId);
+      const triesRemained = config.PASSWORD_MAX_TRIES - 1 - user.wrongPassTries;
 
       RouterUtils.validAndSendResponse(
-        AuthApi.ZLogin.res,
+        AuthApi.POST_Login.res,
         res,
         {
           code: "passIsWrong",
@@ -232,14 +239,14 @@ router.post("/login", async (req, res, next) => {
     }
 
     // успешный логин
-    await UserAuthService.resetAuthTries(user.user_id);
+    await UserAuthService.resetAuthTries(user.userId);
 
     // токены
     const { accessToken, refreshToken } = tokenService.generateTokens({
       email,
-      userId: user.user_id,
+      userId: user.userId,
     });
-    await tokenService.insertRefreshToken(user.user_id, refreshToken);
+    await tokenService.insertRefreshToken(user.userId, refreshToken);
     res.cookie("refreshToken", refreshToken, {
       maxAge: 30 * 24 * 60 * 60 * 1000, //30d
       httpOnly: true, //запрет на изменение пользователем
@@ -247,11 +254,13 @@ router.post("/login", async (req, res, next) => {
     });
 
     RouterUtils.validAndSendResponse(
-      AuthApi.ZLogin.res,
+      AuthApi.POST_Login.res,
       res,
       {
         code: "success",
-        userData: { email, accessToken, refreshToken, userId: user.user_id },
+        accessToken,
+        refreshToken,
+        userData: { email, userId: user.userId },
       },
       200,
     );
@@ -268,7 +277,7 @@ router.post("/logout", async (req, res, next) => {
     await tokenService.removeToken(userData.userId, refreshToken);
     res.clearCookie("refreshToken");
 
-    RouterUtils.validAndSendResponse(AuthApi.ZLogout.res, res, {
+    RouterUtils.validAndSendResponse(AuthApi.POST_Logout.res, res, {
       code: "success",
     });
   } catch (e) {
@@ -285,7 +294,7 @@ router.post("/logoutAllDevices", async (req, res, next) => {
     await tokenService.removeAllUserTokens(userData.userId);
     res.clearCookie("refreshToken");
 
-    RouterUtils.validAndSendResponse(AuthApi.ZLogoutAllDevices.res, res, {
+    RouterUtils.validAndSendResponse(AuthApi.POST_LogoutAllDevices.res, res, {
       code: "success",
     });
   } catch (e) {
@@ -300,7 +309,7 @@ router.get("/refresh", async (req, res, next) => {
     if (!refreshToken) throw ApiError.UnauthorizedError();
 
     const userData = tokenService.validateRefreshToken(refreshToken);
-    const tokenIsExist = await tokenService.findToken(
+    const tokenIsExist = await tokenService.refreshTokenIsExist(
       userData.userId,
       refreshToken,
     );
@@ -314,9 +323,9 @@ router.get("/refresh", async (req, res, next) => {
     const newUserData = await db.maybeOne(
       sql.type(
         z.object({
-          email: ZDbShema.users_management.users.email,
+          email: DbShema.usr.users.email,
         }),
-      )`select email from users_management.users where user_id = ${userData.userId}`,
+      )`select email from usr.users where user_id = ${userData.userId}`,
     );
     if (!newUserData) {
       throw ApiError.UnauthorizedError();
@@ -332,18 +341,14 @@ router.get("/refresh", async (req, res, next) => {
       refreshToken,
       newTokens.refreshToken,
     );
-    res.cookie("refreshToken", newTokens.refreshToken, {
-      maxAge: 30 * 24 * 60 * 60 * 1000, //30d
-      httpOnly: true, //запрет на изменение пользователем
-      // secure: true, //после включения https
-    });
 
-    RouterUtils.validAndSendResponse(AuthApi.ZRefresh.res, res, {
+    RouterUtils.validAndSendResponse(AuthApi.POST_Refresh.res, res, {
       code: "success",
+
+      accessToken: newTokens.accessToken,
+      refreshToken: newTokens.refreshToken,
       userData: {
         email: newUserData.email,
-        accessToken: newTokens.accessToken,
-        refreshToken: newTokens.refreshToken,
         userId: userData.userId,
       },
     });

src/modules/users-management/auth/services/token-service.ts

@@ -7,7 +7,8 @@ import { db } from "#db";
 import { sql } from "slonik";
 
 // types
-import { ZTokenPayload } from "../types/token-playload-type.js";
+import { TokenPayload } from "../types/token-playload-type.js";
+import type { Response } from "express";
 import { z } from "zod";
 
 const JWT_ACCESS_SECRET = config.JWT_ACCESS_SECRET || "";
@@ -17,7 +18,12 @@ const ACCESS_TOKEN_LIFETIME_MINS = config.ACCESS_TOKEN_LIFETIME_MINS || "15";
 const REFRESH_TOKEN_LIFETIME_DAYS = config.REFRESH_TOKEN_LIFETIME_DAYS || "30";
 
 class TokenService {
-  generateTokens(payload: z.infer<typeof ZTokenPayload>): {
+  /**
+   * генерирует пару токенов: accessToken и refreshToken
+   * @param payload - данные, которые будут зашифрованы в токенах
+   * @returns обьект с двумя свойствами: accessToken и refreshToken
+   */
+  generateTokens(payload: z.infer<typeof TokenPayload>): {
     accessToken: string;
     refreshToken: string;
   } {
@@ -34,10 +40,15 @@ class TokenService {
     };
   }
 
+  /**
+   * вставляет refreshToken в базу данных
+   * @param userId - id пользователя
+   * @param refreshToken - токен, который будет вставлен
+   */
   async insertRefreshToken(userId: string, refreshToken: string) {
     await db.query(
       sql.unsafe`
-      insert into users_management.user_refresh_tokens
+      insert into usr.user_refresh_tokens
         (user_id, refresh_token)
       values
         (${userId}, ${refreshToken})
@@ -45,6 +56,12 @@ class TokenService {
     );
   }
 
+  /**
+   * обновляет refreshToken в базе данных
+   * @param userId - id пользователя
+   * @param oldRefreshToken - старый токен
+   * @param newRefreshToken - новый токен
+   */
   async updateRefreshToken(
     userId: string,
     oldRefreshToken: string,
@@ -53,7 +70,7 @@ class TokenService {
     await db.query(
       sql.unsafe`
       update
-        users_management.user_refresh_tokens
+        usr.user_refresh_tokens
       set
         refresh_token = ${newRefreshToken}
       where
@@ -63,48 +80,89 @@ class TokenService {
     );
   }
 
+  /**
+   * удаляет refreshToken из базы данных
+   * @param userId - id пользователя
+   * @param refreshToken - токен, который будет удален
+   */
   async removeToken(userId: string, refreshToken: string) {
     await db.query(sql.unsafe`
       delete from
-        users_management.user_refresh_tokens
+        usr.user_refresh_tokens
       where
         user_id = ${userId} and refresh_token = ${refreshToken}
     `);
   }
 
+  /**
+   * удаляет все токены пользователя по его id
+   * @param userId - id пользователя
+   */
   async removeAllUserTokens(userId: string) {
     await db.query(sql.unsafe`
     delete from
-      users_management.user_refresh_tokens
+      usr.user_refresh_tokens
     where
       user_id = ${userId}
     `);
   }
 
+  /**
+   * проверяет acess токен и возвращает данные из него
+   * @param token - токен
+   * @returns данные из токена
+   */
   validateAccessToken(token: string) {
     const userData = jwt.verify(token, JWT_ACCESS_SECRET);
 
-    return ZTokenPayload.parse(userData);
+    return TokenPayload.parse(userData);
   }
 
+  /**
+   * проверяет refresh токен и возвращает данные из него
+   * @param token - токен
+   * @returns данные из токена
+   */
   validateRefreshToken(token: string) {
     const userData = jwt.verify(token, JWT_REFRESH_SECRET);
 
-    return ZTokenPayload.parse(userData);
+    return TokenPayload.parse(userData);
   }
 
-  async findToken(userId: string, refreshToken: string): Promise<boolean> {
+  /**
+   * Проверяет, существует ли refresh токен в базе данных
+   * @param userId - id пользователя
+   * @param refreshToken - токен, который будет проверен
+   * @returns true, если токен существует, false - иначе
+   */
+  async refreshTokenIsExist(
+    userId: string,
+    refreshToken: string,
+  ): Promise<boolean> {
     const tokenIsExist = await db.exists(
       sql.unsafe`
       select 
         user_id 
       from 
-        users_management.user_refresh_tokens 
+        usr.user_refresh_tokens 
       where 
         user_id = ${userId} and refresh_token = ${refreshToken}`,
     );
     return tokenIsExist;
   }
+
+  /**
+   * установить refresh токен в cookie
+   * @param res - объект Response
+   * @param token - токен
+   */
+  setRefreshTokenInCookie(res: Response, token: string) {
+    res.cookie("refreshToken", token, {
+      maxAge: config.REFRESH_TOKEN_LIFETIME_DAYS * 24 * 60 * 60 * 1000, //в миллисекундах
+      httpOnly: true, //запрет на изменение пользователем
+      // secure: true, //после включения https
+    });
+  }
 }
 
 export default new TokenService();

src/modules/users-management/auth/services/user-auth-service.ts

@@ -1,5 +1,5 @@
 // db
-import { db } from "#db";
+import { db } from "#db/db.js";
 import { sql } from "slonik";
 
 class userAuthService {
@@ -7,7 +7,7 @@ class userAuthService {
     await db.any(
       sql.unsafe`
       update 
-        users_management.users 
+        usr.users 
       set 
         wrong_pass_tries = wrong_pass_tries + 1 
       where 
@@ -19,7 +19,7 @@ class userAuthService {
     await db.any(
       sql.unsafe`
       update 
-        users_management.users 
+        usr.users 
       set 
         wrong_pass_tries = 0 
       where 

src/modules/users-management/auth/types/token-playload-type.ts

@@ -1,6 +1,6 @@
 import { z } from "zod";
 
-export const ZTokenPayload = z.object({
+export const TokenPayload = z.object({
   userId: z.string(),
   email: z.string().email(),
 });

src/modules/users-management/confirm-pins/confirm-pins-service.ts

@@ -3,7 +3,7 @@ import { logger } from "#logger";
 import { db } from "#db";
 import { sql } from "slonik";
 
-import { ZDbShema } from "#db-shema";
+import { DbShema } from "#db-shema";
 import { z } from "zod";
 
 // dayjs
@@ -20,7 +20,7 @@ class confirmPinsService {
     await db.any(
       sql.unsafe`
       delete from 
-        users_management.confirm_pins 
+        usr.confirm_pins 
       where 
         transaction_id = ${transactionId}`,
     );
@@ -30,7 +30,7 @@ class confirmPinsService {
     await db.any(
       sql.unsafe`
       update 
-        users_management.confirm_pins 
+        usr.confirm_pins 
       set 
         wrong_pin_tries = wrong_pin_tries + 1 
       where 
@@ -42,10 +42,8 @@ class confirmPinsService {
   //
   async sendConfirmPin(transactionId: string, email: string) {
     const confirmPin = this.genRandom4DigitNumber();
-    logger.debug(1);
     // удаляем если пин уже есть
     await this.deleteConfirmPin(transactionId);
-    logger.debug(2);
     // отправка
     const mailBody = `
     <div>
@@ -54,11 +52,10 @@ class confirmPinsService {
     </div>
 `;
     await MailService.sendMail(email, "Ваш код для EVENT", mailBody);
-    logger.debug(3);
     // бд
     await db.any(
       sql.unsafe`
-      insert into users_management.confirm_pins (
+      insert into usr.confirm_pins (
         transaction_id,
         email,
         confirm_pin,
@@ -69,7 +66,6 @@ class confirmPinsService {
         ${confirmPin}, 
         ${DayjsUtils.createDayjsUtcWithoutOffset().toISOString()})`,
     );
-    logger.debug(4);
     logger.info("Отправлен временный код: ", {
       email,
       confirmPin,
@@ -91,17 +87,19 @@ class confirmPinsService {
     const pinInfo = await db.maybeOne(
       sql.type(
         z.object({
-          confirm_pin: ZDbShema.users_management.confirm_pins.confirm_pin,
-          email: ZDbShema.users_management.confirm_pins.email,
-          create_time: ZDbShema.users_management.confirm_pins.create_time,
-          wrong_pin_tries:
-            ZDbShema.users_management.confirm_pins.wrong_pin_tries,
+          confirmPin: DbShema.usr.confirmPins.confirmPin,
+          email: DbShema.usr.confirmPins.email,
+          createTime: DbShema.usr.confirmPins.createTime,
+          wrongPinTries: DbShema.usr.confirmPins.wrongPinTries,
         }),
       )`
       select 
-        confirm_pin, email, create_time, wrong_pin_tries
+        confirm_pin as "confirmPin", 
+        email, 
+        create_time as "createTime", 
+        wrong_pin_tries as "wrongPinTries"
       from 
-        users_management.confirm_pins 
+        usr.confirm_pins 
       where 
         transaction_id = ${transactionId}`,
     );
@@ -112,7 +110,7 @@ class confirmPinsService {
     }
 
     // много попыток
-    if (pinInfo.wrong_pin_tries > config.CONFIRM_PIN_MAX_TRIES - 1) {
+    if (pinInfo.wrongPinTries > config.CONFIRM_PIN_MAX_TRIES - 1) {
       return { status: "tooManyTries" };
     }
 
@@ -120,7 +118,7 @@ class confirmPinsService {
     if (
       DayjsUtils.createDayjsUtcWithoutOffset().isAfter(
         dayjs
-          .utc(pinInfo.create_time)
+          .utc(pinInfo.createTime)
           .add(config.CONFIRM_PIN_LIFETIME_MINS, "minutes"),
       )
     ) {
@@ -129,11 +127,11 @@ class confirmPinsService {
     }
 
     // неправильный
-    if (pinInfo.confirm_pin !== confirmPin) {
+    if (pinInfo.confirmPin !== confirmPin) {
       await this.pinTriesIncrement(transactionId);
 
       const triesRemained =
-        config.CONFIRM_PIN_MAX_TRIES - 1 - pinInfo.wrong_pin_tries;
+        config.CONFIRM_PIN_MAX_TRIES - 1 - pinInfo.wrongPinTries;
 
       return {
         status: "wrong",

src/utils/user-utils.ts

@@ -1,12 +1,12 @@
 import type { Request } from "express";
 // types
-import { ZTokenPayload } from "#modules/users-management/auth/types/token-playload-type.js";
+import { TokenPayload } from "#modules/users-management/auth/types/token-playload-type.js";
 
 import { ApiError } from "#exceptions/api-error.js";
 
 class userUtils {
   public getUserFromReq(req: Request) {
-    const userData = ZTokenPayload.safeParse(req.user);
+    const userData = TokenPayload.safeParse(req.user);
 
     if (!userData.success) {
       throw ApiError.UnauthorizedError();