diff --git a/api/src/timeslots/timeslots.controller.ts b/api/src/timeslots/timeslots.controller.ts index 90c5b84..6a3af4a 100644 --- a/api/src/timeslots/timeslots.controller.ts +++ b/api/src/timeslots/timeslots.controller.ts @@ -6,6 +6,8 @@ import { ApiUnauthorizedResponse, } from '@nestjs/swagger'; import { TimeSlot } from './timeslot.entity'; +import { CheckPolicies } from 'src/authorization/check-policies.decorator'; +import { Action } from '@hkrecruitment/shared'; @ApiBearerAuth() @ApiTags('timeslots') @@ -14,6 +16,7 @@ export class TimeSlotsController { constructor(private readonly timeSlotsService: TimeSlotsService) {} @ApiUnauthorizedResponse() + @CheckPolicies((ability) => ability.can(Action.Read, 'TimeSlot')) @Get() async findAvailableTimeSlots(): Promise { return await this.timeSlotsService.findAvailableTimeSlots();