From d8f08bf5643302933de7c2abc79daa33f028ab86 Mon Sep 17 00:00:00 2001
From: paritosh18 <paritosh898384.com>
Date: Fri, 14 Nov 2025 16:33:14 +0530
Subject: [PATCH 1/2] add prepopulateTeammate function to retrieve roles for
 Coadmin and Account_manager

---
 serverless.yml                                | 16 ++++++
 .../handlers/prepopulateTeammate.ts           | 52 +++++++++++++++++++
 2 files changed, 68 insertions(+)
 create mode 100644 src/modules/minglaradmin/handlers/prepopulateTeammate.ts

diff --git a/serverless.yml b/serverless.yml
index 1ac4f3d..fca14a5 100644
--- a/serverless.yml
+++ b/serverless.yml
@@ -259,6 +259,22 @@ functions:
           method: post
 
 
+  prepopulateTeammate:
+    handler: src/modules/minglaradmin/handlers/prepopulateTeammate.handler
+    package:
+      patterns:
+        - "src/modules/minglaradmin/**"
+        - "common/**"
+        - "src/common/**"
+        - "node_modules/@prisma/client/**"
+        - "node_modules/.prisma/**"
+
+    events:
+      - httpApi:
+          path: /minglaradmin/prepopulate-teammate
+          method: get
+
+
   addCompanyDetails:
     handler: src/modules/host/handlers/addCompanyDetails.handler
     package:
diff --git a/src/modules/minglaradmin/handlers/prepopulateTeammate.ts b/src/modules/minglaradmin/handlers/prepopulateTeammate.ts
new file mode 100644
index 0000000..4d96ebe
--- /dev/null
+++ b/src/modules/minglaradmin/handlers/prepopulateTeammate.ts
@@ -0,0 +1,52 @@
+import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import { safeHandler } from '../../../common/utils/handlers/safeHandler';
+import { PrismaService } from '../../../common/database/prisma.service';
+import ApiError from '../../../common/utils/helper/ApiError';
+import { ROLE } from '../../../common/utils/constants/common.constant';
+
+const prismaService = new PrismaService();
+
+/**
+ * Get prepopulated roles for Coadmin and Account_manager
+ * Returns an array of role objects with their IDs
+ */
+export const handler = safeHandler(async (
+  event: APIGatewayProxyEvent,
+  context?: Context
+): Promise<APIGatewayProxyResult> => {
+    // Fetch Coadmin and Account_Manager roles
+    const roles = await prismaService.roles.findMany({
+        where: {
+            id: {
+                in: [ROLE.CO_ADMIN, ROLE.ACCOUNT_MANAGER]
+            },
+            isActive: true,
+            deletedAt: null
+        },
+        select: {
+            id: true,
+            roleName: true
+        },
+        orderBy: {
+            id: 'asc'
+        }
+    });
+
+    if (!roles || roles.length === 0) {
+        throw new ApiError(404, 'No roles found for Coadmin or Account_manager');
+    }
+
+    return {
+        statusCode: 200,
+        headers: {
+            'Content-Type': 'application/json',
+            'Access-Control-Allow-Origin': '*',
+        },
+        body: JSON.stringify({
+            success: true,
+            message: 'Roles retrieved successfully',
+            data: roles,
+            count: roles.length
+        }),
+    };
+});

From 7e0f5b31623b24487adcee57659bd9f3b0fe5b49 Mon Sep 17 00:00:00 2001
From: paritosh18 <paritosh898384.com>
Date: Fri, 14 Nov 2025 17:01:09 +0530
Subject: [PATCH 2/2] rename endpoint to retrieve roles for Coadmin and
 Account_manager

---
 serverless.yml                                |  2 +-
 .../handlers/prepopulateTeammate.ts           | 95 +++++++++++++------
 2 files changed, 65 insertions(+), 32 deletions(-)

diff --git a/serverless.yml b/serverless.yml
index fca14a5..5748317 100644
--- a/serverless.yml
+++ b/serverless.yml
@@ -271,7 +271,7 @@ functions:
 
     events:
       - httpApi:
-          path: /minglaradmin/prepopulate-teammate
+          path: /minglaradmin/prepopulate-Roles
           method: get
 
 
diff --git a/src/modules/minglaradmin/handlers/prepopulateTeammate.ts b/src/modules/minglaradmin/handlers/prepopulateTeammate.ts
index 4d96ebe..142fdd5 100644
--- a/src/modules/minglaradmin/handlers/prepopulateTeammate.ts
+++ b/src/modules/minglaradmin/handlers/prepopulateTeammate.ts
@@ -1,52 +1,85 @@
-import { APIGatewayProxyEvent, APIGatewayProxyResult, Context } from 'aws-lambda';
+import {
+  APIGatewayProxyEvent,
+  APIGatewayProxyResult,
+  Context,
+} from 'aws-lambda';
 import { safeHandler } from '../../../common/utils/handlers/safeHandler';
 import { PrismaService } from '../../../common/database/prisma.service';
 import ApiError from '../../../common/utils/helper/ApiError';
 import { ROLE } from '../../../common/utils/constants/common.constant';
+import { verifyMinglarAdminToken } from '../../../common/middlewares/jwt/authForMinglarAdmin';
 
 const prismaService = new PrismaService();
 
 /**
  * Get prepopulated roles for Coadmin and Account_manager
  * Returns an array of role objects with their IDs
+ * Only accessible by MINGLAR_ADMIN (role_xid = 1)
  */
-export const handler = safeHandler(async (
-  event: APIGatewayProxyEvent,
-  context?: Context
-): Promise<APIGatewayProxyResult> => {
+export const handler = safeHandler(
+  async (
+    event: APIGatewayProxyEvent,
+    context?: Context,
+  ): Promise<APIGatewayProxyResult> => {
+    const token =
+      event.headers['x-auth-token'] || event.headers['X-Auth-Token'];
+    if (!token) {
+      throw new ApiError(
+        401,
+        'This is a protected route. Please provide a valid token.',
+      );
+    }
+
+    // Verify token and get user info
+    const userInfo = await verifyMinglarAdminToken(token);
+    console.log('User Info:', userInfo);
+    // Check if user has Minglar Admin role (role_xid = 1)
+    const user = await prismaService.user.findUnique({
+      where: { id: userInfo.id },
+      select: { roleXid: true },
+    });
+
+    if (!user || user.roleXid !== ROLE.MINGLAR_ADMIN) {
+      throw new ApiError(
+        403,
+        'Access denied. Only Minglar Admin can access this route.',
+      );
+    }
+
     // Fetch Coadmin and Account_Manager roles
     const roles = await prismaService.roles.findMany({
-        where: {
-            id: {
-                in: [ROLE.CO_ADMIN, ROLE.ACCOUNT_MANAGER]
-            },
-            isActive: true,
-            deletedAt: null
+      where: {
+        id: {
+          in: [ROLE.CO_ADMIN, ROLE.ACCOUNT_MANAGER],
         },
-        select: {
-            id: true,
-            roleName: true
-        },
-        orderBy: {
-            id: 'asc'
-        }
+        isActive: true,
+        deletedAt: null,
+      },
+      select: {
+        id: true,
+        roleName: true,
+      },
+      orderBy: {
+        id: 'asc',
+      },
     });
 
     if (!roles || roles.length === 0) {
-        throw new ApiError(404, 'No roles found for Coadmin or Account_manager');
+      throw new ApiError(404, 'No roles found for Coadmin or Account_manager');
     }
 
     return {
-        statusCode: 200,
-        headers: {
-            'Content-Type': 'application/json',
-            'Access-Control-Allow-Origin': '*',
-        },
-        body: JSON.stringify({
-            success: true,
-            message: 'Roles retrieved successfully',
-            data: roles,
-            count: roles.length
-        }),
+      statusCode: 200,
+      headers: {
+        'Content-Type': 'application/json',
+        'Access-Control-Allow-Origin': '*',
+      },
+      body: JSON.stringify({
+        success: true,
+        message: 'Roles retrieved successfully',
+        data: roles,
+        count: roles.length,
+      }),
     };
-});
+  },
+);