Secure machine operations with AdminGuard

Added AdminGuard to POST and DELETE routes in MachinesController to ensure only admins can create or delete machines. Renamed endpoints for clarity and removed redundant code. This enhances security and improves API design.

apps/backend/src/app/machines/machines.controller.ts

@@ -4,38 +4,39 @@ import {
 	Delete,
 	Get,
 	Param,
+	ParseBoolPipe,
 	ParseIntPipe,
 	Post,
 	Query,
+	UseGuards,
 } from "@nestjs/common";
+import { AdminGuard } from "apps/backend/src/app/auth/auth.guard";
 import { MachinesService } from "apps/backend/src/app/machines/machines.service";
 
 @Controller("machines")
 export class MachinesController {
 	constructor(private readonly machineService: MachinesService) {}
 
-	@Get()
+	@Get("find")
 	async findMany(
 		@Query("limit", new DefaultValuePipe(20), ParseIntPipe) limit: number,
 		@Query("offset", new DefaultValuePipe(0), ParseIntPipe) offset: number,
 		@Query("search", new DefaultValuePipe("")) search: string,
-	) {
-		const query = { limit, offset, search };
-	}
+	) {}
 
+	@UseGuards(AdminGuard)
 	@Post("new")
 	async newMachine() {}
 
+	@UseGuards(AdminGuard)
 	@Delete(":machineId")
-	async deleteGroup(@Param("machineId") machineId: string) {}
+	async deleteMachine(@Param("machineId") machineId: string) {}
 
-	@Get(":groupId")
-	async getForGroup(
+	@Get(":machineId/files")
+	async getFilesForMachine(
 		@Query("limit", new DefaultValuePipe(20), ParseIntPipe) limit: number,
 		@Query("offset", new DefaultValuePipe(0), ParseIntPipe) offset: number,
 		@Query("search", new DefaultValuePipe("")) search: string,
 		@Param("machineId") machineId: string,
-	) {
-		const query = { limit, offset, search };
-	}
+	) {}
 }