From 3b3c45ac6e3ccb8bd4340640223926682401d292 Mon Sep 17 00:00:00 2001
From: Divine <>
Date: Thu, 23 Apr 2026 17:29:55 +0100
Subject: [PATCH] implementation of missing auth guards

---
 src/app.controller.ts           |  4 +++-
 src/backup/backup.controller.ts | 12 ++++++++++++
 src/health/health.controller.ts | 22 +++++++++++++++++++++-
 3 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/src/app.controller.ts b/src/app.controller.ts
index cce879ee..064cfbef 100644
--- a/src/app.controller.ts
+++ b/src/app.controller.ts
@@ -1,11 +1,13 @@
-import { Controller, Get } from '@nestjs/common';
+import { Controller, Get, HttpStatus, ApiResponse, ApiTags } from '@nestjs/common';
 import { AppService } from './app.service';
 
+@ApiTags('app')
 @Controller()
 export class AppController {
   constructor(private readonly appService: AppService) {}
 
   @Get()
+  @ApiResponse({ status: HttpStatus.OK, description: 'Root endpoint response' })
   getHello(): string {
     return this.appService.getHello();
   }
diff --git a/src/backup/backup.controller.ts b/src/backup/backup.controller.ts
index c71a0ed5..5ebc2cd3 100644
--- a/src/backup/backup.controller.ts
+++ b/src/backup/backup.controller.ts
@@ -7,8 +7,11 @@ import {
   ParseUUIDPipe,
   HttpCode,
   HttpStatus,
+  UseGuards,
+  ApiResponse,
 } from '@nestjs/common';
 import { ApiTags, ApiOperation, ApiBearerAuth } from '@nestjs/swagger';
+import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
 import { RecoveryTestingService } from './testing/recovery-testing.service';
 import { DisasterRecoveryService } from './disaster-recovery/disaster-recovery.service';
 import { BackupMonitoringService } from './monitoring/backup-monitoring.service';
@@ -18,6 +21,7 @@ import { RecoveryTestResponseDto } from './dto/recovery-test-response.dto';
 
 @ApiTags('backup')
 @ApiBearerAuth()
+@UseGuards(JwtAuthGuard)
 @Controller('backup')
 export class BackupController {
   constructor(
@@ -28,6 +32,7 @@ export class BackupController {
 
   @Post('restore')
   @ApiOperation({ summary: 'Restore from backup' })
+  @ApiResponse({ status: HttpStatus.ACCEPTED, description: 'Restore initiated' })
   @HttpCode(HttpStatus.ACCEPTED)
   async restoreBackup(@Body() dto: RestoreBackupDto): Promise<{ message: string }> {
     await this.disasterRecoveryService.executeRestore(dto.backupRecordId);
@@ -36,12 +41,18 @@ export class BackupController {
 
   @Post('test')
   @ApiOperation({ summary: 'Trigger recovery test' })
+  @ApiResponse({ status: HttpStatus.OK, description: 'Recovery test triggered' })
   async triggerRecoveryTest(@Body() dto: TriggerRecoveryTestDto): Promise<RecoveryTestResponseDto> {
     return this.recoveryTestingService.createRecoveryTest(dto.backupRecordId);
   }
 
   @Get('test/:testId')
   @ApiOperation({ summary: 'Get recovery test results' })
+  @ApiResponse({
+    status: HttpStatus.OK,
+    description: 'Recovery test results',
+    type: RecoveryTestResponseDto,
+  })
   async getRecoveryTest(
     @Param('testId', ParseUUIDPipe) testId: string,
   ): Promise<RecoveryTestResponseDto> {
@@ -50,6 +61,7 @@ export class BackupController {
 
   @Get('health')
   @ApiOperation({ summary: 'Get backup system health' })
+  @ApiResponse({ status: HttpStatus.OK, description: 'Backup health status' })
   async getBackupHealth(): Promise<{ healthy: boolean; issues: string[] }> {
     return this.backupMonitoringService.checkBackupHealth();
   }
diff --git a/src/health/health.controller.ts b/src/health/health.controller.ts
index ea2a123b..4618d933 100644
--- a/src/health/health.controller.ts
+++ b/src/health/health.controller.ts
@@ -1,10 +1,23 @@
-import { Controller, Get } from '@nestjs/common';
+import {
+  Controller,
+  Get,
+  HttpStatus,
+  ApiResponse,
+  ApiTags,
+  ApiBearerAuth,
+  UseGuards,
+} from '@nestjs/common';
+import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
 import { DataSource } from 'typeorm';
 import Redis from 'ioredis';
 import { SkipThrottle } from '@nestjs/throttler';
 import { HealthService } from './health.service';
+import { HealthStatus } from './health.service';
 
 @SkipThrottle()
+@ApiTags('health')
+@ApiBearerAuth()
+@UseGuards(JwtAuthGuard)
 @Controller('health')
 export class HealthController {
   private redis: Redis;
@@ -24,17 +37,24 @@ export class HealthController {
   }
 
   @Get()
+  @ApiResponse({ status: HttpStatus.OK, description: 'Health check response', type: HealthStatus })
   async checkHealth() {
     const healthStatus = await this.healthService.checkHealth(this.dataSource, this.redis);
     return healthStatus;
   }
 
   @Get('liveness')
+  @ApiResponse({ status: HttpStatus.OK, description: 'Liveness check response' })
   async checkLiveness() {
     return { status: 'ok', timestamp: new Date().toISOString() };
   }
 
   @Get('readiness')
+  @ApiResponse({
+    status: HttpStatus.OK,
+    description: 'Readiness check response',
+    type: HealthStatus,
+  })
   async checkReadiness() {
     const healthStatus = await this.healthService.checkReadiness(this.dataSource, this.redis);
     return healthStatus;