4nk/lecoffre-back
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add document types control on office ownership

Browse Source
This commit is contained in:
OxSaitama 2023-07-03 18:22:50 +02:00
parent c2856de59a
commit 4e632e27ed
4 changed files with 49 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
src/app/middlewares/OfficeMembershipHandlers/DeedHandler.ts
View File

@ -3,33 +3,40 @@ import DeedsService from "@Services/super-admin/DeedsService/DeedsService";
import { DocumentType } from "le-coffre-resources/dist/SuperAdmin"; import { DocumentType } from "le-coffre-resources/dist/SuperAdmin";
import { NextFunction, Request, Response } from "express"; import { NextFunction, Request, Response } from "express";
import Container from "typedi"; import Container from "typedi";
import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService";
export default async function deedHandler(req: Request, response: Response, next: NextFunction) { export default async function deedHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; const officeId = req.body.user.office_Id;
const uid = req.path && req.path.split("/")[5]; const uid = req.path && req.path.split("/")[5];
const documentTypes: DocumentType[] = req.body.document_types; const documentTypes: DocumentType[] = req.body.document_types;
const deedService = Container.get(DeedsService); const deedService = Container.get(DeedsService);
const deed = await deedService.getOneByUidWithOffice(uid!); const deed = await deedService.getOneByUidWithOffice(uid!);
if (!deed) { if (!deed) {
response.sendStatus(HttpCodes.NOT_FOUND); response.sendStatus(HttpCodes.NOT_FOUND);
return; return;
} }
if (deed.deed_type.office.uid != officeId) { if (deed.deed_type.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.sendStatus(HttpCodes.UNAUTHORIZED);
return; return;
} }
if(documentTypes) { if (documentTypes) {
documentTypes.forEach((documentType) => { const documentTypeService = Container.get(DocumentTypesService);
if (documentType.office?.uid != officeId) { documentTypes.forEach(async (documentType) => {
response.sendStatus(HttpCodes.UNAUTHORIZED); const deedTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
return; if (!deedTypeWithOffice) {
} response.sendStatus(HttpCodes.NOT_FOUND);
}); return;
} }
if (deedTypeWithOffice.office?.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED);
return;
}
});
}
next(); next();
} }

11
src/app/middlewares/OfficeMembershipHandlers/DeedTypeHandler.ts
View File

@ -3,6 +3,7 @@ import DeedTypesService from "@Services/super-admin/DeedTypesService/DeedTypesSe
import { DocumentType } from "le-coffre-resources/dist/SuperAdmin"; import { DocumentType } from "le-coffre-resources/dist/SuperAdmin";
import { NextFunction, Request, Response } from "express"; import { NextFunction, Request, Response } from "express";
import Container from "typedi"; import Container from "typedi";
import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService";
export default async function deedTypeHandler(req: Request, response: Response, next: NextFunction) { export default async function deedTypeHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; const officeId = req.body.user.office_Id;
@ -31,8 +32,14 @@ export default async function deedTypeHandler(req: Request, response: Response,
} }
if (documentTypes) { if (documentTypes) {
documentTypes.forEach((documentType) => { const documentTypeService = Container.get(DocumentTypesService);
if (documentType.office?.uid != officeId) { documentTypes.forEach(async(documentType) => {
const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if(!documentTypeWithOffice) {
response.sendStatus(HttpCodes.NOT_FOUND);
return;
}
if (documentTypeWithOffice.office?.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.sendStatus(HttpCodes.UNAUTHORIZED);
return; return;
} }

15
src/app/middlewares/OfficeMembershipHandlers/DocumentHandler.ts
View File

@ -4,6 +4,7 @@ import { NextFunction, Request, Response } from "express";
import Container from "typedi"; import Container from "typedi";
import { OfficeFolder } from "le-coffre-resources/dist/SuperAdmin"; import { OfficeFolder } from "le-coffre-resources/dist/SuperAdmin";
import DocumentsService from "@Services/super-admin/DocumentsService/DocumentsService"; import DocumentsService from "@Services/super-admin/DocumentsService/DocumentsService";
import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService";
export default async function documentHandler(req: Request, response: Response, next: NextFunction) { export default async function documentHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; const officeId = req.body.user.office_Id;
@ -16,9 +17,17 @@ export default async function documentHandler(req: Request, response: Response,
return; return;
} }
if (documentType && documentType.office?.uid != officeId) { if (documentType) {
response.sendStatus(HttpCodes.UNAUTHORIZED); const documentTypeService = Container.get(DocumentTypesService);
return; const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if(!documentTypeWithOffice) {
response.sendStatus(HttpCodes.NOT_FOUND);
return;
}
if (documentTypeWithOffice.office?.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED);
return;
}
} }
if (uid) { if (uid) {

4
src/app/middlewares/OfficeMembershipHandlers/FileHandler.ts
View File

@ -13,8 +13,8 @@ export default async function fileHandler(req: Request, response: Response, next
response.sendStatus(HttpCodes.UNAUTHORIZED); response.sendStatus(HttpCodes.UNAUTHORIZED);
return; return;
} }
if(!uid) uid = req.path && req.path.split("/")[6]; if(uid === "download") uid = req.path && req.path.split("/")[6];
if (uid) { if (uid) {
const fileService = Container.get(FilesService); const fileService = Container.get(FilesService);