refacto folders filter

src/app/api/notary/CustomersController.ts

@@ -29,8 +29,7 @@ export default class CustomersController extends ApiController {
 			}
 
 			const officeId: string = req.body.user.office_Id;
-			if(query.where?.office_folders?.some?.office_uid) delete query.where.office_folders.some.office_uid;
+			if(query.where?.office_folders) delete query.where.office_folders;
-			if(query.where?.office_folders?.some?.office?.uid) delete query.where?.office_folders?.some?.office?.uid;
 			const customerWhereInput: Prisma.CustomersWhereInput = { ...query.where, office_folders: { some: { office_uid: officeId } }};
 			query.where = customerWhereInput;
 

src/app/api/notary/OfficeFoldersController.ts

@@ -43,12 +43,10 @@ export default class OfficeFoldersController extends ApiController {
 							{
 								customers: {
 									some: {
-										contact: {
+										OR: [
-											OR: [
+											{contact: { first_name: { contains: filter, mode: "insensitive" } }},
-												{ first_name: { contains: filter, mode: "insensitive" } },
+											{contact: { last_name: { contains: filter, mode: "insensitive" } }},
-												{ last_name: { contains: filter, mode: "insensitive" } },
+										]
-											],
-										},
 									},
 								},
 							},
@@ -57,10 +55,11 @@ export default class OfficeFoldersController extends ApiController {
 				};
 			}
 
-			const officeId: string = req.body.user.office_Id;
+			const userId: string = req.body.user.userId;
-			const officeWhereInput: Prisma.OfficesWhereInput = { uid: officeId };
+			if(query.where?.stakeholders) delete query.where.stakeholders;
-			if (!query.where) query.where = { office: officeWhereInput };
+			const officeFoldersWhereInput: Prisma.OfficeFoldersWhereInput = { ...query.where, stakeholders: {some: {uid: userId }}};
-			query.where.office = officeWhereInput;
+			query.where = officeFoldersWhereInput;
+
 			//call service to get prisma entity
 			const officeFolderEntities: OfficeFolders[] = await this.officeFoldersService.get(query);
 

src/app/middlewares/OfficeMembershipHandlers/DocumentHandler.ts

@@ -49,10 +49,18 @@ export default async function documentHandler(req: Request, response: Response,
 				return;
 			}
 
-			if (document.folder.office.uid != officeId) {
+			const officeFolderService = Container.get(OfficeFoldersService);
+			const folder = await officeFolderService.getByUidWithStakeholders(document?.folder_uid!);
+
+			if (document.folder.office_uid != officeId) {
 				response.sendStatus(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
 				return;
 			}
+
+			if(!folder?.stakeholders.find(stakeholder => stakeholder.uid === req.body.user.userId)) {
+				response.sendStatus(HttpCodes.UNAUTHORIZED).send("Unauthorized with this user");
+				return;
+			}
 		}
 
 		next();

src/app/middlewares/OfficeMembershipHandlers/FolderHandler.ts

@@ -7,7 +7,9 @@ import DeedTypesService from "@Services/super-admin/DeedTypesService/DeedTypesSe
 export default async function folderHandler(req: Request, response: Response, next: NextFunction) {
 	try {
 		const officeId = req.body.user.office_Id;
-		const uid = req.path && req.path.split("/")[-1];
+		const userId = req.body.user.userId;
+		const splittedReqPath = req.path && req.path.split("/");
+		const uid = (splittedReqPath as string[]).pop();
 		const office = req.body.office;
 		const officeFolderNumber = req.body.folder_number;
 		const deed = req.body.deed;
@@ -43,17 +45,22 @@ export default async function folderHandler(req: Request, response: Response, ne
 		}
 
 		if (uid) {
-			const officeFolder = await officeFolderService.getByUidWithOffice(uid!);
+			const officeFolder = await officeFolderService.getByUidWithStakeholders(uid!);
 
 			if (!officeFolder) {
 				response.status(HttpCodes.NOT_FOUND).send("Office folder not found");
 				return;
 			}
 
-			if (officeFolder.office.uid != officeId) {
+			if (officeFolder.office_uid != officeId) {
 				response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
 				return;
 			}
+
+			if(!officeFolder.stakeholders.find(stakeholder => stakeholder.uid === userId)) {
+				response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this user");
+				return;
+			}
 		}
 
 		next();

src/common/repositories/OfficeFoldersRepository.ts

@@ -137,6 +137,18 @@ export default class OfficeFoldersRepository extends BaseRepository {
 		});
 	}
 
+	/**
+	 * @description : Find one office folder
+	 */
+	public async findOneByUidWithStakeholders(uid: string) {
+		return this.model.findUnique({
+			where: {
+				uid: uid,
+			},
+			include: { stakeholders: true },
+		});
+	}
+
 	/**
 	 * @description : Delete a folder
 	 */

src/services/super-admin/OfficeFoldersService/OfficeFoldersService.ts

@@ -62,6 +62,14 @@ export default class OfficeFoldersService extends BaseService {
 		return this.officeFoldersRepository.findOneByUidWithOffice(uid);
 	}
 
+	/**
+	 * @description : Get a folder by uid
+	 * @throws {Error} If folder cannot be get by uid
+	 */
+	public async getByUidWithStakeholders(uid: string) {
+		return this.officeFoldersRepository.findOneByUidWithStakeholders(uid);
+	}
+
 	/**
 	 * @description : Delete a folder
 	 * @throws {Error} If document cannot be deleted