refacto folders filter

2023-10-02 22:45:16 +02:00 · 2023-10-02 22:45:16 +02:00 · 65b6311cf0
commit 65b6311cf0
parent 2d0517aa10
6 changed files with 50 additions and 17 deletions
--- a/src/app/api/notary/CustomersController.ts
+++ b/src/app/api/notary/CustomersController.ts
@ -29,8 +29,7 @@ export default class CustomersController extends ApiController {
 			}

 			const officeId: string = req.body.user.office_Id;
-			if(query.where?.office_folders?.some?.office_uid) delete query.where.office_folders.some.office_uid;
-			if(query.where?.office_folders?.some?.office?.uid) delete query.where?.office_folders?.some?.office?.uid;
+			if(query.where?.office_folders) delete query.where.office_folders;
 			const customerWhereInput: Prisma.CustomersWhereInput = { ...query.where, office_folders: { some: { office_uid: officeId } }};
 			query.where = customerWhereInput;

--- a/src/app/api/notary/OfficeFoldersController.ts
+++ b/src/app/api/notary/OfficeFoldersController.ts
@ -43,12 +43,10 @@ export default class OfficeFoldersController extends ApiController {
 							{
 								customers: {
 									some: {
-										contact: {
-											OR: [
-												{ first_name: { contains: filter, mode: "insensitive" } },
-												{ last_name: { contains: filter, mode: "insensitive" } },
-											],
-										},
+										OR: [
+											{contact: { first_name: { contains: filter, mode: "insensitive" } }},
+											{contact: { last_name: { contains: filter, mode: "insensitive" } }},
+										]
 									},
 								},
 							},
@ -57,10 +55,11 @@ export default class OfficeFoldersController extends ApiController {
 				};
 			}

-			const officeId: string = req.body.user.office_Id;
-			const officeWhereInput: Prisma.OfficesWhereInput = { uid: officeId };
-			if (!query.where) query.where = { office: officeWhereInput };
-			query.where.office = officeWhereInput;
+			const userId: string = req.body.user.userId;
+			if(query.where?.stakeholders) delete query.where.stakeholders;
+			const officeFoldersWhereInput: Prisma.OfficeFoldersWhereInput = { ...query.where, stakeholders: {some: {uid: userId }}};
+			query.where = officeFoldersWhereInput;
+
 			//call service to get prisma entity
 			const officeFolderEntities: OfficeFolders[] = await this.officeFoldersService.get(query);

--- a/src/app/middlewares/OfficeMembershipHandlers/DocumentHandler.ts
+++ b/src/app/middlewares/OfficeMembershipHandlers/DocumentHandler.ts
@ -49,10 +49,18 @@ export default async function documentHandler(req: Request, response: Response,
 				return;
 			}

-			if (document.folder.office.uid != officeId) {
+			const officeFolderService = Container.get(OfficeFoldersService);
+			const folder = await officeFolderService.getByUidWithStakeholders(document?.folder_uid!);
+
+			if (document.folder.office_uid != officeId) {
 				response.sendStatus(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
 				return;
 			}
+
+			if(!folder?.stakeholders.find(stakeholder => stakeholder.uid === req.body.user.userId)) {
+				response.sendStatus(HttpCodes.UNAUTHORIZED).send("Unauthorized with this user");
+				return;
+			}
 		}

 		next();
--- a/src/app/middlewares/OfficeMembershipHandlers/FolderHandler.ts
+++ b/src/app/middlewares/OfficeMembershipHandlers/FolderHandler.ts
@ -7,7 +7,9 @@ import DeedTypesService from "@Services/super-admin/DeedTypesService/DeedTypesSe
 export default async function folderHandler(req: Request, response: Response, next: NextFunction) {
 	try {
 		const officeId = req.body.user.office_Id;
-		const uid = req.path && req.path.split("/")[-1];
+		const userId = req.body.user.userId;
+		const splittedReqPath = req.path && req.path.split("/");
+		const uid = (splittedReqPath as string[]).pop();
 		const office = req.body.office;
 		const officeFolderNumber = req.body.folder_number;
 		const deed = req.body.deed;
@ -43,17 +45,22 @@ export default async function folderHandler(req: Request, response: Response, ne
 		}

 		if (uid) {
-			const officeFolder = await officeFolderService.getByUidWithOffice(uid!);
+			const officeFolder = await officeFolderService.getByUidWithStakeholders(uid!);

 			if (!officeFolder) {
 				response.status(HttpCodes.NOT_FOUND).send("Office folder not found");
 				return;
 			}

-			if (officeFolder.office.uid != officeId) {
+			if (officeFolder.office_uid != officeId) {
 				response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
 				return;
 			}
+
+			if(!officeFolder.stakeholders.find(stakeholder => stakeholder.uid === userId)) {
+				response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this user");
+				return;
+			}
 		}

 		next();
--- a/src/common/repositories/OfficeFoldersRepository.ts
+++ b/src/common/repositories/OfficeFoldersRepository.ts
@ -137,6 +137,18 @@ export default class OfficeFoldersRepository extends BaseRepository {
 		});
 	}

+	/**
+	 * @description : Find one office folder
+	 */
+	public async findOneByUidWithStakeholders(uid: string) {
+		return this.model.findUnique({
+			where: {
+				uid: uid,
+			},
+			include: { stakeholders: true },
+		});
+	}
+
 	/**
 	 * @description : Delete a folder
 	 */
--- a/src/services/super-admin/OfficeFoldersService/OfficeFoldersService.ts
+++ b/src/services/super-admin/OfficeFoldersService/OfficeFoldersService.ts
@ -62,6 +62,14 @@ export default class OfficeFoldersService extends BaseService {
 		return this.officeFoldersRepository.findOneByUidWithOffice(uid);
 	}

+	/**
+	 * @description : Get a folder by uid
+	 * @throws {Error} If folder cannot be get by uid
+	 */
+	public async getByUidWithStakeholders(uid: string) {
+		return this.officeFoldersRepository.findOneByUidWithStakeholders(uid);
+	}
+
 	/**
 	 * @description : Delete a folder
 	 * @throws {Error} If document cannot be deleted