diff --git a/src/app/api/customer/DocumentsController.ts b/src/app/api/customer/DocumentsController.ts index 966b613a..ab286bd1 100644 --- a/src/app/api/customer/DocumentsController.ts +++ b/src/app/api/customer/DocumentsController.ts @@ -8,11 +8,13 @@ import { Document } from "le-coffre-resources/dist/Customer"; import authHandler from "@App/middlewares/AuthHandler"; import documentHandler from "@App/middlewares/CustomerHandler/DocumentHandler"; import { validateOrReject } from "class-validator"; +import OfficeFoldersService from "@Services/super-admin/OfficeFoldersService/OfficeFoldersService"; +import { OfficeFolder } from "le-coffre-resources/dist/Notary"; @Controller() @Service() export default class DocumentsController extends ApiController { - constructor(private documentsService: DocumentsService) { + constructor(private documentsService: DocumentsService, private officeFoldersService: OfficeFoldersService) { super(); } @@ -93,8 +95,23 @@ export default class DocumentsController extends ApiController { protected async post(req: Request, response: Response) { try { //init Document resource with request body values - const documentEntity = Document.hydrate(req.body); + const documentEntity = Document.hydrate(req.body); + if(!documentEntity.folder?.uid) { + this.httpBadRequest(response, "No folder uid provided"); + return; + } + const folder = await this.officeFoldersService.getByUid(documentEntity.folder.uid, {folder_anchor: true}); + if(!folder) { + this.httpBadRequest(response, "Folder not found"); + return; + } + + const folderEntity = OfficeFolder.hydrate(folder); + if (folderEntity.folder_anchor?.status === "VERIFIED_ON_CHAIN") { + this.httpBadRequest(response, "Cannot update a verified folder"); + return; + } //validate document await validateOrReject(documentEntity, { groups: ["createDocument"], forbidUnknownValues: false }); diff --git a/src/app/api/customer/FilesController.ts b/src/app/api/customer/FilesController.ts index 925b30c7..8fedd66d 100644 --- a/src/app/api/customer/FilesController.ts +++ b/src/app/api/customer/FilesController.ts @@ -6,19 +6,16 @@ import FilesService from "@Services/common/FilesService/FilesService"; import { Files, Prisma } from "@prisma/client"; import { File } from "le-coffre-resources/dist/Customer"; import { Document } from "le-coffre-resources/dist/Customer"; -import { validateOrReject } from "class-validator"; import DocumentsService from "@Services/customer/DocumentsService/DocumentsService"; import authHandler from "@App/middlewares/AuthHandler"; import fileHandler from "@App/middlewares/CustomerHandler/FileHandler"; -import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService"; -import { DocumentType } from "le-coffre-resources/dist/SuperAdmin"; -import ObjectHydrate from "@Common/helpers/ObjectHydrate"; import NotificationBuilder from "@Common/notifications/NotificationBuilder"; +import { validateOrReject } from "class-validator"; @Controller() @Service() export default class FilesController extends ApiController { - constructor(private filesService: FilesService, private documentService: DocumentsService, private documentTypesService : DocumentTypesService, private notificationBuilder : NotificationBuilder) { + constructor(private filesService: FilesService, private documentService: DocumentsService, private notificationBuilder : NotificationBuilder) { super(); } @@ -93,7 +90,12 @@ export default class FilesController extends ApiController { const fileEntity = File.hydrate(JSON.parse(req.body["q"])); //validate File - // await validateOrReject(fileEntity, { groups: ["createFile"] }); + try { + await validateOrReject(fileEntity, { groups: ["createFile"] }); + } catch (error) { + this.httpBadRequest(response, error); + return; + } //call service to get prisma entity const fileEntityCreated = await this.filesService.create(fileEntity, req.file); @@ -111,6 +113,7 @@ export default class FilesController extends ApiController { strategy: "excludeAll", }); + //success this.httpCreated(response, fileEntityHydrated); } catch (error) { @@ -226,52 +229,4 @@ export default class FilesController extends ApiController { return; } } - - /** - * @description Create a new File - * @returns File created - */ - @Post("/api/v1/customer/addPersonalFile", [authHandler, fileHandler]) - protected async addPersonalFile(req: Request, response: Response) { - try { - //get file - if (!req.file) throw new Error("No file provided"); - - //init File resource with request body values - const fileEntity = File.hydrate(JSON.parse(req.body["q"])); - - const documentTypeEntities = await this.documentTypesService.get({ where: { name: "Other"} }); - const documentTypeEntity = documentTypeEntities[0]; - const documentType = ObjectHydrate.hydrate(new DocumentType(), documentTypeEntity!, { strategy: "excludeAll" }); - - const documentEntity = Document.hydrate({document_type: documentType}); - await validateOrReject(documentEntity, { groups: ["createDocument"], forbidUnknownValues: false }); - const documentEntityCreated = await this.documentService.create(documentEntity); - - const document = Document.hydrate(documentEntityCreated, { - strategy: "excludeAll", - }); - - fileEntity.document = document; - - const fileEntityCreated = await this.filesService.create(fileEntity, req.file); - - const documentToUpdate = Document.hydrate(document!); - - documentToUpdate!.document_status = "DEPOSITED"; - await this.documentService.update(document!.uid!, documentToUpdate); - - //Hydrate ressource with prisma entity - const fileEntityHydrated = File.hydrate(fileEntityCreated, { - strategy: "excludeAll", - }); - - //success - this.httpCreated(response, fileEntityHydrated); - - } catch (error) { - this.httpBadRequest(response, error); - return; - } - } } diff --git a/src/app/api/notary/OfficeFoldersController.ts b/src/app/api/notary/OfficeFoldersController.ts index e6f113a0..d5a5b115 100644 --- a/src/app/api/notary/OfficeFoldersController.ts +++ b/src/app/api/notary/OfficeFoldersController.ts @@ -122,11 +122,11 @@ export default class OfficeFoldersController extends ApiController { //init OfficeFolder resource with request body values const officefolderToUpdate = OfficeFolder.hydrate(req.body); - const officeFolderFoundRessource = OfficeFolder.hydrate(officeFolderFound); + const officeFolderFoundEntity = OfficeFolder.hydrate(officeFolderFound); //validate folder await validateOrReject(officefolderToUpdate, { groups: ["updateFolder"], forbidUnknownValues: false }); - if (officeFolderFoundRessource.folder_anchor?.status === "VERIFIED_ON_CHAIN") { + if (officeFolderFoundEntity.folder_anchor?.status === "VERIFIED_ON_CHAIN") { this.httpBadRequest(response, "Cannot update a verified folder"); return; } diff --git a/src/app/middlewares/CustomerHandler/DocumentHandler.ts b/src/app/middlewares/CustomerHandler/DocumentHandler.ts index f263f7dd..71c0cded 100644 --- a/src/app/middlewares/CustomerHandler/DocumentHandler.ts +++ b/src/app/middlewares/CustomerHandler/DocumentHandler.ts @@ -1,5 +1,6 @@ import HttpCodes from "@Common/system/controller-pattern/HttpCodes"; import DocumentsService from "@Services/customer/DocumentsService/DocumentsService"; +import Document from "le-coffre-resources/dist/SuperAdmin/Document"; import { NextFunction, Request, Response } from "express"; import Container from "typedi"; @@ -14,15 +15,27 @@ export default async function documentHandler(req: Request, response: Response, } const documentService = Container.get(DocumentsService); - const document = await documentService.getByUid(uid); + const document = await documentService.getByUid(uid, { folder: { include: { folder_anchor: true } } }); + + if (!document) { + response.status(HttpCodes.NOT_FOUND).send("Document not found"); + return; + } if (document?.depositor_uid != customerId) { response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor"); return; } + if (req.method === "POST" || req.method === "PUT") { + const documentEntity = Document.hydrate(document); + if (documentEntity.folder?.folder_anchor?.status === "VERIFIED_ON_CHAIN") { + response.status(HttpCodes.BAD_REQUEST).send("Cannot update a verified folder"); + return; + } + } + next(); - } catch (error) { console.log(error); response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error"); diff --git a/src/app/middlewares/CustomerHandler/FileHandler.ts b/src/app/middlewares/CustomerHandler/FileHandler.ts index 42a85c11..212ea3f7 100644 --- a/src/app/middlewares/CustomerHandler/FileHandler.ts +++ b/src/app/middlewares/CustomerHandler/FileHandler.ts @@ -1,15 +1,17 @@ import HttpCodes from "@Common/system/controller-pattern/HttpCodes"; import FilesService from "@Services/common/FilesService/FilesService"; import DocumentsService from "@Services/customer/DocumentsService/DocumentsService"; +import File from "le-coffre-resources/dist/SuperAdmin/File"; import { NextFunction, Request, Response } from "express"; import Container from "typedi"; +import { EDocumentStatus } from "@prisma/client"; export default async function fileHandler(req: Request, response: Response, next: NextFunction) { const customerId = req.body.user.customerId; const uid = req.path && req.path.split("/")[5]; - const document = req.body.document; + const file: string | undefined = req.body["q"]; - if (req.file?.mimetype !== "application/pdf" && req.file?.mimetype !== "image/png" && req.file?.mimetype !== "image/jpeg") { + if (req.file && req.file.mimetype !== "application/pdf" && req.file.mimetype !== "image/png" && req.file.mimetype !== "image/jpeg") { response.status(HttpCodes.BAD_REQUEST).send("File type not supported"); return; } @@ -25,12 +27,18 @@ export default async function fileHandler(req: Request, response: Response, next response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor"); return; } + if (req.method === "PUT") { + if (file.document.document_status === EDocumentStatus.VALIDATED) { + response.status(HttpCodes.BAD_REQUEST).send("Cannot update a validated document"); + return; + } + } } - - if (document) { + if (file) { + const fileEntity = File.hydrate(JSON.parse(file)); const documentService = Container.get(DocumentsService); - const documentFound = await documentService.getByUid(document.uid!); - if(!documentFound) { + const documentFound = await documentService.getByUid(fileEntity.document?.uid!, { folder: { include: { folder_anchor: true } } }); + if (!documentFound) { response.status(HttpCodes.NOT_FOUND).send("Document not found"); return; } @@ -38,6 +46,10 @@ export default async function fileHandler(req: Request, response: Response, next response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor"); return; } + if (documentFound.document_status === EDocumentStatus.VALIDATED) { + response.status(HttpCodes.BAD_REQUEST).send("Cannot update a validated document"); + return; + } } next();