Merge 'dev' in 'staging' (#64)

package.json

@@ -52,7 +52,7 @@
     "cron": "^2.3.1",
     "express": "^4.18.2",
     "jsonwebtoken": "^9.0.0",
-    "le-coffre-resources": "git@github.com:smart-chain-fr/leCoffre-resources.git#v2.66",
+    "le-coffre-resources": "git@github.com:smart-chain-fr/leCoffre-resources.git#v2.69",
     "module-alias": "^2.2.2",
     "multer": "^1.4.5-lts.1",
     "next": "^13.1.5",

src/app/api/admin/CustomersController.ts

@@ -7,6 +7,7 @@ import { Customer } from "le-coffre-resources/dist/Admin";
 import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Get all customers
 	 */
-	@Get("/api/v1/admin/customers", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/customers", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -70,7 +71,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Modify a specific customer by uid
 	 */
-	@Put("/api/v1/admin/customers/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -111,7 +112,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Get a specific customer by uid
 	 */
-	@Get("/api/v1/admin/customers/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/DeedTypesController.ts

@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import deedTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DeedTypeHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Get all deedtypes
 	 * @returns Deedtype[] list of deedtypes
 	 */
-	@Get("/api/v1/admin/deed-types", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/deed-types", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -65,7 +66,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Create a new deedtype
 	 * @returns Deedtype created
 	 */
-	@Post("/api/v1/admin/deed-types", [authHandler, ruleHandler, deedTypeHandler])
+	@Post("/api/v1/admin/deed-types", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init DeedType resource with request body values
@@ -99,7 +100,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Modify a specific deedtype by uid
 	 * @returns Deedtype modified
 	 */
-	@Put("/api/v1/admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
+	@Put("/api/v1/admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -141,7 +142,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Get a specific deedtype by uid
 	 * @returns IDeedtype
 	 */
-	@Get("/api/v1/admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
+	@Get("/api/v1/admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/DeedsController.ts

@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import deedHandler from "@App/middlewares/OfficeMembershipHandlers/DeedHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DeedsController extends ApiController {
 	 * @description Get all deeds
 	 * @returns Deed[] list of deeds
 	 */
-	@Get("/api/v1/admin/deeds", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/deeds", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -52,7 +53,7 @@ export default class DeedsController extends ApiController {
 	 * @description Get a specific deed by uid
 	 * @returns Deed
 	 */
-	@Get("/api/v1/admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
+	@Get("/api/v1/admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -87,7 +88,7 @@ export default class DeedsController extends ApiController {
 	/**
 	 * @description Modify a specific deed by uid
 	 */
-	@Put("/api/v1/admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
+	@Put("/api/v1/admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/DocumentTypesController.ts

@@ -10,6 +10,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import documentTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentTypeHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Get all document-types
 	 */
-	@Get("/api/v1/admin/document-types", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/document-types", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -53,7 +54,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Create a new documentType
 	 */
-	@Post("/api/v1/admin/document-types", [authHandler, ruleHandler, documentTypeHandler])
+	@Post("/api/v1/admin/document-types", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init DocumentType resource with request body values
@@ -77,7 +78,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Modify a specific documentType by uid
 	 */
-	@Put("/api/v1/admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
+	@Put("/api/v1/admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/DocumentsController.ts

@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import documentHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DocumentsController extends ApiController {
 	 * @description Get all documents
 	 * @returns IDocument[] list of documents
 	 */
-	@Get("/api/v1/admin/documents", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/documents", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -52,7 +53,7 @@ export default class DocumentsController extends ApiController {
 	 * @description Create a new document
 	 * @returns IDocument created
 	 */
-	@Post("/api/v1/admin/documents", [authHandler, ruleHandler, documentHandler])
+	@Post("/api/v1/admin/documents", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init Document resource with request body values
@@ -80,7 +81,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Update a specific document
 	 */
-	@Put("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Put("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async update(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -119,7 +120,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Delete a specific document
 	 */
-	@Delete("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Delete("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -152,7 +153,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Get a specific document by uid
 	 */
-	@Get("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Get("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/FilesController.ts

@@ -8,6 +8,7 @@ import { File } from "le-coffre-resources/dist/Admin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import fileHandler from "@App/middlewares/OfficeMembershipHandlers/FileHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class FilesController extends ApiController {
 	 * @description Get all Files
 	 * @returns File[] list of Files
 	 */
-	@Get("/api/v1/admin/files", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/files", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -49,7 +50,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Get a specific File by uid
 	 */
-	@Get("/api/v1/admin/files/download/:uid", [authHandler, ruleHandler, fileHandler])
+	@Get("/api/v1/admin/files/download/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async download(req: Request, response: Response) {
 		const uid = req.params["uid"];
 		if (!uid) {
@@ -77,7 +78,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Delete a specific File
 	 */
-	@Delete("/api/v1/admin/files/:uid", [authHandler, ruleHandler, fileHandler])
+	@Delete("/api/v1/admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -115,7 +116,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Get a specific File by uid
 	 */
-	@Get("/api/v1/admin/files/:uid", [authHandler, ruleHandler, fileHandler])
+	@Get("/api/v1/admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/OfficeFoldersController.ts

@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import folderHandler from "@App/middlewares/OfficeMembershipHandlers/FolderHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Get all folders
 	 */
-	@Get("/api/v1/admin/folders", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/folders", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -80,7 +81,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Create a new folder
 	 */
-	@Post("/api/v1/admin/folders", [authHandler, ruleHandler, folderHandler])
+	@Post("/api/v1/admin/folders", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init OfficeFolder resource with request body values
@@ -104,7 +105,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Modify a specific folder by uid
 	 */
-	@Put("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Put("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -146,7 +147,7 @@ export default class OfficeFoldersController extends ApiController {
 	 * @description Get a specific folder by uid
 	 * @returns IFolder
 	 */
-	@Get("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Get("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -182,7 +183,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Delete a specific folder
 	 */
-	@Delete("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Delete("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/OfficeRolesController.ts

@@ -9,6 +9,7 @@ import { Prisma } from "@prisma/client";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Get all officeRoles
 	 */
-	@Get("/api/v1/admin/office-roles", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/office-roles", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -63,7 +64,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Create a new officeRole
 	 */
-	@Post("/api/v1/admin/office-roles", [authHandler, ruleHandler, officeRoleHandler])
+	@Post("/api/v1/admin/office-roles", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async getAddresses(req: Request, response: Response) {
 		try {
 			//init IOfficeRole resource with request body values
@@ -91,7 +92,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Modify a specific officeRole by uid
 	 */
-	@Put("/api/v1/admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
+	@Put("/api/v1/admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -132,7 +133,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Get a specific officeRole by uid
 	 */
-	@Get("/api/v1/admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
+	@Get("/api/v1/admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/OfficesController.ts

@@ -7,6 +7,7 @@ import { Offices } from "@prisma/client";
 import { Office as OfficeResource } from "le-coffre-resources/dist/Admin";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import authHandler from "@App/middlewares/AuthHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -17,7 +18,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Get all offices
 	 */
-	@Get("/api/v1/admin/offices", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/offices", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -40,7 +41,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Get a specific office by uid
 	 */
-	@Get("/api/v1/admin/offices/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/RolesController.ts

@@ -6,6 +6,7 @@ import { Service } from "typedi";
 import { Role } from "le-coffre-resources/dist/Admin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -17,7 +18,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Get all roles
 	 */
-	@Get("/api/v1/admin/roles", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/roles", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -43,7 +44,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Get a specific role by uid
 	 */
-	@Get("/api/v1/admin/roles/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/RulesController.ts

@@ -6,6 +6,7 @@ import { Service } from "typedi";
 import { Rule } from "le-coffre-resources/dist/Admin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -17,7 +18,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Get all rules
 	 */
-	@Get("/api/v1/admin/rules", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/rules", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -43,7 +44,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Get a specific rule by uid
 	 */
-	@Get("/api/v1/admin/rules/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/admin/UsersController.ts

@@ -8,19 +8,21 @@ import { Prisma } from "@prisma/client";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import userHandler from "@App/middlewares/OfficeMembershipHandlers/UserHandler";
-import { validateOrReject } from "class-validator";
+import roleHandler from "@App/middlewares/RolesHandler";
+import RolesService from "@Services/admin/RolesService/RolesService";
+import OfficeRolesService from "@Services/admin/OfficeRolesService/OfficeRolesService";
 
 @Controller()
 @Service()
 export default class UsersController extends ApiController {
-	constructor(private usersService: UsersService) {
+	constructor(private usersService: UsersService, private roleService: RolesService, private officeRoleService: OfficeRolesService) {
 		super();
 	}
 
 	/**
 	 * @description Get all users
 	 */
-	@Get("/api/v1/admin/users", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/users", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -65,7 +67,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Modify a specific user by uid
 	 */
-		@Put("/api/v1/admin/users/:uid", [authHandler, ruleHandler])
+		@Put("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler])
 		protected async put(req: Request, response: Response) {
 			try {
 				const uid = req.params["uid"];
@@ -74,7 +76,7 @@ export default class UsersController extends ApiController {
 					return;
 				}
 	
-				const userFound = await this.usersService.getByUid(uid);
+				const userFound = await this.usersService.getByUidWithRole(uid);
 	
 				if (!userFound) {
 					this.httpNotFoundRequest(response, "user not found");
@@ -84,9 +86,29 @@ export default class UsersController extends ApiController {
 				//init IUser resource with request body values
 				const userEntity = User.hydrate<User>(req.body);
 	
-				//validate user
+				if(userEntity.role) {
-				await validateOrReject(userEntity, { groups: ["updateUser"] });
+					const role = await this.roleService.getByUid(userEntity.role.uid!);
+					if(!role) {
+						this.httpBadRequest(response, "Role not found");
+						return;
+					}
+					if (role.name === "super-admin" || userFound.role.name === "super-admin" ) {
+						this.httpBadRequest(response, "Cannot assign or remove super-admin role");
+						return;
+					}
+				}
 
+				if(userEntity.office_role) {
+					const officeRole = await this.officeRoleService.getByUid(userEntity.office_role.uid!);
+					if(!officeRole) {
+						this.httpBadRequest(response, "Office role not found");
+						return;
+					}
+					if (officeRole.office_uid != userFound.office_uid) {
+						this.httpBadRequest(response, "Cannot assign an office role from another office");
+						return;
+					}
+				}
 				//call service to get prisma entity
 				const userEntityUpdated = await this.usersService.update(uid, userEntity);
 	
@@ -106,7 +128,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Get a specific user by uid
 	 */
-	@Get("/api/v1/admin/users/:uid", [authHandler, ruleHandler, userHandler])
+	@Get("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler, userHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/customer/DocumentsController.ts

@@ -28,12 +28,9 @@ export default class DocumentsController extends ApiController {
 				query = JSON.parse(req.query["q"] as string);
 			}
 			
-			
+			const customerId: string = req.body.user.customerId;
-			//This was useless and was causing a bug
+			const customerWhereInput: Prisma.DocumentsWhereInput ={ depositor: { uid: customerId } };
-
+			query.where = customerWhereInput;
-			// const customerId: string = req.body.user.customerId;
-			// const customerWhereInput: Prisma.DocumentsWhereInput ={ depositor: { uid: customerId } };
-			// query.where = customerWhereInput;
 			
 
 			//call service to get prisma entity

src/app/api/customer/FilesController.ts

@@ -135,9 +135,6 @@ export default class FilesController extends ApiController {
 			//init File resource with request body values
 			const fileEntity = File.hydrate<File>(req.body);
 
-			//validate file
-			await validateOrReject(fileEntity, { groups: ["updateFile"] });
-
 			//call service to get prisma entity
 			const fileEntityUpdated: Files = await this.filesService.update(uid, fileEntity);
 

src/app/api/super-admin/AppointmentsController.ts

@@ -5,6 +5,7 @@ import AppointmentsService from "@Services/super-admin/AppointmentsService/Appoi
 import { Service } from "typedi";
 import { Appointment } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -16,7 +17,7 @@ export default class AppointmentsController extends ApiController {
 	/**
 	 * @description Get all appointments
 	 */
-	@Get("/api/v1/super-admin/appointments", [authHandler])
+	@Get("/api/v1/super-admin/appointments", [authHandler, roleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -42,7 +43,7 @@ export default class AppointmentsController extends ApiController {
 	/**
 	 * @description Get a specific appointment by uid
 	 */
-	@Get("/api/v1/super-admin/appointments/:uid", [authHandler])
+	@Get("/api/v1/super-admin/appointments/:uid", [authHandler, roleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/CustomersController.ts

@@ -7,6 +7,7 @@ import { Customer } from "le-coffre-resources/dist/SuperAdmin";
 import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Get all customers
 	 */
-	@Get("/api/v1/super-admin/customers", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/customers", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -44,7 +45,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Create a new customer
 	 */
-	@Post("/api/v1/super-admin/customers", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/customers", [authHandler, roleHandler, ruleHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init IUser resource with request body values
@@ -70,7 +71,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Modify a specific customer by uid
 	 */
-	@Put("/api/v1/super-admin/customers/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -111,7 +112,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Get a specific customer by uid
 	 */
-	@Get("/api/v1/super-admin/customers/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/DeedTypesController.ts

@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import deedTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DeedTypeHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Get all deedtypes
 	 * @returns Deedtype[] list of deedtypes
 	 */
-	@Get("/api/v1/super-admin/deed-types", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/deed-types", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -65,7 +66,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Create a new deedtype
 	 * @returns Deedtype created
 	 */
-	@Post("/api/v1/super-admin/deed-types", [authHandler, ruleHandler, deedTypeHandler])
+	@Post("/api/v1/super-admin/deed-types", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init DeedType resource with request body values
@@ -94,7 +95,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Modify a specific deedtype by uid
 	 * @returns Deedtype modified
 	 */
-	@Put("/api/v1/super-admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
+	@Put("/api/v1/super-admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -136,7 +137,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Get a specific deedtype by uid
 	 * @returns IDeedtype
 	 */
-	@Get("/api/v1/super-admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
+	@Get("/api/v1/super-admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/DeedsController.ts

@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import deedHandler from "@App/middlewares/OfficeMembershipHandlers/DeedHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DeedsController extends ApiController {
 	 * @description Get all deeds
 	 * @returns Deed[] list of deeds
 	 */
-	@Get("/api/v1/super-admin/deeds", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/deeds", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -52,7 +53,7 @@ export default class DeedsController extends ApiController {
 	 * @description Get a specific deed by uid
 	 * @returns Deed
 	 */
-	@Get("/api/v1/super-admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
+	@Get("/api/v1/super-admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -87,7 +88,7 @@ export default class DeedsController extends ApiController {
 	/**
 	 * @description Modify a specific deed by uid
 	 */
-	@Put("/api/v1/super-admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
+	@Put("/api/v1/super-admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/DocumentTypesController.ts

@@ -10,6 +10,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import documentTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentTypeHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Get all document-types
 	 */
-	@Get("/api/v1/super-admin/document-types", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/document-types", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -53,7 +54,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Create a new documentType
 	 */
-	@Post("/api/v1/super-admin/document-types", [authHandler, ruleHandler, documentTypeHandler])
+	@Post("/api/v1/super-admin/document-types", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init DocumentType resource with request body values
@@ -82,7 +83,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Modify a specific documentType by uid
 	 */
-	@Put("/api/v1/super-admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
+	@Put("/api/v1/super-admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -122,7 +123,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Get a specific documentType by uid
 	 */
-	@Get("/api/v1/super-admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
+	@Get("/api/v1/super-admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/DocumentsController.ts

@@ -1,5 +1,6 @@
 import authHandler from "@App/middlewares/AuthHandler";
 import documentHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import ApiController from "@Common/system/controller-pattern/ApiController";
 import { Controller, Delete, Get, Post, Put } from "@ControllerPattern/index";
@@ -21,7 +22,7 @@ export default class DocumentsController extends ApiController {
 	 * @description Get all documents
 	 * @returns IDocument[] list of documents
 	 */
-	@Get("/api/v1/super-admin/documents", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/documents", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -56,7 +57,7 @@ export default class DocumentsController extends ApiController {
 	 * @description Create a new document
 	 * @returns IDocument created
 	 */
-	@Post("/api/v1/super-admin/documents", [authHandler, ruleHandler, documentHandler])
+	@Post("/api/v1/super-admin/documents", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init Document resource with request body values
@@ -84,7 +85,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Update a specific document
 	 */
-	@Put("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Put("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async update(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -123,7 +124,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Delete a specific document
 	 */
-	@Delete("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Delete("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -156,7 +157,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Get a specific document by uid
 	 */
-	@Get("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Get("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/FilesController.ts

@@ -8,6 +8,7 @@ import { File } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import fileHandler from "@App/middlewares/OfficeMembershipHandlers/FileHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class FilesController extends ApiController {
 	 * @description Get all Files
 	 * @returns File[] list of Files
 	 */
-	@Get("/api/v1/super-admin/files", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/files", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -50,7 +51,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Get a specific File by uid
 	 */
-	@Get("/api/v1/super-admin/files/download/:uid", [authHandler, ruleHandler, fileHandler])
+	@Get("/api/v1/super-admin/files/download/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async download(req: Request, response: Response) {
 		const uid = req.params["uid"];
 		if (!uid) {
@@ -78,7 +79,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Delete a specific File
 	 */
-	@Delete("/api/v1/super-admin/files/:uid", [authHandler, ruleHandler, fileHandler])
+	@Delete("/api/v1/super-admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -116,7 +117,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Get a specific File by uid
 	 */
-	@Get("/api/v1/super-admin/files/:uid", [authHandler, ruleHandler, fileHandler])
+	@Get("/api/v1/super-admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/LiveVoteController.ts

@@ -1,4 +1,5 @@
 import authHandler from "@App/middlewares/AuthHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 import ApiController from "@Common/system/controller-pattern/ApiController";
 import { Controller, Post } from "@ControllerPattern/index";
 import { EAppointmentStatus } from "@prisma/client";
@@ -26,7 +27,7 @@ export default class LiveVoteController extends ApiController {
 	/**
 	 * @description Create a new vote
 	 */
-	@Post("/api/v1/super-admin/live-votes", [authHandler])
+	@Post("/api/v1/super-admin/live-votes", [authHandler, roleHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			const userId = req.body.user.userId;

src/app/api/super-admin/OfficeFoldersController.ts

@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import folderHandler from "@App/middlewares/OfficeMembershipHandlers/FolderHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Get all folders
 	 */
-	@Get("/api/v1/super-admin/folders", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/folders", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -79,7 +80,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Create a new folder
 	 */
-	@Post("/api/v1/super-admin/folders", [authHandler, ruleHandler, folderHandler])
+	@Post("/api/v1/super-admin/folders", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init OfficeFolder resource with request body values
@@ -103,7 +104,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Modify a specific folder by uid
 	 */
-	@Put("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Put("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -145,7 +146,7 @@ export default class OfficeFoldersController extends ApiController {
 	 * @description Get a specific folder by uid
 	 * @returns IFolder
 	 */
-	@Get("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Get("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -180,7 +181,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Delete a specific folder
 	 */
-	@Delete("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Delete("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/OfficeRolesController.ts

@@ -9,6 +9,7 @@ import { Prisma } from "@prisma/client";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Get all officeRoles
 	 */
-	@Get("/api/v1/super-admin/office-roles", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/office-roles", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -62,7 +63,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Create a new officeRole
 	 */
-	@Post("/api/v1/super-admin/office-roles", [authHandler, ruleHandler, officeRoleHandler])
+	@Post("/api/v1/super-admin/office-roles", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async getAddresses(req: Request, response: Response) {
 		try {
 			//init IOfficeRole resource with request body values
@@ -90,7 +91,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Modify a specific officeRole by uid
 	 */
-	@Put("/api/v1/super-admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
+	@Put("/api/v1/super-admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -131,7 +132,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Get a specific officeRole by uid
 	 */
-	@Get("/api/v1/super-admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
+	@Get("/api/v1/super-admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/OfficesController.ts

@@ -8,6 +8,7 @@ import { Office as OfficeResource } from "le-coffre-resources/dist/SuperAdmin";
 import { validateOrReject } from "class-validator";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import authHandler from "@App/middlewares/AuthHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Get all offices
 	 */
-	@Get("/api/v1/super-admin/offices", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/offices", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -53,7 +54,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Create a new office
 	 */
-	@Post("/api/v1/super-admin/offices", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/offices", [authHandler, roleHandler, ruleHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init IUser resource with request body values
@@ -76,7 +77,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Modify a specific office by uid
 	 */
-	@Put("/api/v1/super-admin/offices/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -93,8 +94,7 @@ export default class OfficesController extends ApiController {
 			}
 			//init IUser resource with request body values
 			const officeEntity = OfficeResource.hydrate<OfficeResource>(req.body);
-			//validate user
+
-			await validateOrReject(officeEntity, { groups: ["updateOffice"] });
 			//call service to get prisma entity
 			const officeEntityUpdated = await this.officesService.update(uid, officeEntity);
 			//Hydrate ressource with prisma entity
@@ -111,7 +111,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Get a specific office by uid
 	 */
-	@Get("/api/v1/super-admin/offices/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/RolesController.ts

@@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
 import { Role } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Get all roles
 	 */
-	@Get("/api/v1/super-admin/roles", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/roles", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -44,7 +45,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Create a new role
 	 */
-	@Post("/api/v1/super-admin/roles", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/roles", [authHandler, roleHandler, ruleHandler])
 	protected async getAddresses(req: Request, response: Response) {
 		try {
 			//init IRole resource with request body values
@@ -72,7 +73,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Modify a specific role by uid
 	 */
-	@Put("/api/v1/super-admin/roles/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -113,7 +114,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Get a specific role by uid
 	 */
-	@Get("/api/v1/super-admin/roles/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/RulesController.ts

@@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
 import { Rule } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Get all rules
 	 */
-	@Get("/api/v1/super-admin/rules", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/rules", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -44,7 +45,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Create a new rule
 	 */
-	@Post("/api/v1/super-admin/rules", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/rules", [authHandler, roleHandler, ruleHandler])
 	protected async getAddresses(req: Request, response: Response) {
 		try {
 			//init IRule resource with request body values
@@ -72,7 +73,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Modify a specific rule by uid
 	 */
-	@Put("/api/v1/super-admin/rules/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -91,9 +92,6 @@ export default class RulesController extends ApiController {
 			//init IRule resource with request body values
 			const ruleEntity = Rule.hydrate<Rule>(req.body);
 
-			//validate rule
-			await validateOrReject(ruleEntity, { groups: ["updateRule"] });
-
 			//call service to get prisma entity
 			const ruleEntityUpdated = await this.rulesService.update(ruleEntity);
 
@@ -113,7 +111,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Get a specific rule by uid
 	 */
-	@Get("/api/v1/super-admin/rules/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/UsersController.ts

@@ -7,18 +7,21 @@ import { validateOrReject } from "class-validator";
 import User from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
+import RolesService from "@Services/super-admin/RolesService/RolesService";
+import OfficeRolesService from "@Services/super-admin/OfficeRolesService/OfficeRolesService";
 
 @Controller()
 @Service()
 export default class UsersController extends ApiController {
-	constructor(private usersService: UsersService) {
+	constructor(private usersService: UsersService, private roleService: RolesService, private officeRoleService: OfficeRolesService) {
 		super();
 	}
 
 	/**
 	 * @description Get all users
 	 */
-	@Get("/api/v1/super-admin/users", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/users", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -58,7 +61,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Create a new user
 	 */
-	@Post("/api/v1/super-admin/users", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/users", [authHandler, roleHandler, ruleHandler])
 	protected async create(req: Request, response: Response) {
 		try {
 			//init IUser resource with request body values
@@ -86,7 +89,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Modify a specific user by uid
 	 */
-	@Put("/api/v1/super-admin/users/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/users/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -96,7 +99,7 @@ export default class UsersController extends ApiController {
 				return;
 			}
 
-			const userFound = await this.usersService.getByUid(uid, {role: true, votes: true});
+			const userFound = await this.usersService.getByUidWithRole(uid);
 
 			if (!userFound) {
 				this.httpNotFoundRequest(response, "user not found");
@@ -106,8 +109,29 @@ export default class UsersController extends ApiController {
 			//init IUser resource with request body values
 			const userEntity = User.hydrate<User>(req.body);
 
-			//validate user
+			if(userEntity.role) {
-			await validateOrReject(userEntity, { groups: ["updateUser"] });
+				const role = await this.roleService.getByUid(userEntity.role.uid!);
+				if(!role) {
+					this.httpBadRequest(response, "Role not found");
+					return;
+				}
+				if (role.name === "super-admin" || userFound.role.name === "super-admin" ) {
+					this.httpBadRequest(response, "Cannot assign or remove super-admin role");
+					return;
+				}
+			}
+
+			if(userEntity.office_role) {
+				const officeRole = await this.officeRoleService.getByUid(userEntity.office_role.uid!);
+				if(!officeRole) {
+					this.httpBadRequest(response, "Office role not found");
+					return;
+				}
+				if (officeRole.office_uid != userFound.office_uid) {
+					this.httpBadRequest(response, "Cannot assign an office role from another office");
+					return;
+				}
+			}
 			
 			//call service to get prisma entity
 			const userEntityUpdated = await this.usersService.update(uid, userEntity);
@@ -128,7 +152,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Get a specific user by uid
 	 */
-	@Get("/api/v1/super-admin/users/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/users/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/api/super-admin/VotesController.ts

@@ -6,6 +6,7 @@ import { Service } from "typedi";
 import { Vote } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import { Votes } from "@prisma/client";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -17,7 +18,7 @@ export default class VotesController extends ApiController {
 	/**
 	 * @description Get all votes
 	 */
-	@Get("/api/v1/super-admin/votes", [authHandler])
+	@Get("/api/v1/super-admin/votes", [authHandler, roleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -43,7 +44,7 @@ export default class VotesController extends ApiController {
 	/**
 	 * @description Get a specific vote by uid
 	 */
-	@Get("/api/v1/super-admin/votes/:uid", [authHandler])
+	@Get("/api/v1/super-admin/votes/:uid", [authHandler, roleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -78,7 +79,7 @@ export default class VotesController extends ApiController {
 	/**
 	 * @description Delete a specific vote
 	 */
-	@Delete("/api/v1/super-admin/votes/:uid", [authHandler])
+	@Delete("/api/v1/super-admin/votes/:uid", [authHandler, roleHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];

src/app/middlewares/RolesHandler.ts

@@ -0,0 +1,22 @@
+import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
+import { NextFunction, Request, Response } from "express";
+
+export default async function roleHandler(req: Request, response: Response, next: NextFunction) {
+	try {
+
+		const namespace = req.path && req.path.split("/")[3];
+		const role = req.body.user.role;
+
+		if (namespace != "notary" && role != namespace && role != "super-admin") {
+			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
+			return;
+		}
+
+		next();
+		
+	} catch (error) {
+		console.log(error);
+		response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
+		return;
+	}
+}

src/app/middlewares/RulesHandler.ts

@@ -6,19 +6,7 @@ export default async function ruleHandler(req: Request, response: Response, next
 		const rules = req.body.user.rules;
 		const service = req.path && req.path.split("/")[4];
 
-		// if (!rules) {
+		if (!rules.includes(req.method + " " + service)) {
-		// 	response.status(HttpCodes.UNAUTHORIZED).send("Missing rules in JWT");
-		// 	return;
-		// }
-		const namespace = req.path && req.path.split("/")[3];
-		const role = req.body.user.role;
-
-		if (namespace != "notary" && role != namespace && role != "super-admin") {
-			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
-			return;
-		}
-
-		if (!rules.includes(req.method + " " + service) && role != "super-admin") {
 			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");
 			return;
 		}

src/common/databases/migrations/20230816144031_v22/migration.sql

@@ -0,0 +1,12 @@
+/*
+  Warnings:
+
+  - Added the required column `label` to the `roles` table without a default value. This is not possible if the table is not empty.
+  - Added the required column `label` to the `rules` table without a default value. This is not possible if the table is not empty.
+
+*/
+-- AlterTable
+ALTER TABLE "roles" ADD COLUMN     "label" VARCHAR(255) NOT NULL;
+
+-- AlterTable
+ALTER TABLE "rules" ADD COLUMN     "label" VARCHAR(255) NOT NULL;

src/common/databases/schema.prisma

@@ -241,6 +241,7 @@ model DeedTypes {
 model Roles {
   uid        String    @id @unique @default(uuid())
   name       String    @db.VarChar(255)
+  label      String    @db.VarChar(255)
   created_at DateTime? @default(now())
   updated_at DateTime? @updatedAt
   rules      Rules[]   @relation("RolesHasRules")
@@ -265,6 +266,7 @@ model OfficeRoles {
 model Rules {
   uid          String        @id @unique @default(uuid())
   name         String        @db.VarChar(255)
+  label        String        @db.VarChar(255)
   created_at   DateTime?     @default(now())
   updated_at   DateTime?     @updatedAt
   role         Roles[]       @relation("RolesHasRules")

src/common/databases/seeders/seeder.ts

@@ -515,301 +515,289 @@ export default async function main() {
 		const rules: Rule[] = [
 			{
 				name: "GET users",
+				label: "Lecture des utilisateurs",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET offices",
+				label: "Lecture des offices",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET customers",
+				label: "Lecture des clients",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET deeds",
+				label: "Lecture des actes",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET deed-types",
+				label: "Lecture des types d'actes",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET documents",
+				label: "Lecture des documents",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET document-types",
+				label: "Lecture des types de documents",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET files",
+				label: "Lecture des fichiers",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET folders",
+				label: "Lecture des dossiers",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET roles",
+				label: "Lecture utilisateurs",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET rules",
+				label: "Lecture des droits",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "GET office-roles",
+				label: "Lecture des rôles d'office",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT users",
+				label: "Modification des utilisateurs",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT offices",
+				label: "Modification des offices",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT customers",
+				label: "Modification des clients",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT deeds",
+				label: "Modification des actes",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT deed-types",
+				label: "Modification des types d'actes",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT documents",
+				label: "Modification des documents",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT document-types",
+				label: "Modification des types de documents",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT files",
+				label: "Modification des fichiers",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT folders",
+				label: "Modification des dossiers",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT roles",
+				label: "Modification des rôles",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT rules",
+				label: "Modification des droits",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "PUT office-roles",
+				label: "Modification des rôles d'office",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST users",
+				label: "Création des utilisateurs",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST offices",
+				label: "Création des offices",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST customers",
+				label: "Création des clients",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST deeds",
+				label: "Création des actes",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST deed-types",
+				label: "Création des types d'actes",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST documents",
+				label: "Création des documents",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST document-types",
+				label: "Création des types de documents",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST files",
+				label: "Création des fichiers",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST folders",
+				label: "Création des dossiers",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST roles",
+				label: "Création des rôles",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST rules",
+				label: "Création des droits",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "POST office-roles",
-				created_at: new Date(),
+				label: "Création des rôles d'office",
-				updated_at: new Date(),
-			},
-			{
-				name: "POST users",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST offices",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST customers",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST deeds",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST deed-types",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST documents",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST document-types",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST files",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST folders",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST roles",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST rules",
-				created_at: new Date(),
-				updated_at: new Date(),
-			},
-			{
-				name: "POST office-roles",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE users",
+				label: "Suppression des utilisateurs",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE offices",
+				label: "Suppression des offices",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE customers",
+				label: "Suppression des clients",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE deeds",
+				label: "Suppression des actes",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE deed-types",
+				label: "Suppression des types d'actes",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE documents",
+				label: "Suppression des documents",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE document-types",
+				label: "Suppression des types de documents",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE files",
+				label: "Suppression des fichiers",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE folders",
+				label: "Suppression des dossiers",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE roles",
+				label: "Suppression des rôles",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE rules",
+				label: "Suppression des droits",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
 			{
 				name: "DELETE office-roles",
+				label: "Suppression des rôles d'office",
 				created_at: new Date(),
 				updated_at: new Date(),
 			},
@@ -818,24 +806,28 @@ export default async function main() {
 		const roles: Role[] = [
 			{
 				name: "super-admin",
+				label: "Super administrateur",
 				created_at: new Date(),
 				updated_at: new Date(),
 				rules: rules,
 			},
 			{
 				name: "admin",
+				label: "Administrateur",
 				created_at: new Date(),
 				updated_at: new Date(),
 				rules: rules.slice(0, 33),
 			},
 			{
 				name: "notary",
+				label: "Notaire",
 				created_at: new Date(),
 				updated_at: new Date(),
 				rules: rules.slice(0, 22),
 			},
 			{
 				name: "default",
+				label: "Utilisateur",
 				created_at: new Date(),
 				updated_at: new Date(),
 				rules: rules.slice(0, 11),
@@ -843,13 +835,6 @@ export default async function main() {
 		];
 	
 		const officeRoles: OfficeRole[] = [
-			{
-				name: "admin",
-				created_at: new Date(),
-				updated_at: new Date(),
-				office: offices[0]!,
-				rules: rules.slice(0, 40),
-			},
 			{
 				name: "Notaire",
 				created_at: new Date(),
@@ -1381,6 +1366,7 @@ export default async function main() {
 			const ruleCreated = await prisma.rules.create({
 				data: {
 					name: rule.name,
+					label: rule.label,
 				},
 			});
 			rule.uid = ruleCreated.uid;
@@ -1390,6 +1376,7 @@ export default async function main() {
 			const roleCreated = await prisma.roles.create({
 				data: {
 					name: role.name,
+					label: role.label,
 					rules: {
 						connect: role.rules?.map((rule) => ({
 							uid: rule.uid!,

src/common/repositories/RolesRepository.ts

@@ -31,6 +31,7 @@ export default class RolesRepository extends BaseRepository {
 		const createArgs: Prisma.RolesCreateArgs = {
 			data: {
 				name: role.name,
+				label: role.label,
 				rules: {
 					connect: role.rules?.map((rule) => ({
 						uid: rule.uid!,
@@ -52,6 +53,7 @@ export default class RolesRepository extends BaseRepository {
 			},
 			data: {
 				name: role.name,
+				label: role.label,
 				rules: {
 					set: role.rules?.map((rule) => ({
 						uid: rule.uid!,

src/common/repositories/RulesRepository.ts

@@ -31,6 +31,7 @@ export default class RulesRepository extends BaseRepository {
 		const createArgs: Prisma.RulesCreateArgs = {
 			data: {
 				name: rule.name,
+				label: rule.label
 			},
 		};
 
@@ -47,6 +48,7 @@ export default class RulesRepository extends BaseRepository {
 			},
 			data: {
 				name: rule.name,
+				label: rule.label
 			},
 		};
 

src/common/repositories/UsersRepository.ts

@@ -87,6 +87,7 @@ export default class UsersRepository extends BaseRepository {
 	/**
 	 * @description : Update data from a user
 	 */
+	
 	public async update(uid: string, user: User): Promise<Users> {
 		const updateArgs: Prisma.UsersUpdateArgs = {
 			where: {

src/services/admin/UsersService/UsersService.ts

@@ -31,7 +31,7 @@ export default class UsersService extends BaseService {
 	 * @description : Modify a user
 	 * @throws {Error} If user modification failed
 	 */
-	public update(uid: string, userEntity: User): Promise<Users> {
+	public async update(uid: string, userEntity: User): Promise<Users> {
 		return this.userRepository.updateRole(uid, userEntity);
 	}
 
@@ -51,6 +51,14 @@ export default class UsersService extends BaseService {
 		return this.userRepository.findOneByUidWithOffice(uid);
 	}
 
+	/**
+	 * @description : Get a user by uid with office
+	 * @throws {Error} If user cannot be get by uid
+	 */
+	public getByUidWithRole(uid: string) {
+		return this.userRepository.findOneByUidWithRole(uid);
+	}
+
 	/**
 	 * @description : Get a user by uid
 	 * @throws {Error} If user cannot be get by uid

src/services/common/AuthService/AuthService.ts

@@ -12,7 +12,7 @@ enum PROVIDER_OPENID {
 }
 
 interface ICustomerJwtPayload {
-	userId: string;
+	customerId: string;
 	email: string;
 }
 	
@@ -46,7 +46,7 @@ export default class AuthService extends BaseService {
 		}
 
 		return {
-			userId: customer.uid,
+			customerId: customer.uid,
 			email: contact.email,
 		};
 	}
@@ -57,22 +57,19 @@ export default class AuthService extends BaseService {
 		if (!user) return null;
 
 		const rules: string[] = [];
-		if (user.office_role) {
-			user.office_role.rules.forEach((rule) => {
-				rules.push(rule.name);
-			});
-			return {
-				userId: user.uid,
-				openId: { providerName: providerName, userId: user.idNot },
-				office_Id: user.office_membership.uid,
-				role: user.role.name,
-				rules: rules,
-			};
-		}
 
 		user.role.rules.forEach((rule) => {
 			rules.push(rule.name);
 		});
+
+		if (user.office_role) {
+			user.office_role.rules.forEach((rule) => {
+				if(!rules.includes(rule.name)) {
+					rules.push(rule.name);
+				}
+			});
+		}
+
 		return {
 			userId: user.uid,
 			openId: { providerName: providerName, userId: user.idNot },

src/services/notary/RolesService/RolesService.ts

@@ -1,5 +1,4 @@
 import BaseService from "@Services/BaseService";
-import "reflect-metadata";
 import { Service } from "typedi";
 import RolesRepository from "@Repositories/RolesRepository";
 import { Prisma } from "@prisma/client";

src/services/notary/RulesService/RulesService.ts

@@ -1,5 +1,4 @@
 import BaseService from "@Services/BaseService";
-import "reflect-metadata";
 import { Service } from "typedi";
 import RulesRepository from "@Repositories/RulesRepository";
 import { Prisma } from "@prisma/client";

src/services/notary/UsersService/UsersService.ts

@@ -1,9 +1,7 @@
 import BaseService from "@Services/BaseService";
-import "reflect-metadata";
 import { Service } from "typedi";
 import UsersRepository from "@Repositories/UsersRepository";
-import User from "le-coffre-resources/dist/Notary";
+import { Prisma } from "@prisma/client";
-import { Prisma, Users } from "@prisma/client";
 
 @Service()
 export default class UsersService extends BaseService {
@@ -19,22 +17,6 @@ export default class UsersService extends BaseService {
 		return this.userRepository.findMany(query);
 	}
 
-	/**
-	 * @description : Create a user
-	 * @throws {Error} If user couldn't be created
-	 */
-	public create(userEntity: User): Promise<Users> {
-		return this.userRepository.create(userEntity);
-	}
-
-	/**
-	 * @description : Modify a user
-	 * @throws {Error} If user modification failed
-	 */
-	public update(uid: string, userEntity: User): Promise<Users> {
-		return this.userRepository.update(uid, userEntity);
-	}
-
 	/**
 	 * @description : Get a user by uid
 	 * @throws {Error} If user cannot be get by uid

src/test/config/Init.ts

@@ -95,6 +95,7 @@ export const initRules = (rule: Rule): Promise<Rules> => {
 	return prisma.rules.create({
 		data: {
 			name: rule.name,
+			label: rule.label,
 		},
 	});
 };
@@ -103,6 +104,7 @@ export const initRoles = (role: Role): Promise<Roles> => {
 	return prisma.roles.create({
 		data: {
 			name: role.name,
+			label: role.label,
 		},
 	});
 };
@@ -154,6 +156,7 @@ export const initUsers = (user: User): Promise<Users> => {
 					},
 					create: {
 						name: user.role!.name,
+						label: user.role!.label
 					},
 				},
 			},