4nk/lecoffre-back
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge 'dev' in 'staging' (#64)

Browse Source
This commit is contained in:
Arnaud D. Natali 2023-08-18 15:39:08 +02:00 committed by GitHub
commit 842cd74645
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
45 changed files with 759 additions and 640 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

862
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

2
package.json
View File

@ -52,7 +52,7 @@
"cron": "^2.3.1",
"express": "^4.18.2",
"jsonwebtoken": "^9.0.0",
"le-coffre-resources": "git@github.com:smart-chain-fr/leCoffre-resources.git#v2.66",
"le-coffre-resources": "git@github.com:smart-chain-fr/leCoffre-resources.git#v2.69",
"module-alias": "^2.2.2",
"multer": "^1.4.5-lts.1",
"next": "^13.1.5",

7
src/app/api/admin/CustomersController.ts
View File

@ -7,6 +7,7 @@ import { Customer } from "le-coffre-resources/dist/Admin";
import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -18,7 +19,7 @@ export default class CustomersController extends ApiController {
/**
* @description Get all customers
*/
@Get("/api/v1/admin/customers", [authHandler, ruleHandler])
@Get("/api/v1/admin/customers", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -70,7 +71,7 @@ export default class CustomersController extends ApiController {
/**
* @description Modify a specific customer by uid
*/
@Put("/api/v1/admin/customers/:uid", [authHandler, ruleHandler])
@Put("/api/v1/admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -111,7 +112,7 @@ export default class CustomersController extends ApiController {
/**
* @description Get a specific customer by uid
*/
@Get("/api/v1/admin/customers/:uid", [authHandler, ruleHandler])
@Get("/api/v1/admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/admin/DeedTypesController.ts
View File

@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import deedTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DeedTypeHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -21,7 +22,7 @@ export default class DeedTypesController extends ApiController {
* @description Get all deedtypes
* @returns Deedtype[] list of deedtypes
*/
@Get("/api/v1/admin/deed-types", [authHandler, ruleHandler])
@Get("/api/v1/admin/deed-types", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -65,7 +66,7 @@ export default class DeedTypesController extends ApiController {
* @description Create a new deedtype
* @returns Deedtype created
*/
@Post("/api/v1/admin/deed-types", [authHandler, ruleHandler, deedTypeHandler])
@Post("/api/v1/admin/deed-types", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
protected async post(req: Request, response: Response) {
try {
//init DeedType resource with request body values
@ -99,7 +100,7 @@ export default class DeedTypesController extends ApiController {
* @description Modify a specific deedtype by uid
* @returns Deedtype modified
*/
@Put("/api/v1/admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
@Put("/api/v1/admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -141,7 +142,7 @@ export default class DeedTypesController extends ApiController {
* @description Get a specific deedtype by uid
* @returns IDeedtype
*/
@Get("/api/v1/admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
@Get("/api/v1/admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

7
src/app/api/admin/DeedsController.ts
View File

@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import deedHandler from "@App/middlewares/OfficeMembershipHandlers/DeedHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -21,7 +22,7 @@ export default class DeedsController extends ApiController {
* @description Get all deeds
* @returns Deed[] list of deeds
*/
@Get("/api/v1/admin/deeds", [authHandler, ruleHandler])
@Get("/api/v1/admin/deeds", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -52,7 +53,7 @@ export default class DeedsController extends ApiController {
* @description Get a specific deed by uid
* @returns Deed
*/
@Get("/api/v1/admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
@Get("/api/v1/admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -87,7 +88,7 @@ export default class DeedsController extends ApiController {
/**
* @description Modify a specific deed by uid
*/
@Put("/api/v1/admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
@Put("/api/v1/admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];

7
src/app/api/admin/DocumentTypesController.ts
View File

@ -10,6 +10,7 @@ import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import documentTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentTypeHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -21,7 +22,7 @@ export default class DocumentTypesController extends ApiController {
/**
* @description Get all document-types
*/
@Get("/api/v1/admin/document-types", [authHandler, ruleHandler])
@Get("/api/v1/admin/document-types", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -53,7 +54,7 @@ export default class DocumentTypesController extends ApiController {
/**
* @description Create a new documentType
*/
@Post("/api/v1/admin/document-types", [authHandler, ruleHandler, documentTypeHandler])
@Post("/api/v1/admin/document-types", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
protected async post(req: Request, response: Response) {
try {
//init DocumentType resource with request body values
@ -77,7 +78,7 @@ export default class DocumentTypesController extends ApiController {
/**
* @description Modify a specific documentType by uid
*/
@Put("/api/v1/admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
@Put("/api/v1/admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];

11
src/app/api/admin/DocumentsController.ts
View File

@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import documentHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -21,7 +22,7 @@ export default class DocumentsController extends ApiController {
* @description Get all documents
* @returns IDocument[] list of documents
*/
@Get("/api/v1/admin/documents", [authHandler, ruleHandler])
@Get("/api/v1/admin/documents", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -52,7 +53,7 @@ export default class DocumentsController extends ApiController {
* @description Create a new document
* @returns IDocument created
*/
@Post("/api/v1/admin/documents", [authHandler, ruleHandler, documentHandler])
@Post("/api/v1/admin/documents", [authHandler, roleHandler, ruleHandler, documentHandler])
protected async post(req: Request, response: Response) {
try {
//init Document resource with request body values
@ -80,7 +81,7 @@ export default class DocumentsController extends ApiController {
/**
* @description Update a specific document
*/
@Put("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
@Put("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
protected async update(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -119,7 +120,7 @@ export default class DocumentsController extends ApiController {
/**
* @description Delete a specific document
*/
@Delete("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
@Delete("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
protected async delete(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -152,7 +153,7 @@ export default class DocumentsController extends ApiController {
/**
* @description Get a specific document by uid
*/
@Get("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
@Get("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/admin/FilesController.ts
View File

@ -8,6 +8,7 @@ import { File } from "le-coffre-resources/dist/Admin";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import fileHandler from "@App/middlewares/OfficeMembershipHandlers/FileHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -20,7 +21,7 @@ export default class FilesController extends ApiController {
* @description Get all Files
* @returns File[] list of Files
*/
@Get("/api/v1/admin/files", [authHandler, ruleHandler])
@Get("/api/v1/admin/files", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -49,7 +50,7 @@ export default class FilesController extends ApiController {
/**
* @description Get a specific File by uid
*/
@Get("/api/v1/admin/files/download/:uid", [authHandler, ruleHandler, fileHandler])
@Get("/api/v1/admin/files/download/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
protected async download(req: Request, response: Response) {
const uid = req.params["uid"];
if (!uid) {
@ -77,7 +78,7 @@ export default class FilesController extends ApiController {
/**
* @description Delete a specific File
*/
@Delete("/api/v1/admin/files/:uid", [authHandler, ruleHandler, fileHandler])
@Delete("/api/v1/admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
protected async delete(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -115,7 +116,7 @@ export default class FilesController extends ApiController {
/**
* @description Get a specific File by uid
*/
@Get("/api/v1/admin/files/:uid", [authHandler, ruleHandler, fileHandler])
@Get("/api/v1/admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

11
src/app/api/admin/OfficeFoldersController.ts
View File

@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import folderHandler from "@App/middlewares/OfficeMembershipHandlers/FolderHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -20,7 +21,7 @@ export default class OfficeFoldersController extends ApiController {
/**
* @description Get all folders
*/
@Get("/api/v1/admin/folders", [authHandler, ruleHandler])
@Get("/api/v1/admin/folders", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -80,7 +81,7 @@ export default class OfficeFoldersController extends ApiController {
/**
* @description Create a new folder
*/
@Post("/api/v1/admin/folders", [authHandler, ruleHandler, folderHandler])
@Post("/api/v1/admin/folders", [authHandler, roleHandler, ruleHandler, folderHandler])
protected async post(req: Request, response: Response) {
try {
//init OfficeFolder resource with request body values
@ -104,7 +105,7 @@ export default class OfficeFoldersController extends ApiController {
/**
* @description Modify a specific folder by uid
*/
@Put("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
@Put("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -146,7 +147,7 @@ export default class OfficeFoldersController extends ApiController {
* @description Get a specific folder by uid
* @returns IFolder
*/
@Get("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
@Get("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -182,7 +183,7 @@ export default class OfficeFoldersController extends ApiController {
/**
* @description Delete a specific folder
*/
@Delete("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
@Delete("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
protected async delete(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/admin/OfficeRolesController.ts
View File

@ -9,6 +9,7 @@ import { Prisma } from "@prisma/client";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -20,7 +21,7 @@ export default class OfficeRolesController extends ApiController {
/**
* @description Get all officeRoles
*/
@Get("/api/v1/admin/office-roles", [authHandler, ruleHandler])
@Get("/api/v1/admin/office-roles", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -63,7 +64,7 @@ export default class OfficeRolesController extends ApiController {
/**
* @description Create a new officeRole
*/
@Post("/api/v1/admin/office-roles", [authHandler, ruleHandler, officeRoleHandler])
@Post("/api/v1/admin/office-roles", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
protected async getAddresses(req: Request, response: Response) {
try {
//init IOfficeRole resource with request body values
@ -91,7 +92,7 @@ export default class OfficeRolesController extends ApiController {
/**
* @description Modify a specific officeRole by uid
*/
@Put("/api/v1/admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
@Put("/api/v1/admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -132,7 +133,7 @@ export default class OfficeRolesController extends ApiController {
/**
* @description Get a specific officeRole by uid
*/
@Get("/api/v1/admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
@Get("/api/v1/admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

5
src/app/api/admin/OfficesController.ts
View File

@ -7,6 +7,7 @@ import { Offices } from "@prisma/client";
import { Office as OfficeResource } from "le-coffre-resources/dist/Admin";
import ruleHandler from "@App/middlewares/RulesHandler";
import authHandler from "@App/middlewares/AuthHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -17,7 +18,7 @@ export default class OfficesController extends ApiController {
/**
* @description Get all offices
*/
@Get("/api/v1/admin/offices", [authHandler, ruleHandler])
@Get("/api/v1/admin/offices", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -40,7 +41,7 @@ export default class OfficesController extends ApiController {
/**
* @description Get a specific office by uid
*/
@Get("/api/v1/admin/offices/:uid", [authHandler, ruleHandler])
@Get("/api/v1/admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

5
src/app/api/admin/RolesController.ts
View File

@ -6,6 +6,7 @@ import { Service } from "typedi";
import { Role } from "le-coffre-resources/dist/Admin";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -17,7 +18,7 @@ export default class RolesController extends ApiController {
/**
* @description Get all roles
*/
@Get("/api/v1/admin/roles", [authHandler, ruleHandler])
@Get("/api/v1/admin/roles", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -43,7 +44,7 @@ export default class RolesController extends ApiController {
/**
* @description Get a specific role by uid
*/
@Get("/api/v1/admin/roles/:uid", [authHandler, ruleHandler])
@Get("/api/v1/admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

5
src/app/api/admin/RulesController.ts
View File

@ -6,6 +6,7 @@ import { Service } from "typedi";
import { Rule } from "le-coffre-resources/dist/Admin";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -17,7 +18,7 @@ export default class RulesController extends ApiController {
/**
* @description Get all rules
*/
@Get("/api/v1/admin/rules", [authHandler, ruleHandler])
@Get("/api/v1/admin/rules", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -43,7 +44,7 @@ export default class RulesController extends ApiController {
/**
* @description Get a specific rule by uid
*/
@Get("/api/v1/admin/rules/:uid", [authHandler, ruleHandler])
@Get("/api/v1/admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

38
src/app/api/admin/UsersController.ts
View File

@ -8,19 +8,21 @@ import { Prisma } from "@prisma/client";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import userHandler from "@App/middlewares/OfficeMembershipHandlers/UserHandler";
import { validateOrReject } from "class-validator";
import roleHandler from "@App/middlewares/RolesHandler";
import RolesService from "@Services/admin/RolesService/RolesService";
import OfficeRolesService from "@Services/admin/OfficeRolesService/OfficeRolesService";
@Controller()
@Service()
export default class UsersController extends ApiController {
constructor(private usersService: UsersService) {
constructor(private usersService: UsersService, private roleService: RolesService, private officeRoleService: OfficeRolesService) {
super();
}
/**
* @description Get all users
*/
@Get("/api/v1/admin/users", [authHandler, ruleHandler])
@Get("/api/v1/admin/users", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -65,7 +67,7 @@ export default class UsersController extends ApiController {
/**
* @description Modify a specific user by uid
*/
@Put("/api/v1/admin/users/:uid", [authHandler, ruleHandler])
@Put("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -74,7 +76,7 @@ export default class UsersController extends ApiController {
return;
}
const userFound = await this.usersService.getByUid(uid);
const userFound = await this.usersService.getByUidWithRole(uid);
if (!userFound) {
this.httpNotFoundRequest(response, "user not found");
@ -84,9 +86,29 @@ export default class UsersController extends ApiController {
//init IUser resource with request body values
const userEntity = User.hydrate<User>(req.body);
//validate user
await validateOrReject(userEntity, { groups: ["updateUser"] });
if(userEntity.role) {
const role = await this.roleService.getByUid(userEntity.role.uid!);
if(!role) {
this.httpBadRequest(response, "Role not found");
return;
}
if (role.name === "super-admin" || userFound.role.name === "super-admin" ) {
this.httpBadRequest(response, "Cannot assign or remove super-admin role");
return;
}
}
if(userEntity.office_role) {
const officeRole = await this.officeRoleService.getByUid(userEntity.office_role.uid!);
if(!officeRole) {
this.httpBadRequest(response, "Office role not found");
return;
}
if (officeRole.office_uid != userFound.office_uid) {
this.httpBadRequest(response, "Cannot assign an office role from another office");
return;
}
}
//call service to get prisma entity
const userEntityUpdated = await this.usersService.update(uid, userEntity);
@ -106,7 +128,7 @@ export default class UsersController extends ApiController {
/**
* @description Get a specific user by uid
*/
@Get("/api/v1/admin/users/:uid", [authHandler, ruleHandler, userHandler])
@Get("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler, userHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/customer/DocumentsController.ts
View File

@ -28,12 +28,9 @@ export default class DocumentsController extends ApiController {
query = JSON.parse(req.query["q"] as string);
}
//This was useless and was causing a bug
// const customerId: string = req.body.user.customerId;
// const customerWhereInput: Prisma.DocumentsWhereInput ={ depositor: { uid: customerId } };
// query.where = customerWhereInput;
const customerId: string = req.body.user.customerId;
const customerWhereInput: Prisma.DocumentsWhereInput ={ depositor: { uid: customerId } };
query.where = customerWhereInput;
//call service to get prisma entity

3
src/app/api/customer/FilesController.ts
View File

@ -135,9 +135,6 @@ export default class FilesController extends ApiController {
//init File resource with request body values
const fileEntity = File.hydrate<File>(req.body);
//validate file
await validateOrReject(fileEntity, { groups: ["updateFile"] });
//call service to get prisma entity
const fileEntityUpdated: Files = await this.filesService.update(uid, fileEntity);

5
src/app/api/super-admin/AppointmentsController.ts
View File

@ -5,6 +5,7 @@ import AppointmentsService from "@Services/super-admin/AppointmentsService/Appoi
import { Service } from "typedi";
import { Appointment } from "le-coffre-resources/dist/SuperAdmin";
import authHandler from "@App/middlewares/AuthHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -16,7 +17,7 @@ export default class AppointmentsController extends ApiController {
/**
* @description Get all appointments
*/
@Get("/api/v1/super-admin/appointments", [authHandler])
@Get("/api/v1/super-admin/appointments", [authHandler, roleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -42,7 +43,7 @@ export default class AppointmentsController extends ApiController {
/**
* @description Get a specific appointment by uid
*/
@Get("/api/v1/super-admin/appointments/:uid", [authHandler])
@Get("/api/v1/super-admin/appointments/:uid", [authHandler, roleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/super-admin/CustomersController.ts
View File

@ -7,6 +7,7 @@ import { Customer } from "le-coffre-resources/dist/SuperAdmin";
import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -18,7 +19,7 @@ export default class CustomersController extends ApiController {
/**
* @description Get all customers
*/
@Get("/api/v1/super-admin/customers", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/customers", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -44,7 +45,7 @@ export default class CustomersController extends ApiController {
/**
* @description Create a new customer
*/
@Post("/api/v1/super-admin/customers", [authHandler, ruleHandler])
@Post("/api/v1/super-admin/customers", [authHandler, roleHandler, ruleHandler])
protected async post(req: Request, response: Response) {
try {
//init IUser resource with request body values
@ -70,7 +71,7 @@ export default class CustomersController extends ApiController {
/**
* @description Modify a specific customer by uid
*/
@Put("/api/v1/super-admin/customers/:uid", [authHandler, ruleHandler])
@Put("/api/v1/super-admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -111,7 +112,7 @@ export default class CustomersController extends ApiController {
/**
* @description Get a specific customer by uid
*/
@Get("/api/v1/super-admin/customers/:uid", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/super-admin/DeedTypesController.ts
View File

@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import deedTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DeedTypeHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -21,7 +22,7 @@ export default class DeedTypesController extends ApiController {
* @description Get all deedtypes
* @returns Deedtype[] list of deedtypes
*/
@Get("/api/v1/super-admin/deed-types", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/deed-types", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -65,7 +66,7 @@ export default class DeedTypesController extends ApiController {
* @description Create a new deedtype
* @returns Deedtype created
*/
@Post("/api/v1/super-admin/deed-types", [authHandler, ruleHandler, deedTypeHandler])
@Post("/api/v1/super-admin/deed-types", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
protected async post(req: Request, response: Response) {
try {
//init DeedType resource with request body values
@ -94,7 +95,7 @@ export default class DeedTypesController extends ApiController {
* @description Modify a specific deedtype by uid
* @returns Deedtype modified
*/
@Put("/api/v1/super-admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
@Put("/api/v1/super-admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -136,7 +137,7 @@ export default class DeedTypesController extends ApiController {
* @description Get a specific deedtype by uid
* @returns IDeedtype
*/
@Get("/api/v1/super-admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
@Get("/api/v1/super-admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

7
src/app/api/super-admin/DeedsController.ts
View File

@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import deedHandler from "@App/middlewares/OfficeMembershipHandlers/DeedHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -21,7 +22,7 @@ export default class DeedsController extends ApiController {
* @description Get all deeds
* @returns Deed[] list of deeds
*/
@Get("/api/v1/super-admin/deeds", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/deeds", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -52,7 +53,7 @@ export default class DeedsController extends ApiController {
* @description Get a specific deed by uid
* @returns Deed
*/
@Get("/api/v1/super-admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
@Get("/api/v1/super-admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -87,7 +88,7 @@ export default class DeedsController extends ApiController {
/**
* @description Modify a specific deed by uid
*/
@Put("/api/v1/super-admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
@Put("/api/v1/super-admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/super-admin/DocumentTypesController.ts
View File

@ -10,6 +10,7 @@ import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import documentTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentTypeHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -21,7 +22,7 @@ export default class DocumentTypesController extends ApiController {
/**
* @description Get all document-types
*/
@Get("/api/v1/super-admin/document-types", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/document-types", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -53,7 +54,7 @@ export default class DocumentTypesController extends ApiController {
/**
* @description Create a new documentType
*/
@Post("/api/v1/super-admin/document-types", [authHandler, ruleHandler, documentTypeHandler])
@Post("/api/v1/super-admin/document-types", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
protected async post(req: Request, response: Response) {
try {
//init DocumentType resource with request body values
@ -82,7 +83,7 @@ export default class DocumentTypesController extends ApiController {
/**
* @description Modify a specific documentType by uid
*/
@Put("/api/v1/super-admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
@Put("/api/v1/super-admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -122,7 +123,7 @@ export default class DocumentTypesController extends ApiController {
/**
* @description Get a specific documentType by uid
*/
@Get("/api/v1/super-admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
@Get("/api/v1/super-admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

11
src/app/api/super-admin/DocumentsController.ts
View File

@ -1,5 +1,6 @@
import authHandler from "@App/middlewares/AuthHandler";
import documentHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentHandler";
import roleHandler from "@App/middlewares/RolesHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import ApiController from "@Common/system/controller-pattern/ApiController";
import { Controller, Delete, Get, Post, Put } from "@ControllerPattern/index";
@ -21,7 +22,7 @@ export default class DocumentsController extends ApiController {
* @description Get all documents
* @returns IDocument[] list of documents
*/
@Get("/api/v1/super-admin/documents", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/documents", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -56,7 +57,7 @@ export default class DocumentsController extends ApiController {
* @description Create a new document
* @returns IDocument created
*/
@Post("/api/v1/super-admin/documents", [authHandler, ruleHandler, documentHandler])
@Post("/api/v1/super-admin/documents", [authHandler, roleHandler, ruleHandler, documentHandler])
protected async post(req: Request, response: Response) {
try {
//init Document resource with request body values
@ -84,7 +85,7 @@ export default class DocumentsController extends ApiController {
/**
* @description Update a specific document
*/
@Put("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
@Put("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
protected async update(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -123,7 +124,7 @@ export default class DocumentsController extends ApiController {
/**
* @description Delete a specific document
*/
@Delete("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
@Delete("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
protected async delete(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -156,7 +157,7 @@ export default class DocumentsController extends ApiController {
/**
* @description Get a specific document by uid
*/
@Get("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
@Get("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/super-admin/FilesController.ts
View File

@ -8,6 +8,7 @@ import { File } from "le-coffre-resources/dist/SuperAdmin";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import fileHandler from "@App/middlewares/OfficeMembershipHandlers/FileHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -20,7 +21,7 @@ export default class FilesController extends ApiController {
* @description Get all Files
* @returns File[] list of Files
*/
@Get("/api/v1/super-admin/files", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/files", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -50,7 +51,7 @@ export default class FilesController extends ApiController {
/**
* @description Get a specific File by uid
*/
@Get("/api/v1/super-admin/files/download/:uid", [authHandler, ruleHandler, fileHandler])
@Get("/api/v1/super-admin/files/download/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
protected async download(req: Request, response: Response) {
const uid = req.params["uid"];
if (!uid) {
@ -78,7 +79,7 @@ export default class FilesController extends ApiController {
/**
* @description Delete a specific File
*/
@Delete("/api/v1/super-admin/files/:uid", [authHandler, ruleHandler, fileHandler])
@Delete("/api/v1/super-admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
protected async delete(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -116,7 +117,7 @@ export default class FilesController extends ApiController {
/**
* @description Get a specific File by uid
*/
@Get("/api/v1/super-admin/files/:uid", [authHandler, ruleHandler, fileHandler])
@Get("/api/v1/super-admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

3
src/app/api/super-admin/LiveVoteController.ts
View File

@ -1,4 +1,5 @@
import authHandler from "@App/middlewares/AuthHandler";
import roleHandler from "@App/middlewares/RolesHandler";
import ApiController from "@Common/system/controller-pattern/ApiController";
import { Controller, Post } from "@ControllerPattern/index";
import { EAppointmentStatus } from "@prisma/client";
@ -26,7 +27,7 @@ export default class LiveVoteController extends ApiController {
/**
* @description Create a new vote
*/
@Post("/api/v1/super-admin/live-votes", [authHandler])
@Post("/api/v1/super-admin/live-votes", [authHandler, roleHandler])
protected async post(req: Request, response: Response) {
try {
const userId = req.body.user.userId;

11
src/app/api/super-admin/OfficeFoldersController.ts
View File

@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import folderHandler from "@App/middlewares/OfficeMembershipHandlers/FolderHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -20,7 +21,7 @@ export default class OfficeFoldersController extends ApiController {
/**
* @description Get all folders
*/
@Get("/api/v1/super-admin/folders", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/folders", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -79,7 +80,7 @@ export default class OfficeFoldersController extends ApiController {
/**
* @description Create a new folder
*/
@Post("/api/v1/super-admin/folders", [authHandler, ruleHandler, folderHandler])
@Post("/api/v1/super-admin/folders", [authHandler, roleHandler, ruleHandler, folderHandler])
protected async post(req: Request, response: Response) {
try {
//init OfficeFolder resource with request body values
@ -103,7 +104,7 @@ export default class OfficeFoldersController extends ApiController {
/**
* @description Modify a specific folder by uid
*/
@Put("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
@Put("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -145,7 +146,7 @@ export default class OfficeFoldersController extends ApiController {
* @description Get a specific folder by uid
* @returns IFolder
*/
@Get("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
@Get("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -180,7 +181,7 @@ export default class OfficeFoldersController extends ApiController {
/**
* @description Delete a specific folder
*/
@Delete("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
@Delete("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
protected async delete(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/super-admin/OfficeRolesController.ts
View File

@ -9,6 +9,7 @@ import { Prisma } from "@prisma/client";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -20,7 +21,7 @@ export default class OfficeRolesController extends ApiController {
/**
* @description Get all officeRoles
*/
@Get("/api/v1/super-admin/office-roles", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/office-roles", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -62,7 +63,7 @@ export default class OfficeRolesController extends ApiController {
/**
* @description Create a new officeRole
*/
@Post("/api/v1/super-admin/office-roles", [authHandler, ruleHandler, officeRoleHandler])
@Post("/api/v1/super-admin/office-roles", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
protected async getAddresses(req: Request, response: Response) {
try {
//init IOfficeRole resource with request body values
@ -90,7 +91,7 @@ export default class OfficeRolesController extends ApiController {
/**
* @description Modify a specific officeRole by uid
*/
@Put("/api/v1/super-admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
@Put("/api/v1/super-admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -131,7 +132,7 @@ export default class OfficeRolesController extends ApiController {
/**
* @description Get a specific officeRole by uid
*/
@Get("/api/v1/super-admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
@Get("/api/v1/super-admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

12
src/app/api/super-admin/OfficesController.ts
View File

@ -8,6 +8,7 @@ import { Office as OfficeResource } from "le-coffre-resources/dist/SuperAdmin";
import { validateOrReject } from "class-validator";
import ruleHandler from "@App/middlewares/RulesHandler";
import authHandler from "@App/middlewares/AuthHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -18,7 +19,7 @@ export default class OfficesController extends ApiController {
/**
* @description Get all offices
*/
@Get("/api/v1/super-admin/offices", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/offices", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -53,7 +54,7 @@ export default class OfficesController extends ApiController {
/**
* @description Create a new office
*/
@Post("/api/v1/super-admin/offices", [authHandler, ruleHandler])
@Post("/api/v1/super-admin/offices", [authHandler, roleHandler, ruleHandler])
protected async post(req: Request, response: Response) {
try {
//init IUser resource with request body values
@ -76,7 +77,7 @@ export default class OfficesController extends ApiController {
/**
* @description Modify a specific office by uid
*/
@Put("/api/v1/super-admin/offices/:uid", [authHandler, ruleHandler])
@Put("/api/v1/super-admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -93,8 +94,7 @@ export default class OfficesController extends ApiController {
}
//init IUser resource with request body values
const officeEntity = OfficeResource.hydrate<OfficeResource>(req.body);
//validate user
await validateOrReject(officeEntity, { groups: ["updateOffice"] });
//call service to get prisma entity
const officeEntityUpdated = await this.officesService.update(uid, officeEntity);
//Hydrate ressource with prisma entity
@ -111,7 +111,7 @@ export default class OfficesController extends ApiController {
/**
* @description Get a specific office by uid
*/
@Get("/api/v1/super-admin/offices/:uid", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

9
src/app/api/super-admin/RolesController.ts
View File

@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
import { Role } from "le-coffre-resources/dist/SuperAdmin";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -18,7 +19,7 @@ export default class RolesController extends ApiController {
/**
* @description Get all roles
*/
@Get("/api/v1/super-admin/roles", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/roles", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -44,7 +45,7 @@ export default class RolesController extends ApiController {
/**
* @description Create a new role
*/
@Post("/api/v1/super-admin/roles", [authHandler, ruleHandler])
@Post("/api/v1/super-admin/roles", [authHandler, roleHandler, ruleHandler])
protected async getAddresses(req: Request, response: Response) {
try {
//init IRole resource with request body values
@ -72,7 +73,7 @@ export default class RolesController extends ApiController {
/**
* @description Modify a specific role by uid
*/
@Put("/api/v1/super-admin/roles/:uid", [authHandler, ruleHandler])
@Put("/api/v1/super-admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -113,7 +114,7 @@ export default class RolesController extends ApiController {
/**
* @description Get a specific role by uid
*/
@Get("/api/v1/super-admin/roles/:uid", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

12
src/app/api/super-admin/RulesController.ts
View File

@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
import { Rule } from "le-coffre-resources/dist/SuperAdmin";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -18,7 +19,7 @@ export default class RulesController extends ApiController {
/**
* @description Get all rules
*/
@Get("/api/v1/super-admin/rules", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/rules", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -44,7 +45,7 @@ export default class RulesController extends ApiController {
/**
* @description Create a new rule
*/
@Post("/api/v1/super-admin/rules", [authHandler, ruleHandler])
@Post("/api/v1/super-admin/rules", [authHandler, roleHandler, ruleHandler])
protected async getAddresses(req: Request, response: Response) {
try {
//init IRule resource with request body values
@ -72,7 +73,7 @@ export default class RulesController extends ApiController {
/**
* @description Modify a specific rule by uid
*/
@Put("/api/v1/super-admin/rules/:uid", [authHandler, ruleHandler])
@Put("/api/v1/super-admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -91,9 +92,6 @@ export default class RulesController extends ApiController {
//init IRule resource with request body values
const ruleEntity = Rule.hydrate<Rule>(req.body);
//validate rule
await validateOrReject(ruleEntity, { groups: ["updateRule"] });
//call service to get prisma entity
const ruleEntityUpdated = await this.rulesService.update(ruleEntity);
@ -113,7 +111,7 @@ export default class RulesController extends ApiController {
/**
* @description Get a specific rule by uid
*/
@Get("/api/v1/super-admin/rules/:uid", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

40
src/app/api/super-admin/UsersController.ts
View File

@ -7,18 +7,21 @@ import { validateOrReject } from "class-validator";
import User from "le-coffre-resources/dist/SuperAdmin";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import roleHandler from "@App/middlewares/RolesHandler";
import RolesService from "@Services/super-admin/RolesService/RolesService";
import OfficeRolesService from "@Services/super-admin/OfficeRolesService/OfficeRolesService";
@Controller()
@Service()
export default class UsersController extends ApiController {
constructor(private usersService: UsersService) {
constructor(private usersService: UsersService, private roleService: RolesService, private officeRoleService: OfficeRolesService) {
super();
}
/**
* @description Get all users
*/
@Get("/api/v1/super-admin/users", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/users", [authHandler, roleHandler, ruleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -58,7 +61,7 @@ export default class UsersController extends ApiController {
/**
* @description Create a new user
*/
@Post("/api/v1/super-admin/users", [authHandler, ruleHandler])
@Post("/api/v1/super-admin/users", [authHandler, roleHandler, ruleHandler])
protected async create(req: Request, response: Response) {
try {
//init IUser resource with request body values
@ -86,7 +89,7 @@ export default class UsersController extends ApiController {
/**
* @description Modify a specific user by uid
*/
@Put("/api/v1/super-admin/users/:uid", [authHandler, ruleHandler])
@Put("/api/v1/super-admin/users/:uid", [authHandler, roleHandler, ruleHandler])
protected async put(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -96,7 +99,7 @@ export default class UsersController extends ApiController {
return;
}
const userFound = await this.usersService.getByUid(uid, {role: true, votes: true});
const userFound = await this.usersService.getByUidWithRole(uid);
if (!userFound) {
this.httpNotFoundRequest(response, "user not found");
@ -106,8 +109,29 @@ export default class UsersController extends ApiController {
//init IUser resource with request body values
const userEntity = User.hydrate<User>(req.body);
//validate user
await validateOrReject(userEntity, { groups: ["updateUser"] });
if(userEntity.role) {
const role = await this.roleService.getByUid(userEntity.role.uid!);
if(!role) {
this.httpBadRequest(response, "Role not found");
return;
}
if (role.name === "super-admin" || userFound.role.name === "super-admin" ) {
this.httpBadRequest(response, "Cannot assign or remove super-admin role");
return;
}
}
if(userEntity.office_role) {
const officeRole = await this.officeRoleService.getByUid(userEntity.office_role.uid!);
if(!officeRole) {
this.httpBadRequest(response, "Office role not found");
return;
}
if (officeRole.office_uid != userFound.office_uid) {
this.httpBadRequest(response, "Cannot assign an office role from another office");
return;
}
}
//call service to get prisma entity
const userEntityUpdated = await this.usersService.update(uid, userEntity);
@ -128,7 +152,7 @@ export default class UsersController extends ApiController {
/**
* @description Get a specific user by uid
*/
@Get("/api/v1/super-admin/users/:uid", [authHandler, ruleHandler])
@Get("/api/v1/super-admin/users/:uid", [authHandler, roleHandler, ruleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];

7
src/app/api/super-admin/VotesController.ts
View File

@ -6,6 +6,7 @@ import { Service } from "typedi";
import { Vote } from "le-coffre-resources/dist/SuperAdmin";
import authHandler from "@App/middlewares/AuthHandler";
import { Votes } from "@prisma/client";
import roleHandler from "@App/middlewares/RolesHandler";
@Controller()
@Service()
@ -17,7 +18,7 @@ export default class VotesController extends ApiController {
/**
* @description Get all votes
*/
@Get("/api/v1/super-admin/votes", [authHandler])
@Get("/api/v1/super-admin/votes", [authHandler, roleHandler])
protected async get(req: Request, response: Response) {
try {
//get query
@ -43,7 +44,7 @@ export default class VotesController extends ApiController {
/**
* @description Get a specific vote by uid
*/
@Get("/api/v1/super-admin/votes/:uid", [authHandler])
@Get("/api/v1/super-admin/votes/:uid", [authHandler, roleHandler])
protected async getOneByUid(req: Request, response: Response) {
try {
const uid = req.params["uid"];
@ -78,7 +79,7 @@ export default class VotesController extends ApiController {
/**
* @description Delete a specific vote
*/
@Delete("/api/v1/super-admin/votes/:uid", [authHandler])
@Delete("/api/v1/super-admin/votes/:uid", [authHandler, roleHandler])
protected async delete(req: Request, response: Response) {
try {
const uid = req.params["uid"];

22
src/app/middlewares/RolesHandler.ts Normal file
View File

@ -0,0 +1,22 @@
import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
import { NextFunction, Request, Response } from "express";
export default async function roleHandler(req: Request, response: Response, next: NextFunction) {
try {
const namespace = req.path && req.path.split("/")[3];
const role = req.body.user.role;
if (namespace != "notary" && role != namespace && role != "super-admin") {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
return;
}
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
}
}

14
src/app/middlewares/RulesHandler.ts
View File

@ -6,19 +6,7 @@ export default async function ruleHandler(req: Request, response: Response, next
const rules = req.body.user.rules;
const service = req.path && req.path.split("/")[4];
// if (!rules) {
// response.status(HttpCodes.UNAUTHORIZED).send("Missing rules in JWT");
// return;
// }
const namespace = req.path && req.path.split("/")[3];
const role = req.body.user.role;
if (namespace != "notary" && role != namespace && role != "super-admin") {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
return;
}
if (!rules.includes(req.method + " " + service) && role != "super-admin") {
if (!rules.includes(req.method + " " + service)) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");
return;
}

12
src/common/databases/migrations/20230816144031_v22/migration.sql Normal file
View File

@ -0,0 +1,12 @@
/*
Warnings:
- Added the required column `label` to the `roles` table without a default value. This is not possible if the table is not empty.
- Added the required column `label` to the `rules` table without a default value. This is not possible if the table is not empty.
*/
-- AlterTable
ALTER TABLE "roles" ADD COLUMN "label" VARCHAR(255) NOT NULL;
-- AlterTable
ALTER TABLE "rules" ADD COLUMN "label" VARCHAR(255) NOT NULL;

2
src/common/databases/schema.prisma
View File

@ -241,6 +241,7 @@ model DeedTypes {
model Roles {
uid String @id @unique @default(uuid())
name String @db.VarChar(255)
label String @db.VarChar(255)
created_at DateTime? @default(now())
updated_at DateTime? @updatedAt
rules Rules[] @relation("RolesHasRules")
@ -265,6 +266,7 @@ model OfficeRoles {
model Rules {
uid String @id @unique @default(uuid())
name String @db.VarChar(255)
label String @db.VarChar(255)
created_at DateTime? @default(now())
updated_at DateTime? @updatedAt
role Roles[] @relation("RolesHasRules")

121
src/common/databases/seeders/seeder.ts
View File

@ -515,301 +515,289 @@ export default async function main() {
const rules: Rule[] = [
{
name: "GET users",
label: "Lecture des utilisateurs",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET offices",
label: "Lecture des offices",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET customers",
label: "Lecture des clients",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET deeds",
label: "Lecture des actes",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET deed-types",
label: "Lecture des types d'actes",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET documents",
label: "Lecture des documents",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET document-types",
label: "Lecture des types de documents",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET files",
label: "Lecture des fichiers",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET folders",
label: "Lecture des dossiers",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET roles",
label: "Lecture utilisateurs",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET rules",
label: "Lecture des droits",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "GET office-roles",
label: "Lecture des rôles d'office",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT users",
label: "Modification des utilisateurs",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT offices",
label: "Modification des offices",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT customers",
label: "Modification des clients",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT deeds",
label: "Modification des actes",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT deed-types",
label: "Modification des types d'actes",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT documents",
label: "Modification des documents",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT document-types",
label: "Modification des types de documents",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT files",
label: "Modification des fichiers",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT folders",
label: "Modification des dossiers",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT roles",
label: "Modification des rôles",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT rules",
label: "Modification des droits",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "PUT office-roles",
label: "Modification des rôles d'office",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST users",
label: "Création des utilisateurs",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST offices",
label: "Création des offices",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST customers",
label: "Création des clients",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST deeds",
label: "Création des actes",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST deed-types",
label: "Création des types d'actes",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST documents",
label: "Création des documents",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST document-types",
label: "Création des types de documents",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST files",
label: "Création des fichiers",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST folders",
label: "Création des dossiers",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST roles",
label: "Création des rôles",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST rules",
label: "Création des droits",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST office-roles",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST users",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST offices",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST customers",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST deeds",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST deed-types",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST documents",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST document-types",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST files",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST folders",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST roles",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST rules",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "POST office-roles",
label: "Création des rôles d'office",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE users",
label: "Suppression des utilisateurs",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE offices",
label: "Suppression des offices",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE customers",
label: "Suppression des clients",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE deeds",
label: "Suppression des actes",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE deed-types",
label: "Suppression des types d'actes",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE documents",
label: "Suppression des documents",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE document-types",
label: "Suppression des types de documents",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE files",
label: "Suppression des fichiers",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE folders",
label: "Suppression des dossiers",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE roles",
label: "Suppression des rôles",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE rules",
label: "Suppression des droits",
created_at: new Date(),
updated_at: new Date(),
},
{
name: "DELETE office-roles",
label: "Suppression des rôles d'office",
created_at: new Date(),
updated_at: new Date(),
},
@ -818,24 +806,28 @@ export default async function main() {
const roles: Role[] = [
{
name: "super-admin",
label: "Super administrateur",
created_at: new Date(),
updated_at: new Date(),
rules: rules,
},
{
name: "admin",
label: "Administrateur",
created_at: new Date(),
updated_at: new Date(),
rules: rules.slice(0, 33),
},
{
name: "notary",
label: "Notaire",
created_at: new Date(),
updated_at: new Date(),
rules: rules.slice(0, 22),
},
{
name: "default",
label: "Utilisateur",
created_at: new Date(),
updated_at: new Date(),
rules: rules.slice(0, 11),
@ -843,13 +835,6 @@ export default async function main() {
];
const officeRoles: OfficeRole[] = [
{
name: "admin",
created_at: new Date(),
updated_at: new Date(),
office: offices[0]!,
rules: rules.slice(0, 40),
},
{
name: "Notaire",
created_at: new Date(),
@ -1381,6 +1366,7 @@ export default async function main() {
const ruleCreated = await prisma.rules.create({
data: {
name: rule.name,
label: rule.label,
},
});
rule.uid = ruleCreated.uid;
@ -1390,6 +1376,7 @@ export default async function main() {
const roleCreated = await prisma.roles.create({
data: {
name: role.name,
label: role.label,
rules: {
connect: role.rules?.map((rule) => ({
uid: rule.uid!,

2
src/common/repositories/RolesRepository.ts
View File

@ -31,6 +31,7 @@ export default class RolesRepository extends BaseRepository {
const createArgs: Prisma.RolesCreateArgs = {
data: {
name: role.name,
label: role.label,
rules: {
connect: role.rules?.map((rule) => ({
uid: rule.uid!,
@ -52,6 +53,7 @@ export default class RolesRepository extends BaseRepository {
},
data: {
name: role.name,
label: role.label,
rules: {
set: role.rules?.map((rule) => ({
uid: rule.uid!,

2
src/common/repositories/RulesRepository.ts
View File

@ -31,6 +31,7 @@ export default class RulesRepository extends BaseRepository {
const createArgs: Prisma.RulesCreateArgs = {
data: {
name: rule.name,
label: rule.label
},
};
@ -47,6 +48,7 @@ export default class RulesRepository extends BaseRepository {
},
data: {
name: rule.name,
label: rule.label
},
};

1
src/common/repositories/UsersRepository.ts
View File

@ -87,6 +87,7 @@ export default class UsersRepository extends BaseRepository {
/**
* @description : Update data from a user
*/
public async update(uid: string, user: User): Promise<Users> {
const updateArgs: Prisma.UsersUpdateArgs = {
where: {

10
src/services/admin/UsersService/UsersService.ts
View File

@ -31,7 +31,7 @@ export default class UsersService extends BaseService {
* @description : Modify a user
* @throws {Error} If user modification failed
*/
public update(uid: string, userEntity: User): Promise<Users> {
public async update(uid: string, userEntity: User): Promise<Users> {
return this.userRepository.updateRole(uid, userEntity);
}
@ -51,6 +51,14 @@ export default class UsersService extends BaseService {
return this.userRepository.findOneByUidWithOffice(uid);
}
/**
* @description : Get a user by uid with office
* @throws {Error} If user cannot be get by uid
*/
public getByUidWithRole(uid: string) {
return this.userRepository.findOneByUidWithRole(uid);
}
/**
* @description : Get a user by uid
* @throws {Error} If user cannot be get by uid

25
src/services/common/AuthService/AuthService.ts
View File

@ -12,7 +12,7 @@ enum PROVIDER_OPENID {
}
interface ICustomerJwtPayload {
userId: string;
customerId: string;
email: string;
}
@ -46,7 +46,7 @@ export default class AuthService extends BaseService {
}
return {
userId: customer.uid,
customerId: customer.uid,
email: contact.email,
};
}
@ -57,22 +57,19 @@ export default class AuthService extends BaseService {
if (!user) return null;
const rules: string[] = [];
if (user.office_role) {
user.office_role.rules.forEach((rule) => {
rules.push(rule.name);
});
return {
userId: user.uid,
openId: { providerName: providerName, userId: user.idNot },
office_Id: user.office_membership.uid,
role: user.role.name,
rules: rules,
};
}
user.role.rules.forEach((rule) => {
rules.push(rule.name);
});
if (user.office_role) {
user.office_role.rules.forEach((rule) => {
if(!rules.includes(rule.name)) {
rules.push(rule.name);
}
});
}
return {
userId: user.uid,
openId: { providerName: providerName, userId: user.idNot },

1
src/services/notary/RolesService/RolesService.ts
View File

@ -1,5 +1,4 @@
import BaseService from "@Services/BaseService";
import "reflect-metadata";
import { Service } from "typedi";
import RolesRepository from "@Repositories/RolesRepository";
import { Prisma } from "@prisma/client";

1
src/services/notary/RulesService/RulesService.ts
View File

@ -1,5 +1,4 @@
import BaseService from "@Services/BaseService";
import "reflect-metadata";
import { Service } from "typedi";
import RulesRepository from "@Repositories/RulesRepository";
import { Prisma } from "@prisma/client";

20
src/services/notary/UsersService/UsersService.ts
View File

@ -1,9 +1,7 @@
import BaseService from "@Services/BaseService";
import "reflect-metadata";
import { Service } from "typedi";
import UsersRepository from "@Repositories/UsersRepository";
import User from "le-coffre-resources/dist/Notary";
import { Prisma, Users } from "@prisma/client";
import { Prisma } from "@prisma/client";
@Service()
export default class UsersService extends BaseService {
@ -19,22 +17,6 @@ export default class UsersService extends BaseService {
return this.userRepository.findMany(query);
}
/**
* @description : Create a user
* @throws {Error} If user couldn't be created
*/
public create(userEntity: User): Promise<Users> {
return this.userRepository.create(userEntity);
}
/**
* @description : Modify a user
* @throws {Error} If user modification failed
*/
public update(uid: string, userEntity: User): Promise<Users> {
return this.userRepository.update(uid, userEntity);
}
/**
* @description : Get a user by uid
* @throws {Error} If user cannot be get by uid

3
src/test/config/Init.ts
View File

@ -95,6 +95,7 @@ export const initRules = (rule: Rule): Promise<Rules> => {
return prisma.rules.create({
data: {
name: rule.name,
label: rule.label,
},
});
};
@ -103,6 +104,7 @@ export const initRoles = (role: Role): Promise<Roles> => {
return prisma.roles.create({
data: {
name: role.name,
label: role.label,
},
});
};
@ -154,6 +156,7 @@ export const initUsers = (user: User): Promise<Users> => {
},
create: {
name: user.role!.name,
label: user.role!.label
},
},
},