diff --git a/src/app/api/idnot/UserController.ts b/src/app/api/idnot/UserController.ts index 44a62b42..58fd5f64 100644 --- a/src/app/api/idnot/UserController.ts +++ b/src/app/api/idnot/UserController.ts @@ -5,12 +5,13 @@ import { Service } from "typedi"; import AuthService, { IUserJwtPayload } from "@Services/common/AuthService/AuthService"; import IdNotService from "@Services/common/IdNotService/IdNotService"; -import User from "le-coffre-resources/dist/Admin"; +import User, { RulesGroup } from "le-coffre-resources/dist/Admin"; import UsersService from "@Services/super-admin/UsersService/UsersService"; import SubscriptionsService from "@Services/admin/SubscriptionsService/SubscriptionsService.ts"; import { ESubscriptionStatus } from "@prisma/client"; import SeatsService from "@Services/admin/SeatsService/SeatsService"; import { EType } from "le-coffre-resources/dist/Admin/Subscription"; +import RulesGroupsService from "@Services/admin/RulesGroupsService/RulesGroupsService"; @Controller() @Service() @@ -21,6 +22,7 @@ export default class UserController extends ApiController { private userService: UsersService, private subscriptionsService: SubscriptionsService, private seatsService: SeatsService, + private rulesGroupsService: RulesGroupsService ) { super(); } @@ -100,10 +102,6 @@ export default class UserController extends ApiController { } } - if (userHydrated.role?.name === "admin" || userHydrated.role?.name === "super-admin") { - isSubscribed = true; - } - if (!isSubscribed) { this.httpUnauthorized(response, "User not subscribed"); return; @@ -124,6 +122,17 @@ export default class UserController extends ApiController { await this.idNotService.updateOffice(user.office_uid); const payload = await this.authService.getUserJwtPayload(user.idNot); + if(!payload) return; + + + if(!isSubscribed && userHydrated.role?.name === "admin" || userHydrated.role?.name === "super-admin"){ + const manageSubscriptionRulesEntity = await this.rulesGroupsService.get({ where: { name: "Gestion de l'abonnement" }, include: { rules: true } }); + const manageSubscriptionRules = RulesGroup.hydrateArray(manageSubscriptionRulesEntity, { strategy: "excludeAll" }); + if(!manageSubscriptionRules[0]) return; + + payload.rules = manageSubscriptionRules[0].rules!.map((rule) => rule.name) || []; + } + const accessToken = this.authService.generateAccessToken(payload); const refreshToken = this.authService.generateRefreshToken(payload);