From bbecec09a3c5484df5418ae14271185b560aa189 Mon Sep 17 00:00:00 2001
From: Vins <vincent.alamelle@smart-chain.fr>
Date: Fri, 19 Apr 2024 11:47:55 +0200
Subject: [PATCH] Rules and user access

---
 src/app/api/admin/OfficeRolesController.ts   | 14 ++++
 src/app/api/admin/StripeController.ts        | 31 +-------
 src/app/api/admin/SubscriptionsController.ts | 78 ++------------------
 src/app/api/idnot/UserController.ts          |  2 +-
 src/app/api/notary/OfficeRibController.ts    |  7 +-
 src/common/databases/seeders/seeder.ts       | 21 ++++++
 src/common/emails/EmailBuilder.ts            |  2 +-
 7 files changed, 50 insertions(+), 105 deletions(-)

diff --git a/src/app/api/admin/OfficeRolesController.ts b/src/app/api/admin/OfficeRolesController.ts
index cb3162bd..816d4cbb 100644
--- a/src/app/api/admin/OfficeRolesController.ts
+++ b/src/app/api/admin/OfficeRolesController.ts
@@ -75,6 +75,20 @@ export default class OfficeRolesController extends ApiController {
 			//init IOfficeRole resource with request body values
 			const officeRoleEntity = OfficeRole.hydrate<OfficeRole>(req.body);
 
+			const allRules = await this.rulesService.get({
+				where: {
+					OR: [
+						{
+							namespace: "notary",
+						},
+						{
+							namespace: "collaborator",
+						},
+					],
+				},
+			});
+
+			officeRoleEntity.rules = allRules;
 			//validate officeRole
 			await validateOrReject(officeRoleEntity, { groups: ["createOfficeRole"] });
 
diff --git a/src/app/api/admin/StripeController.ts b/src/app/api/admin/StripeController.ts
index 5dd28d3a..24b778f2 100644
--- a/src/app/api/admin/StripeController.ts
+++ b/src/app/api/admin/StripeController.ts
@@ -1,4 +1,5 @@
 import authHandler from "@App/middlewares/AuthHandler";
+import ruleHandler from "@App/middlewares/RulesHandler";
 // import roleHandler from "@App/middlewares/RolesHandler";
 import ApiController from "@Common/system/controller-pattern/ApiController";
 import { Controller, Get, Post} from "@ControllerPattern/index";
@@ -18,7 +19,7 @@ export default class StripeController extends ApiController {
 	/**
 	 * @description Create a new checkout session
 	 */
-	@Post("/api/v1/admin/stripe", [authHandler])
+	@Post("/api/v1/admin/stripe", [authHandler, ruleHandler])
 	protected async createStripeSubscriptionCheckout(req: Request, response: Response) {
 		try {
 			const officeId: string = req.body.user.office_Id;
@@ -41,33 +42,7 @@ export default class StripeController extends ApiController {
 		}
 	}
 
-	// @Put("/api/v1/admin/stripe/:uid")
-	// protected async createStripeSubscriptionUpdateCheckout(req: Request, response: Response) {
-	// 	try {
-	// 		const uid = req.params["uid"];
-	// 		if (!uid) {
-	// 			this.httpBadRequest(response, "No uid provided");
-	// 			return;
-	// 		}
-	// 		const officeId: string = req.body.user.office_Id;
-	// 		//add office id to request body
-	// 		req.body.office = { uid: officeId };
-
-	// 		//init Subscription resource with request body values
-	// 		const subscriptionEntity = Subscription.hydrate<Subscription>(req.body, { strategy: "excludeAll" });			
-
-	// 		await validateOrReject(subscriptionEntity, { groups: ["updateSubscription"], forbidUnknownValues: false });
-
-	// 		const stripeSession = await this.stripeService.createCheckoutSessionUpdate(uid, subscriptionEntity);
-
-	// 		this.httpCreated(response, stripeSession);
-	// 	} catch (error) {
-	// 		this.httpInternalError(response, error);
-	// 		return;
-	// 	}
-	// }
-
-	@Get("/api/v1/admin/stripe/:uid", [authHandler])
+	@Get("/api/v1/admin/stripe/:uid", [authHandler, ruleHandler])
 	protected async getClientPortalSession(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/SubscriptionsController.ts b/src/app/api/admin/SubscriptionsController.ts
index 3de788b2..c0f49241 100644
--- a/src/app/api/admin/SubscriptionsController.ts
+++ b/src/app/api/admin/SubscriptionsController.ts
@@ -2,16 +2,13 @@ import { Controller, Get, Post, Put } from "@ControllerPattern/index";
 import { Response, Request } from "express";
 import ApiController from "@Common/system/controller-pattern/ApiController";
 import { Service } from "typedi";
-// import authHandler from "@App/middlewares/AuthHandler";
-// import roleHandler from "@App/middlewares/RolesHandler";
-// import ruleHandler from "@App/middlewares/RulesHandler";
 import { Prisma } from "@prisma/client";
 import SubscriptionsService from "@Services/admin/SubscriptionsService/SubscriptionsService.ts";
 import { Subscription } from "le-coffre-resources/dist/Admin";
 import ObjectHydrate from "@Common/helpers/ObjectHydrate";
-import roleHandler from "@App/middlewares/RolesHandler";
 import authHandler from "@App/middlewares/AuthHandler";
 import EmailBuilder from "@Common/emails/EmailBuilder";
+import ruleHandler from "@App/middlewares/RulesHandler";
 
 @Controller()
 @Service()
@@ -23,7 +20,7 @@ export default class SubscriptionsController extends ApiController {
 	/**
 	 * @description Get all subscriptions
 	 */
-	@Get("/api/v1/admin/subscriptions", [authHandler, roleHandler])
+	@Get("/api/v1/admin/subscriptions", [authHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -51,9 +48,9 @@ export default class SubscriptionsController extends ApiController {
 	}
 
 	/**
-	 * @description Get a specific documentType by uid
+	 * @description Get a specific subscription by uid
 	 */
-	@Get("/api/v1/admin/subscriptions/:uid", [authHandler, roleHandler])
+	@Get("/api/v1/admin/subscriptions/:uid", [authHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -80,34 +77,10 @@ export default class SubscriptionsController extends ApiController {
 		}
 	}
 
-	// /**
-	//  * @description Create a new documentType
-	//  */
-	// @Post("/api/v1/admin/subscriptions", [authHandler, roleHandler])
-	// protected async post(req: Request, response: Response) {
-	// 	try {
-	// 		//init Subscription resource with request body values
-	// 		const subscriptionEntity = Subscription.hydrate<Subscription>(req.body);
-	// 		//validate subscription
-	// 		await validateOrReject(subscriptionEntity, { groups: ["createSubscription"], forbidUnknownValues: false });			
-	// 		//call service to get prisma entity
-	// 		const subscriptionEntityCreated = await this.subscriptionsService.create(subscriptionEntity);
-	// 		//Hydrate ressource with prisma entity
-	// 		const subscription = Subscription.hydrate<Subscription>(subscriptionEntityCreated, {
-	// 			strategy: "excludeAll",
-	// 		});
-	// 		//success
-	// 		this.httpCreated(response, subscription);
-	// 	} catch (error) {
-	// 		this.httpInternalError(response, error);
-	// 		return;
-	// 	}
-	// }
-
 	/**
 	 * @description Update a subscription
 	 */
-	@Put("/api/v1/admin/subscriptions/:uid", [authHandler, roleHandler])
+	@Put("/api/v1/admin/subscriptions/:uid", [authHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -147,7 +120,7 @@ export default class SubscriptionsController extends ApiController {
 	 * @description Invite collaborators to a subscription
 	 */
 
-	@Post("/api/v1/admin/subscriptions/invite", [authHandler, roleHandler])
+	@Post("/api/v1/admin/subscriptions/invite", [authHandler, ruleHandler])
 	protected async inviteCollaborators(req: Request, response: Response) {
 		try {
 			//get email list from body
@@ -168,43 +141,4 @@ export default class SubscriptionsController extends ApiController {
 			return;
 		}
 	}
-
-	// /**
-	//  * @description Update a subscription seats
-	//  */
-	// @Put("/api/v1/admin/subscriptions/:uid/seats", [authHandler, roleHandler])
-	// protected async updateSubscriptionSeats(req: Request, response: Response) {
-	// 	try {
-	// 		const uid = req.params["uid"];
-	// 		if (!uid) {
-	// 			this.httpBadRequest(response, "No uid provided");
-	// 			return;
-	// 		}
-
-	// 		const subscriptionFound = await this.subscriptionsService.getByUid(uid);
-
-	// 		if (!subscriptionFound) {
-	// 			this.httpNotFoundRequest(response, "subscription not found");
-	// 			return;
-	// 		}
-
-	// 		//init Subscription resource with request body values
-	// 		const seatEntities = Seat.hydrateArray<Seat>(req.body);
-
-	// 		//call service to get prisma entity
-	// 		const subscriptionEntityUpdated = await this.subscriptionsService.update(uid, subscriptionEntity);
-
-	// 		//Hydrate ressource with prisma entity
-	// 		const subscription = Subscription.hydrate<Subscription>(subscriptionEntityUpdated, {
-	// 			strategy: "excludeAll",
-	// 		});
-
-	// 		//success
-	// 		this.httpSuccess(response, subscription);
-
-	// 	} catch (error) {
-	// 		this.httpInternalError(response, error);
-	// 		return;
-	// 	}
-	// }
 }
diff --git a/src/app/api/idnot/UserController.ts b/src/app/api/idnot/UserController.ts
index 9c77f745..44a62b42 100644
--- a/src/app/api/idnot/UserController.ts
+++ b/src/app/api/idnot/UserController.ts
@@ -100,7 +100,7 @@ export default class UserController extends ApiController {
 				}
 			}
 
-			if (userHydrated.role?.name === "admin") {
+			if (userHydrated.role?.name === "admin" || userHydrated.role?.name === "super-admin") {
 				isSubscribed = true;
 			}
 
diff --git a/src/app/api/notary/OfficeRibController.ts b/src/app/api/notary/OfficeRibController.ts
index 3a0fb9ae..035919e4 100644
--- a/src/app/api/notary/OfficeRibController.ts
+++ b/src/app/api/notary/OfficeRibController.ts
@@ -7,6 +7,7 @@ import OfficerRibService from "@Services/common/OfficeRibService/OfficeRibServic
 import authHandler from "@App/middlewares/AuthHandler";
 import OfficesService from "@Services/notary/OfficesService/OfficesService";
 import { Office as OfficeResource } from "le-coffre-resources/dist/Notary";
+import ruleHandler from "@App/middlewares/RulesHandler";
 
 @Controller()
 @Service()
@@ -15,7 +16,7 @@ export default class OfficeRibController extends ApiController {
 		super();
 	}
 
-	@Get("/api/v1/notary/office/rib", [authHandler])
+	@Get("/api/v1/notary/rib", [authHandler, ruleHandler])
 	protected async getRibStream(req: Request, response: Response) {
 		const officeId: string = req.body.user.office_Id;
 		if (!officeId) throw new Error("No officeId provided");
@@ -43,7 +44,7 @@ export default class OfficeRibController extends ApiController {
 		}
 	}
 
-	@Post("/api/v1/notary/office/rib", [authHandler])
+	@Post("/api/v1/notary/rib", [authHandler, ruleHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			const officeId: string = req.body.user.office_Id;
@@ -82,7 +83,7 @@ export default class OfficeRibController extends ApiController {
 		}
 	}
 
-	@Delete("/api/v1/notary/office/rib", [authHandler])
+	@Delete("/api/v1/notary/rib", [authHandler, ruleHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const officeId: string = req.body.user.office_Id;
diff --git a/src/common/databases/seeders/seeder.ts b/src/common/databases/seeders/seeder.ts
index 5c007372..3f5b6b48 100644
--- a/src/common/databases/seeders/seeder.ts
+++ b/src/common/databases/seeders/seeder.ts
@@ -795,6 +795,27 @@ export default async function main() {
 				updated_at: new Date(),
 				namespace: "notary",
 			},
+			{
+				name: "GET rib",
+				label: "Lire le RIB de l'office",
+				created_at: new Date(),
+				updated_at: new Date(),
+				namespace: "notary",
+			},
+			{
+				name: "POST rib",
+				label: "Déposer le RIB de l'office",
+				created_at: new Date(),
+				updated_at: new Date(),
+				namespace: "notary",
+			},
+			{
+				name: "DELETE rib",
+				label: "Supprimer le RIB de l'office",
+				created_at: new Date(),
+				updated_at: new Date(),
+				namespace: "notary",
+			},
 			{
 				name: "GET subscriptions",
 				label: "Récupérer les abonnements",
diff --git a/src/common/emails/EmailBuilder.ts b/src/common/emails/EmailBuilder.ts
index 59aefda8..5dcfb7b8 100644
--- a/src/common/emails/EmailBuilder.ts
+++ b/src/common/emails/EmailBuilder.ts
@@ -132,7 +132,7 @@ export default class EmailBuilder {
 				nbTrySend: null,
 				lastTrySendDate: null,
 			});
-			this.mailchimpService.sendEmails();
+			// this.mailchimpService.sendEmails();
 		});