Rules and user access

2024-04-19 11:47:55 +02:00 · 2024-04-19 11:47:55 +02:00 · bbecec09a3
commit bbecec09a3
parent ad767c7a2e
7 changed files with 50 additions and 105 deletions
--- a/src/app/api/admin/OfficeRolesController.ts
+++ b/src/app/api/admin/OfficeRolesController.ts
@ -75,6 +75,20 @@ export default class OfficeRolesController extends ApiController {
 			//init IOfficeRole resource with request body values
 			const officeRoleEntity = OfficeRole.hydrate<OfficeRole>(req.body);
 			const allRules = await this.rulesService.get({
 				where: {
 					OR: [
 						{
 							namespace: "notary",
 						},
 						{
 							namespace: "collaborator",
 						},
 					],
 				},
 			});
 			officeRoleEntity.rules = allRules;
 			//validate officeRole
 			await validateOrReject(officeRoleEntity, { groups: ["createOfficeRole"] });
--- a/src/app/api/admin/StripeController.ts
+++ b/src/app/api/admin/StripeController.ts
@ -1,4 +1,5 @@
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 // import roleHandler from "@App/middlewares/RolesHandler";
 import ApiController from "@Common/system/controller-pattern/ApiController";
 import { Controller, Get, Post} from "@ControllerPattern/index";
@ -18,7 +19,7 @@ export default class StripeController extends ApiController {
 	/**
 	 * @description Create a new checkout session
 	 */
-	@Post("/api/v1/admin/stripe", [authHandler])
+	@Post("/api/v1/admin/stripe", [authHandler, ruleHandler])
 	protected async createStripeSubscriptionCheckout(req: Request, response: Response) {
 		try {
 			const officeId: string = req.body.user.office_Id;
@ -41,33 +42,7 @@ export default class StripeController extends ApiController {
 		}
 	}
-	// @Put("/api/v1/admin/stripe/:uid")
+	@Get("/api/v1/admin/stripe/:uid", [authHandler, ruleHandler])
 	// protected async createStripeSubscriptionUpdateCheckout(req: Request, response: Response) {
 	// 	try {
 	// 		const uid = req.params["uid"];
 	// 		if (!uid) {
 	// 			this.httpBadRequest(response, "No uid provided");
 	// 			return;
 	// 		}
 	// 		const officeId: string = req.body.user.office_Id;
 	// 		//add office id to request body
 	// 		req.body.office = { uid: officeId };
 	// 		//init Subscription resource with request body values
 	// 		const subscriptionEntity = Subscription.hydrate<Subscription>(req.body, { strategy: "excludeAll" });			
 	// 		await validateOrReject(subscriptionEntity, { groups: ["updateSubscription"], forbidUnknownValues: false });
 	// 		const stripeSession = await this.stripeService.createCheckoutSessionUpdate(uid, subscriptionEntity);
 	// 		this.httpCreated(response, stripeSession);
 	// 	} catch (error) {
 	// 		this.httpInternalError(response, error);
 	// 		return;
 	// 	}
 	// }
 	@Get("/api/v1/admin/stripe/:uid", [authHandler])
 	protected async getClientPortalSession(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
--- a/src/app/api/admin/SubscriptionsController.ts
+++ b/src/app/api/admin/SubscriptionsController.ts
@ -2,16 +2,13 @@ import { Controller, Get, Post, Put } from "@ControllerPattern/index";
 import { Response, Request } from "express";
 import ApiController from "@Common/system/controller-pattern/ApiController";
 import { Service } from "typedi";
 // import authHandler from "@App/middlewares/AuthHandler";
 // import roleHandler from "@App/middlewares/RolesHandler";
 // import ruleHandler from "@App/middlewares/RulesHandler";
 import { Prisma } from "@prisma/client";
 import SubscriptionsService from "@Services/admin/SubscriptionsService/SubscriptionsService.ts";
 import { Subscription } from "le-coffre-resources/dist/Admin";
 import ObjectHydrate from "@Common/helpers/ObjectHydrate";
 import roleHandler from "@App/middlewares/RolesHandler";
 import authHandler from "@App/middlewares/AuthHandler";
 import EmailBuilder from "@Common/emails/EmailBuilder";
 import ruleHandler from "@App/middlewares/RulesHandler";
@Controller()
@Service()
@ -23,7 +20,7 @@ export default class SubscriptionsController extends ApiController {
 	/**
 	 * @description Get all subscriptions
 	 */
-	@Get("/api/v1/admin/subscriptions", [authHandler, roleHandler])
+	@Get("/api/v1/admin/subscriptions", [authHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@ -51,9 +48,9 @@ export default class SubscriptionsController extends ApiController {
 	}
 	/**
-	 * @description Get a specific documentType by uid
+	 * @description Get a specific subscription by uid
 	 */
-	@Get("/api/v1/admin/subscriptions/:uid", [authHandler, roleHandler])
+	@Get("/api/v1/admin/subscriptions/:uid", [authHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@ -80,34 +77,10 @@ export default class SubscriptionsController extends ApiController {
 		}
 	}
 	// /**
 	//  * @description Create a new documentType
 	//  */
 	// @Post("/api/v1/admin/subscriptions", [authHandler, roleHandler])
 	// protected async post(req: Request, response: Response) {
 	// 	try {
 	// 		//init Subscription resource with request body values
 	// 		const subscriptionEntity = Subscription.hydrate<Subscription>(req.body);
 	// 		//validate subscription
 	// 		await validateOrReject(subscriptionEntity, { groups: ["createSubscription"], forbidUnknownValues: false });			
 	// 		//call service to get prisma entity
 	// 		const subscriptionEntityCreated = await this.subscriptionsService.create(subscriptionEntity);
 	// 		//Hydrate ressource with prisma entity
 	// 		const subscription = Subscription.hydrate<Subscription>(subscriptionEntityCreated, {
 	// 			strategy: "excludeAll",
 	// 		});
 	// 		//success
 	// 		this.httpCreated(response, subscription);
 	// 	} catch (error) {
 	// 		this.httpInternalError(response, error);
 	// 		return;
 	// 	}
 	// }
 	/**
 	 * @description Update a subscription
 	 */
-	@Put("/api/v1/admin/subscriptions/:uid", [authHandler, roleHandler])
+	@Put("/api/v1/admin/subscriptions/:uid", [authHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@ -147,7 +120,7 @@ export default class SubscriptionsController extends ApiController {
 	 * @description Invite collaborators to a subscription
 	 */
-	@Post("/api/v1/admin/subscriptions/invite", [authHandler, roleHandler])
+	@Post("/api/v1/admin/subscriptions/invite", [authHandler, ruleHandler])
 	protected async inviteCollaborators(req: Request, response: Response) {
 		try {
 			//get email list from body
@ -168,43 +141,4 @@ export default class SubscriptionsController extends ApiController {
 			return;
 		}
 	}
 	// /**
 	//  * @description Update a subscription seats
 	//  */
 	// @Put("/api/v1/admin/subscriptions/:uid/seats", [authHandler, roleHandler])
 	// protected async updateSubscriptionSeats(req: Request, response: Response) {
 	// 	try {
 	// 		const uid = req.params["uid"];
 	// 		if (!uid) {
 	// 			this.httpBadRequest(response, "No uid provided");
 	// 			return;
 	// 		}
 	// 		const subscriptionFound = await this.subscriptionsService.getByUid(uid);
 	// 		if (!subscriptionFound) {
 	// 			this.httpNotFoundRequest(response, "subscription not found");
 	// 			return;
 	// 		}
 	// 		//init Subscription resource with request body values
 	// 		const seatEntities = Seat.hydrateArray<Seat>(req.body);
 	// 		//call service to get prisma entity
 	// 		const subscriptionEntityUpdated = await this.subscriptionsService.update(uid, subscriptionEntity);
 	// 		//Hydrate ressource with prisma entity
 	// 		const subscription = Subscription.hydrate<Subscription>(subscriptionEntityUpdated, {
 	// 			strategy: "excludeAll",
 	// 		});
 	// 		//success
 	// 		this.httpSuccess(response, subscription);
 	// 	} catch (error) {
 	// 		this.httpInternalError(response, error);
 	// 		return;
 	// 	}
 	// }
 }
--- a/src/app/api/idnot/UserController.ts
+++ b/src/app/api/idnot/UserController.ts
@ -100,7 +100,7 @@ export default class UserController extends ApiController {
 				}
 			}
-			if (userHydrated.role?.name === "admin") {
+			if (userHydrated.role?.name === "admin" || userHydrated.role?.name === "super-admin") {
 				isSubscribed = true;
 			}
--- a/src/app/api/notary/OfficeRibController.ts
+++ b/src/app/api/notary/OfficeRibController.ts
@ -7,6 +7,7 @@ import OfficerRibService from "@Services/common/OfficeRibService/OfficeRibServic
 import authHandler from "@App/middlewares/AuthHandler";
 import OfficesService from "@Services/notary/OfficesService/OfficesService";
 import { Office as OfficeResource } from "le-coffre-resources/dist/Notary";
 import ruleHandler from "@App/middlewares/RulesHandler";
@Controller()
@Service()
@ -15,7 +16,7 @@ export default class OfficeRibController extends ApiController {
 		super();
 	}
-	@Get("/api/v1/notary/office/rib", [authHandler])
+	@Get("/api/v1/notary/rib", [authHandler, ruleHandler])
 	protected async getRibStream(req: Request, response: Response) {
 		const officeId: string = req.body.user.office_Id;
 		if (!officeId) throw new Error("No officeId provided");
@ -43,7 +44,7 @@ export default class OfficeRibController extends ApiController {
 		}
 	}
-	@Post("/api/v1/notary/office/rib", [authHandler])
+	@Post("/api/v1/notary/rib", [authHandler, ruleHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			const officeId: string = req.body.user.office_Id;
@ -82,7 +83,7 @@ export default class OfficeRibController extends ApiController {
 		}
 	}
-	@Delete("/api/v1/notary/office/rib", [authHandler])
+	@Delete("/api/v1/notary/rib", [authHandler, ruleHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const officeId: string = req.body.user.office_Id;
--- a/src/common/databases/seeders/seeder.ts
+++ b/src/common/databases/seeders/seeder.ts
@ -795,6 +795,27 @@ export default async function main() {
 				updated_at: new Date(),
 				namespace: "notary",
 			},
 			{
 				name: "GET rib",
 				label: "Lire le RIB de l'office",
 				created_at: new Date(),
 				updated_at: new Date(),
 				namespace: "notary",
 			},
 			{
 				name: "POST rib",
 				label: "Déposer le RIB de l'office",
 				created_at: new Date(),
 				updated_at: new Date(),
 				namespace: "notary",
 			},
 			{
 				name: "DELETE rib",
 				label: "Supprimer le RIB de l'office",
 				created_at: new Date(),
 				updated_at: new Date(),
 				namespace: "notary",
 			},
 			{
 				name: "GET subscriptions",
 				label: "Récupérer les abonnements",
--- a/src/common/emails/EmailBuilder.ts
+++ b/src/common/emails/EmailBuilder.ts
@ -132,7 +132,7 @@ export default class EmailBuilder {
 				nbTrySend: null,
 				lastTrySendDate: null,
 			});
-			this.mailchimpService.sendEmails();
+			// this.mailchimpService.sendEmails();
 		});