lecoffre-back/src/app/api/admin/UsersController.ts

import { Response, Request } from "express";
import { Controller, Get, Put } from "@ControllerPattern/index";
import ApiController from "@Common/system/controller-pattern/ApiController";
import UsersService from "@Services/admin/UsersService/UsersService";
import { Service } from "typedi";
import User from "le-coffre-resources/dist/Admin";
import { Prisma } from "@prisma/client";
import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import userHandler from "@App/middlewares/OfficeMembershipHandlers/UserHandler";
import roleHandler from "@App/middlewares/RolesHandler";
import RolesService from "@Services/admin/RolesService/RolesService";
import OfficeRolesService from "@Services/admin/OfficeRolesService/OfficeRolesService";

@Controller()
@Service()
export default class UsersController extends ApiController {
	constructor(private usersService: UsersService, private roleService: RolesService, private officeRoleService: OfficeRolesService) {
		super();
	}

	/**
	 * @description Get all users
	 */
	@Get("/api/v1/admin/users", [authHandler, roleHandler, ruleHandler])
	protected async get(req: Request, response: Response) {
		try {
			//get query
			let query: Prisma.UsersFindManyArgs = {};
			if (req.query["q"]) {
				query = JSON.parse(req.query["q"] as string);
				if(query.where?.uid) {
					this.httpBadRequest(response, "You can't filter by uid");
					return;
				}
			}

			if (req.query["search"] && typeof req.query["search"] === "string") {
				const filter = req.query["search"];
				query = {
					where: {
						contact: {
							OR: [
								{ first_name: { contains: filter, mode: "insensitive" } },
								{ last_name: { contains: filter, mode: "insensitive" } },
							],
						},
					},
				};
			}

			const officeId: string = req.body.user.office_Id;
			const officeWhereInput: Prisma.OfficesWhereInput = { uid: officeId };
			if (!query.where) query.where = { office_membership: officeWhereInput };
			query.where.office_membership = officeWhereInput;

			//call service to get prisma entity
			const usersEntities = await this.usersService.get(query);

			//Hydrate ressource with prisma entity
			const users = User.hydrateArray<User>(usersEntities, { strategy: "excludeAll" });

			//success
			this.httpSuccess(response, users);
		} catch (error) {
			this.httpInternalError(response, error);
			return;
		}
	}

	/**
	 * @description Modify a specific user by uid
	 */
		@Put("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler])
		protected async put(req: Request, response: Response) {
			try {
				const uid = req.params["uid"];
				if (!uid) {
					this.httpBadRequest(response, "No uid provided");
					return;
				}
	
				const userFound = await this.usersService.getByUidWithRole(uid);
	
				if (!userFound) {
					this.httpNotFoundRequest(response, "user not found");
					return;
				}
	
				//init IUser resource with request body values
				const userEntity = User.hydrate<User>(req.body);
	
				if(userEntity.role) {
					const role = await this.roleService.getByUid(userEntity.role.uid!);
					if(!role) {
						this.httpBadRequest(response, "Role not found");
						return;
					}
					if (role.name === "super-admin" || userFound.role.name === "super-admin" ) {
						this.httpBadRequest(response, "Cannot assign or remove super-admin role");
						return;
					}
				}

				if(userEntity.office_role) {
					const officeRole = await this.officeRoleService.getByUid(userEntity.office_role.uid!);
					if(!officeRole) {
						this.httpBadRequest(response, "Office role not found");
						return;
					}
					if (officeRole.office_uid != userFound.office_uid) {
						this.httpBadRequest(response, "Cannot assign an office role from another office");
						return;
					}
				}
				//call service to get prisma entity
				const userEntityUpdated = await this.usersService.update(uid, userEntity);
	
				//Hydrate ressource with prisma entity
				const user = User.hydrate<User>(userEntityUpdated, {
					strategy: "excludeAll",
				});
	
				//success
				this.httpSuccess(response, user);
			} catch (error) {
				this.httpInternalError(response, error);
				return;
			}
		}

	/**
	 * @description Get a specific user by uid
	 */
	@Get("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler, userHandler])
	protected async getOneByUid(req: Request, response: Response) {
		try {
			const uid = req.params["uid"];
			if (!uid) {
				this.httpBadRequest(response, "No uid provided");
				return;
			}
			//get query
			let query;
			if (req.query["q"]) {
				query = JSON.parse(req.query["q"] as string);
			}

			const userEntity = await this.usersService.getByUid(uid, query);

			if (!userEntity) {
				this.httpNotFoundRequest(response, "user not found");
				return;
			}

			//Hydrate ressource with prisma entity
			const user = User.hydrate<User>(userEntity, { strategy: "excludeAll" });

			//success
			this.httpSuccess(response, user);
		} catch (error) {
			this.httpInternalError(response, error);
			return;
		}
	}
}