38 lines
1.3 KiB
TypeScript
38 lines
1.3 KiB
TypeScript
import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
|
|
import FilesService from "@Services/common/FilesService/FilesService";
|
|
import DocumentsService from "@Services/customer/DocumentsService/DocumentsService";
|
|
import { NextFunction, Request, Response } from "express";
|
|
import Container from "typedi";
|
|
|
|
export default async function fileHandler(req: Request, response: Response, next: NextFunction) {
|
|
const customerId = req.body.user.customerId;
|
|
const uid = req.path && req.path.split("/")[5];
|
|
const document = req.body.document;
|
|
|
|
if (uid) {
|
|
const fileService = Container.get(FilesService);
|
|
const file = await fileService.getByUidWithDocument(uid);
|
|
if (!file) {
|
|
response.status(HttpCodes.NOT_FOUND).send("File not found");
|
|
return;
|
|
}
|
|
if (file.document.depositor_uid != customerId) {
|
|
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
|
|
return;
|
|
}
|
|
}
|
|
|
|
if (document) {
|
|
const documentService = Container.get(DocumentsService);
|
|
const documentFound = await documentService.getByUid(document.uid!);
|
|
if(!documentFound) {
|
|
response.status(HttpCodes.NOT_FOUND).send("Document not found");
|
|
return;
|
|
}
|
|
if (documentFound.depositor_uid != customerId) {
|
|
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
|
|
return;
|
|
}
|
|
}
|
|
}
|