lecoffre-back/src/app/middlewares/OfficeMembershipHandlers/FolderHandler.ts

import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
import { NextFunction, Request, Response } from "express";
import Container from "typedi";
import OfficeFoldersService from "@Services/super-admin/OfficeFoldersService/OfficeFoldersService";
import DeedTypesService from "@Services/super-admin/DeedTypesService/DeedTypesService";

export default async function folderHandler(req: Request, response: Response, next: NextFunction) {
	try {
		const officeId = req.body.user.office_Id;
		const userId = req.body.user.userId;
		let uid = req.path && req.path.split("/")[5];
		const office = req.body.office;
		const deed = req.body.deed;
		const folderNumber = req.body.folder_number;
		const stakeHolders = req.body.stakeholders as any[];

		if (office && office.uid != officeId) {
			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
			return;
		}

		if (folderNumber) {
			const officeFolderService = Container.get(OfficeFoldersService);
			const sameFolderNumber = await officeFolderService.get({
				where: { AND: [{ folder_number: folderNumber }, { office_uid: officeId }] },
			});
			if (sameFolderNumber[0] && (!uid || uid != sameFolderNumber[0]?.uid)) {
				const error = [{ property: "folder_number", constraints: { folder_number: "Numéro de dossier déjà utilisé" } }];
				response.status(HttpCodes.VALIDATION_ERROR).send(error);
				return;
			}
		}

		if (stakeHolders && stakeHolders.length === 0) {
			response
				.status(HttpCodes.VALIDATION_ERROR)
				.send([{ property: "stakeholders", constraints: { stakeholders: "Au moins un collaborateur est requis" } }]);
			return;
		}

		if (deed && deed.deed_type) {
			const deedTypeService = Container.get(DeedTypesService);
			const deedTypeWithOffice = await deedTypeService.getByUidWithOffice(deed.deed_type.uid!);
			if (!deedTypeWithOffice) {
				response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
				return;
			}
			if (deedTypeWithOffice.archived_at) {
				response.status(HttpCodes.FORBIDDEN).send("Deed type is archived");
				return;
			}
			if (deedTypeWithOffice.office.uid != officeId) {
				response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this deed type");
				return;
			}
		}

		if (uid) {
			if (uid === "download") {
				uid = req.path && req.path.split("/")[6];
			}
			const officeFolderService = Container.get(OfficeFoldersService);

			const officeFolder = await officeFolderService.getByUidWithStakeholders(uid!);

			if (!officeFolder) {
				response.status(HttpCodes.NOT_FOUND).send("Office folder not found");
				return;
			}

			if (officeFolder.office_uid != officeId) {
				response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
				return;
			}

			if (!officeFolder.stakeholders.find((stakeholder) => stakeholder.uid === userId)) {
				response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this user");
				return;
			}
		}

		next();
	} catch (error) {
		console.error(error);
		response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
		return;
	}
}