feat: Implement cuser management with role updates, activation, and deactivation.

2026-01-15 15:26:30 +07:00 · 2026-01-15 15:26:30 +07:00 · 1caeac6226
commit 1caeac6226
parent a59b144ebf
5 changed files with 100 additions and 18 deletions
--- a/Backend/src/controllers/UserController.ts
+++ b/Backend/src/controllers/UserController.ts
@ -13,7 +13,7 @@ import { profileUpdateSchema, changePasswordSchema } from "../validators/user.va
 import { ValidationError } from '../middleware/errorHandler';

@Route('api/user')
-@Tags('Usermanagement')
+@Tags('User')
 export class UserController {
    private userService = new UserService();

--- a/Backend/src/controllers/UsermanagementController.ts
+++ b/Backend/src/controllers/UsermanagementController.ts
@ -1,17 +1,17 @@
-import { Get, Body, Post, Route, Tags, SuccessResponse, Response, Example, Controller, Security, Request, Put,Path } from 'tsoa';
+import { Get, Body, Post, Route, Tags, SuccessResponse, Response, Security, Put, Path, Delete } from 'tsoa';
 import { UserManagementService } from '../services/usermanagement.service';
 import { ValidationError } from '../middleware/errorHandler';
-import { ListUsersResponse, GetUserResponse, ActivateAccountResponse } from '../types/usersmanagement.types';
-import { getUserByIdValidator } from '../validators/usermanagement.validator';
+import { ListUsersResponse, GetUserResponse, ActivateAccountResponse, DeactivateAccountResponse, UpdateRole, UpdateRoleResponse } from '../types/usersmanagement.types';
+import { getUserByIdValidator, updateUserRoleValidator } from '../validators/usermanagement.validator';

@Route('api/admin/usermanagement')
-@Tags('Usermanagement')
+@Tags('UserManagement')
 export class UserManagementController {

    private userManagementService = new UserManagementService();

    @Get('users')
-    @Security('jwt' , ['admin'])
+    @Security('jwt', ['admin'])
    @SuccessResponse('200', 'Users fetched successfully')
    @Response('401', 'Invalid or expired token')
    public async listUsers(): Promise<ListUsersResponse> {
@ -19,7 +19,7 @@ export class UserManagementController {
    }

    @Get('users/{id}')
-    @Security('jwt' , ['admin'])
+    @Security('jwt', ['admin'])
    @SuccessResponse('200', 'User fetched successfully')
    @Response('401', 'Invalid or expired token')
    public async getUserById(@Path() id: number): Promise<GetUserResponse> {
@ -27,5 +27,36 @@ export class UserManagementController {
        if (error) throw new ValidationError(error.details[0].message);
        return await this.userManagementService.getUserById(value.id);
    }
+
+    @Put('role/{id}')
+    @Security('jwt', ['admin'])
+    @SuccessResponse('200', 'User role updated successfully')
+    @Response('401', 'Invalid or expired token')
+    public async updateUserRole(@Body() body: UpdateRole): Promise<UpdateRoleResponse> {
+        const { error, value } = updateUserRoleValidator.validate(body);
+        if (error) throw new ValidationError(error.details[0].message);
+        return await this.userManagementService.updateUserRole(value.id, value.role_id);
+    }
+
+    @Delete('users/{id}')
+    @Security('jwt', ['admin'])
+    @SuccessResponse('200', 'User deleted successfully')
+    @Response('401', 'Invalid or expired token')
+    public async deleteUser(@Path() id: number): Promise<DeactivateAccountResponse> {
+        const { error, value } = getUserByIdValidator.validate({ id });
+        if (error) throw new ValidationError(error.details[0].message);
+        return await this.userManagementService.deleteUser(value.id);
+    }
+
+    @Put('users/activate/{id}')
+    @Security('jwt', ['admin'])
+    @SuccessResponse('200', 'User activated successfully')
+    @Response('401', 'Invalid or expired token')
+    public async activateUser(@Path() id: number): Promise<ActivateAccountResponse> {
+        const { error, value } = getUserByIdValidator.validate({ id });
+        if (error) throw new ValidationError(error.details[0].message);
+        return await this.userManagementService.activateAccount(value.id);
+    }
+
 }

--- a/Backend/src/services/usermanagement.service.ts
+++ b/Backend/src/services/usermanagement.service.ts
@ -6,7 +6,6 @@ import jwt from 'jsonwebtoken';
 import {
    ListUsersResponse,
    GetUserResponse,
-    ActivateAccount,
    UpdateUser,
    UpdateRoleResponse,
    DeactivateAccountResponse,
@ -58,6 +57,48 @@ export class UserManagementService {
        }
    }

+    async updateUserRole(id: number, role_id: number): Promise<UpdateRoleResponse> {
+        try {
+            const user = await prisma.user.findUnique({ where: { id } });
+            if (!user) throw new UnauthorizedError('User not found');
+
+            const role = await prisma.role.findUnique({ where: { id: role_id } });
+            if (!role) throw new UnauthorizedError('Role not found');
+
+            await prisma.user.update({
+                where: { id },
+                data: { role_id }
+            });
+
+            return {
+                code: 200,
+                message: 'User role updated successfully'
+            };
+        } catch (error) {
+            logger.error('Failed to update user role', { error });
+            throw error;
+        }
+    }
+
+    async deleteUser(id: number): Promise<DeactivateAccountResponse> {
+        try {
+            const user = await prisma.user.findUnique({ where: { id } });
+            if (!user) throw new UnauthorizedError('User not found');
+
+            await prisma.user.update({
+                where: { id },
+                data: { is_deactivated: true }
+            });
+            return {
+                code: 200,
+                message: 'User deactivated successfully'
+            };
+        } catch (error) {
+            logger.error('Failed to deactivate user', { error });
+            throw error;
+        }
+    }
+
    async deactivateAccount(token: string): Promise<DeactivateAccountResponse> {
        try {
            // Decode JWT token to get user ID
--- a/Backend/src/types/usersmanagement.types.ts
+++ b/Backend/src/types/usersmanagement.types.ts
@ -15,7 +15,7 @@ export interface GetUserResponse {
    data: UserResponse;
 }

-export interface UpdateUser{
+export interface UpdateUser {
    id: number;
    username?: string;
    email?: string;
@ -23,10 +23,14 @@ export interface UpdateUser{
    profile?: ProfileUpdate;
 }

+export interface UpdateRole {
+    id: number;
+    role_id: number;
+}
+
 export interface UpdateRoleResponse {
    code: number;
    message: string;
-    data: UserResponse;
 }

 export interface DeactivateAccountResponse {
@ -34,16 +38,9 @@ export interface DeactivateAccountResponse {
    message: string;
 }

-export interface ActivateAccount {
-    id: number;
-}
-
 export interface ActivateAccountResponse {
    code: number;
    message: string;
 }

-export interface DeactivateAccount{
-    id: number;
-}

--- a/Backend/src/validators/usermanagement.validator.ts
+++ b/Backend/src/validators/usermanagement.validator.ts
@ -7,3 +7,16 @@ export const getUserByIdValidator = Joi.object({
        'number.required': 'ID is required'
    })
 })
+
+export const updateUserRoleValidator = Joi.object({
+    id: Joi.number().required().messages({
+        'number.base': 'ID must be a number',
+        'number.empty': 'ID is required',
+        'number.required': 'ID is required'
+    }),
+    role_id: Joi.number().required().messages({
+        'number.base': 'Role ID must be a number',
+        'number.empty': 'Role ID is required',
+        'number.required': 'Role ID is required'
+    })
+})