2024-04-03 15:34:36 +07:00
|
|
|
import {
|
|
|
|
|
Body,
|
|
|
|
|
Controller,
|
|
|
|
|
Delete,
|
|
|
|
|
Get,
|
|
|
|
|
Put,
|
|
|
|
|
Path,
|
|
|
|
|
Post,
|
|
|
|
|
Query,
|
|
|
|
|
Request,
|
|
|
|
|
Route,
|
|
|
|
|
Security,
|
|
|
|
|
Tags,
|
|
|
|
|
} from "tsoa";
|
2024-07-03 11:32:32 +07:00
|
|
|
import { Branch, Prisma, Status, User, UserType } from "@prisma/client";
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-05 10:42:16 +07:00
|
|
|
import prisma from "../db";
|
2024-06-10 11:03:40 +07:00
|
|
|
import minio, { presignedGetObjectIfExist } from "../services/minio";
|
2024-04-05 10:42:16 +07:00
|
|
|
import { RequestWithUser } from "../interfaces/user";
|
|
|
|
|
import HttpError from "../interfaces/http-error";
|
|
|
|
|
import HttpStatus from "../interfaces/http-status";
|
2024-04-17 16:35:35 +07:00
|
|
|
import {
|
|
|
|
|
addUserRoles,
|
|
|
|
|
createUser,
|
|
|
|
|
deleteUser,
|
2024-04-18 16:39:49 +07:00
|
|
|
editUser,
|
2024-07-01 13:24:02 +07:00
|
|
|
listRole,
|
2024-04-17 16:35:35 +07:00
|
|
|
getUserRoles,
|
|
|
|
|
removeUserRoles,
|
|
|
|
|
} from "../services/keycloak";
|
2024-09-05 09:01:28 +07:00
|
|
|
import { isSystem } from "../utils/keycloak";
|
2024-09-05 14:43:33 +07:00
|
|
|
import { fileLocation, listFile } from "../utils/minio";
|
2024-04-03 15:34:36 +07:00
|
|
|
|
|
|
|
|
if (!process.env.MINIO_BUCKET) {
|
|
|
|
|
throw Error("Require MinIO bucket.");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const MINIO_BUCKET = process.env.MINIO_BUCKET;
|
2024-09-04 11:40:55 +07:00
|
|
|
const MANAGE_ROLES = ["system", "head_of_admin", "admin", "branch_manager"];
|
|
|
|
|
|
|
|
|
|
function globalAllow(user: RequestWithUser["user"]) {
|
|
|
|
|
const listAllowed = ["system", "head_of_admin"];
|
|
|
|
|
return user.roles?.some((v) => listAllowed.includes(v)) || false;
|
|
|
|
|
}
|
2024-04-03 15:34:36 +07:00
|
|
|
|
|
|
|
|
type UserCreate = {
|
2024-04-05 10:44:13 +07:00
|
|
|
status?: Status;
|
|
|
|
|
|
2024-04-09 13:05:49 +07:00
|
|
|
userType: UserType;
|
2024-04-03 15:34:36 +07:00
|
|
|
userRole: string;
|
|
|
|
|
|
2024-04-17 11:21:57 +07:00
|
|
|
username: string;
|
|
|
|
|
|
2024-08-15 09:26:21 +07:00
|
|
|
namePrefix?: string | null;
|
2024-04-04 13:42:46 +07:00
|
|
|
firstName: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
firstNameEN: string;
|
2024-08-15 09:26:21 +07:00
|
|
|
middleName?: string | null;
|
|
|
|
|
middleNameEN?: string | null;
|
2024-04-04 13:42:46 +07:00
|
|
|
lastName: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
lastNameEN: string;
|
2024-04-05 16:43:59 +07:00
|
|
|
gender: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-17 16:22:07 +07:00
|
|
|
checkpoint?: string | null;
|
|
|
|
|
checkpointEN?: string | null;
|
2024-04-09 17:34:53 +07:00
|
|
|
registrationNo?: string | null;
|
|
|
|
|
startDate?: Date | null;
|
|
|
|
|
retireDate?: Date | null;
|
|
|
|
|
discountCondition?: string | null;
|
|
|
|
|
licenseNo?: string | null;
|
|
|
|
|
licenseIssueDate?: Date | null;
|
|
|
|
|
licenseExpireDate?: Date | null;
|
|
|
|
|
sourceNationality?: string | null;
|
|
|
|
|
importNationality?: string | null;
|
|
|
|
|
trainingPlace?: string | null;
|
2024-04-10 11:37:12 +07:00
|
|
|
responsibleArea?: string | null;
|
|
|
|
|
birthDate?: Date | null;
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-04 13:42:46 +07:00
|
|
|
address: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
addressEN: string;
|
|
|
|
|
zipCode: string;
|
|
|
|
|
email: string;
|
|
|
|
|
telephoneNo: string;
|
|
|
|
|
|
|
|
|
|
subDistrictId?: string | null;
|
|
|
|
|
districtId?: string | null;
|
|
|
|
|
provinceId?: string | null;
|
2024-07-03 11:32:32 +07:00
|
|
|
|
2024-09-06 13:38:18 +07:00
|
|
|
selectedImage?: string;
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
branchId: string | string[];
|
2024-04-03 15:34:36 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
type UserUpdate = {
|
2024-04-05 10:44:13 +07:00
|
|
|
status?: "ACTIVE" | "INACTIVE";
|
|
|
|
|
|
2024-04-18 16:39:49 +07:00
|
|
|
username?: string;
|
|
|
|
|
|
2024-04-09 13:05:49 +07:00
|
|
|
userType?: UserType;
|
2024-04-03 15:34:36 +07:00
|
|
|
userRole?: string;
|
|
|
|
|
|
2024-08-15 09:26:21 +07:00
|
|
|
namePrefix?: string | null;
|
2024-04-04 13:42:46 +07:00
|
|
|
firstName?: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
firstNameEN?: string;
|
2024-08-15 09:26:21 +07:00
|
|
|
middleName?: string | null;
|
|
|
|
|
middleNameEN?: string | null;
|
2024-04-04 13:42:46 +07:00
|
|
|
lastName?: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
lastNameEN?: string;
|
2024-04-05 16:43:59 +07:00
|
|
|
gender?: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-17 16:22:07 +07:00
|
|
|
checkpoint?: string | null;
|
|
|
|
|
checkpointEN?: string | null;
|
2024-04-09 17:34:53 +07:00
|
|
|
registrationNo?: string | null;
|
|
|
|
|
startDate?: Date | null;
|
|
|
|
|
retireDate?: Date | null;
|
|
|
|
|
discountCondition?: string | null;
|
|
|
|
|
licenseNo?: string | null;
|
|
|
|
|
licenseIssueDate?: Date | null;
|
|
|
|
|
licenseExpireDate?: Date | null;
|
|
|
|
|
sourceNationality?: string | null;
|
|
|
|
|
importNationality?: string | null;
|
|
|
|
|
trainingPlace?: string | null;
|
2024-04-10 11:37:12 +07:00
|
|
|
responsibleArea?: string | null;
|
|
|
|
|
birthDate?: Date | null;
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-04 13:42:46 +07:00
|
|
|
address?: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
addressEN?: string;
|
|
|
|
|
zipCode?: string;
|
|
|
|
|
email?: string;
|
|
|
|
|
telephoneNo?: string;
|
|
|
|
|
|
2024-09-06 13:38:18 +07:00
|
|
|
selectedImage?: string;
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
subDistrictId?: string | null;
|
|
|
|
|
districtId?: string | null;
|
|
|
|
|
provinceId?: string | null;
|
2024-07-03 11:32:32 +07:00
|
|
|
|
|
|
|
|
branchId?: string | string[];
|
2024-04-03 15:34:36 +07:00
|
|
|
};
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
async function userBranchCodeGen(user: User, branch: Branch) {
|
|
|
|
|
return await prisma.$transaction(
|
|
|
|
|
async (tx) => {
|
|
|
|
|
const typ = user.userType;
|
|
|
|
|
|
2024-08-08 09:14:26 +07:00
|
|
|
const mapTypeNo = {
|
|
|
|
|
USER: 1,
|
|
|
|
|
MESSENGER: 2,
|
|
|
|
|
DELEGATE: 3,
|
|
|
|
|
AGENCY: 4,
|
|
|
|
|
}[typ];
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
const last = await tx.runningNo.upsert({
|
|
|
|
|
where: {
|
2024-08-08 09:14:26 +07:00
|
|
|
key: `BR_USR_${branch.code}_${mapTypeNo}`,
|
2024-07-03 11:32:32 +07:00
|
|
|
},
|
|
|
|
|
create: {
|
2024-08-08 09:14:26 +07:00
|
|
|
key: `BR_USR_${branch.code}_${mapTypeNo}`,
|
2024-07-03 11:32:32 +07:00
|
|
|
value: 1,
|
|
|
|
|
},
|
|
|
|
|
update: { value: { increment: 1 } },
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return await tx.user.update({
|
|
|
|
|
where: { id: user.id },
|
|
|
|
|
data: {
|
2024-08-14 20:16:40 +07:00
|
|
|
code: mapTypeNo + `${last.value}`.padStart(6, "0"),
|
2024-07-03 11:32:32 +07:00
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
{ isolationLevel: Prisma.TransactionIsolationLevel.Serializable },
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
function imageLocation(id: string) {
|
|
|
|
|
return `user/profile-img-${id}`;
|
|
|
|
|
}
|
|
|
|
|
|
2024-06-06 09:42:02 +07:00
|
|
|
@Route("api/v1/user")
|
2024-04-03 15:34:36 +07:00
|
|
|
@Tags("User")
|
|
|
|
|
export class UserController extends Controller {
|
2024-04-09 17:51:46 +07:00
|
|
|
@Get("type-stats")
|
2024-06-28 09:32:36 +07:00
|
|
|
@Security("keycloak")
|
2024-09-04 17:01:18 +07:00
|
|
|
async getUserTypeStats(@Request() req: RequestWithUser) {
|
2024-04-09 17:51:46 +07:00
|
|
|
const list = await prisma.user.groupBy({
|
|
|
|
|
by: "userType",
|
|
|
|
|
_count: true,
|
2024-08-16 18:00:53 +07:00
|
|
|
where: {
|
2024-09-04 17:01:18 +07:00
|
|
|
userRole: { not: "system" },
|
|
|
|
|
branch: isSystem(req.user)
|
|
|
|
|
? undefined
|
|
|
|
|
: {
|
|
|
|
|
some: {
|
|
|
|
|
branch: {
|
|
|
|
|
OR: [
|
|
|
|
|
{ user: { some: { userId: req.user.sub } } },
|
|
|
|
|
{
|
|
|
|
|
headOffice: !globalAllow(req.user)
|
|
|
|
|
? { user: { some: { userId: req.user.sub } } }
|
|
|
|
|
: undefined,
|
|
|
|
|
},
|
|
|
|
|
],
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-08-16 18:00:53 +07:00
|
|
|
},
|
2024-04-09 17:51:46 +07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return list.reduce<Record<UserType, number>>(
|
|
|
|
|
(a, c) => {
|
|
|
|
|
a[c.userType] = c._count;
|
|
|
|
|
return a;
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
USER: 0,
|
|
|
|
|
MESSENGER: 0,
|
|
|
|
|
DELEGATE: 0,
|
|
|
|
|
AGENCY: 0,
|
|
|
|
|
},
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
@Get()
|
2024-06-28 09:32:36 +07:00
|
|
|
@Security("keycloak")
|
2024-04-03 15:34:36 +07:00
|
|
|
async getUser(
|
2024-08-30 10:20:51 +07:00
|
|
|
@Request() req: RequestWithUser,
|
2024-04-09 13:05:49 +07:00
|
|
|
@Query() userType?: UserType,
|
2024-04-03 15:34:36 +07:00
|
|
|
@Query() zipCode?: string,
|
2024-04-10 15:11:13 +07:00
|
|
|
@Query() includeBranch: boolean = false,
|
2024-04-03 15:34:36 +07:00
|
|
|
@Query() query: string = "",
|
|
|
|
|
@Query() page: number = 1,
|
|
|
|
|
@Query() pageSize: number = 30,
|
2024-08-16 10:48:56 +07:00
|
|
|
@Query() status?: Status,
|
2024-04-03 15:34:36 +07:00
|
|
|
) {
|
2024-08-16 10:48:56 +07:00
|
|
|
const filterStatus = (val?: Status) => {
|
|
|
|
|
if (!val) return {};
|
|
|
|
|
|
|
|
|
|
return val !== Status.CREATED && val !== Status.ACTIVE
|
|
|
|
|
? { status: val }
|
|
|
|
|
: { OR: [{ status: Status.CREATED }, { status: Status.ACTIVE }] };
|
|
|
|
|
};
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
const where = {
|
|
|
|
|
OR: [
|
2024-08-16 10:48:56 +07:00
|
|
|
{ firstName: { contains: query }, zipCode, userType, ...filterStatus(status) },
|
|
|
|
|
{ firstNameEN: { contains: query }, zipCode, userType, ...filterStatus(status) },
|
|
|
|
|
{ lastName: { contains: query }, zipCode, userType, ...filterStatus(status) },
|
|
|
|
|
{ lastNameEN: { contains: query }, zipCode, userType, ...filterStatus(status) },
|
|
|
|
|
{ email: { contains: query }, zipCode, userType, ...filterStatus(status) },
|
|
|
|
|
{ telephoneNo: { contains: query }, zipCode, userType, ...filterStatus(status) },
|
2024-04-03 15:34:36 +07:00
|
|
|
],
|
2024-08-13 17:07:05 +07:00
|
|
|
AND: {
|
|
|
|
|
userRole: { not: "system" },
|
2024-09-04 16:47:31 +07:00
|
|
|
branch: isSystem(req.user)
|
|
|
|
|
? undefined
|
|
|
|
|
: {
|
|
|
|
|
some: {
|
|
|
|
|
branch: {
|
|
|
|
|
OR: [
|
|
|
|
|
{ user: { some: { userId: req.user.sub } } },
|
|
|
|
|
{
|
|
|
|
|
headOffice: !globalAllow(req.user)
|
|
|
|
|
? { user: { some: { userId: req.user.sub } } }
|
|
|
|
|
: undefined,
|
|
|
|
|
},
|
|
|
|
|
],
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-08-13 17:07:05 +07:00
|
|
|
},
|
2024-04-03 15:34:36 +07:00
|
|
|
} satisfies Prisma.UserWhereInput;
|
|
|
|
|
|
|
|
|
|
const [result, total] = await prisma.$transaction([
|
|
|
|
|
prisma.user.findMany({
|
2024-06-24 13:20:59 +07:00
|
|
|
orderBy: [{ statusOrder: "asc" }, { createdAt: "asc" }],
|
2024-04-03 15:34:36 +07:00
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
2024-04-10 15:11:13 +07:00
|
|
|
branch: { include: { branch: includeBranch } },
|
2024-07-01 14:38:07 +07:00
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
2024-04-03 15:34:36 +07:00
|
|
|
},
|
|
|
|
|
where,
|
|
|
|
|
take: pageSize,
|
|
|
|
|
skip: (page - 1) * pageSize,
|
|
|
|
|
}),
|
|
|
|
|
prisma.user.count({ where }),
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
return {
|
2024-09-06 13:38:18 +07:00
|
|
|
result,
|
2024-04-03 15:34:36 +07:00
|
|
|
page,
|
|
|
|
|
pageSize,
|
|
|
|
|
total,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Get("{userId}")
|
2024-06-28 09:32:36 +07:00
|
|
|
@Security("keycloak")
|
2024-04-03 15:34:36 +07:00
|
|
|
async getUserById(@Path() userId: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
2024-07-01 14:38:07 +07:00
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
2024-04-03 15:34:36 +07:00
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
2024-06-24 13:14:44 +07:00
|
|
|
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "User cannot be found.", "userNotFound");
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-09-05 14:43:33 +07:00
|
|
|
return record;
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Post()
|
2024-09-04 11:40:55 +07:00
|
|
|
@Security("keycloak", MANAGE_ROLES)
|
2024-04-03 15:34:36 +07:00
|
|
|
async createUser(@Request() req: RequestWithUser, @Body() body: UserCreate) {
|
2024-08-29 13:18:25 +07:00
|
|
|
const [province, district, subDistrict, branch, user] = await prisma.$transaction([
|
2024-07-03 11:32:32 +07:00
|
|
|
prisma.province.findFirst({ where: { id: body.provinceId ?? undefined } }),
|
|
|
|
|
prisma.district.findFirst({ where: { id: body.districtId ?? undefined } }),
|
|
|
|
|
prisma.subDistrict.findFirst({ where: { id: body.subDistrictId ?? undefined } }),
|
|
|
|
|
prisma.branch.findMany({
|
|
|
|
|
include: { user: { where: { userId: req.user.sub } } },
|
|
|
|
|
where: { id: { in: Array.isArray(body.branchId) ? body.branchId : [body.branchId] } },
|
|
|
|
|
}),
|
2024-08-29 13:18:25 +07:00
|
|
|
prisma.user.findFirst({
|
|
|
|
|
where: { username: body.username },
|
|
|
|
|
}),
|
2024-07-03 11:32:32 +07:00
|
|
|
]);
|
|
|
|
|
if (body.provinceId && !province) {
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"Province cannot be found.",
|
|
|
|
|
"relationProvinceNotFound",
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
if (body.districtId && !district) {
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"District cannot be found.",
|
|
|
|
|
"relationDistrictNotFound",
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
if (body.subDistrictId && !subDistrict) {
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"Sub-district cannot be found.",
|
|
|
|
|
"relationSubDistrictNotFound",
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
if (branch.length === 0) {
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"Require at least one branch for a user.",
|
|
|
|
|
"minimumBranchNotMet",
|
|
|
|
|
);
|
|
|
|
|
}
|
2024-08-29 13:18:25 +07:00
|
|
|
if (user) {
|
|
|
|
|
throw new HttpError(HttpStatus.BAD_REQUEST, "User exists.", "userExists");
|
|
|
|
|
}
|
2024-08-30 09:57:22 +07:00
|
|
|
|
2024-09-04 16:19:07 +07:00
|
|
|
const setRoleIndex = MANAGE_ROLES.findIndex((v) => v === body.userRole);
|
|
|
|
|
const userRoleIndex = MANAGE_ROLES.reduce(
|
|
|
|
|
(a, c, i) => (req.user.roles?.includes(c) ? i : a),
|
|
|
|
|
-1,
|
|
|
|
|
);
|
2024-09-04 11:40:55 +07:00
|
|
|
|
|
|
|
|
const THROW_PERM_MSG = "You do not have permission to perform this action.";
|
|
|
|
|
const THROW_PERM_CODE = "noPermission";
|
|
|
|
|
|
2024-09-05 11:03:45 +07:00
|
|
|
if (setRoleIndex !== -1 && setRoleIndex < userRoleIndex) {
|
2024-09-04 11:40:55 +07:00
|
|
|
throw new HttpError(HttpStatus.FORBIDDEN, THROW_PERM_MSG, THROW_PERM_CODE);
|
|
|
|
|
}
|
|
|
|
|
if (!globalAllow(req.user)) {
|
|
|
|
|
if (branch.some((v) => !v.user.find((v) => v.userId === req.user.sub))) {
|
|
|
|
|
throw new HttpError(HttpStatus.FORBIDDEN, THROW_PERM_MSG, THROW_PERM_CODE);
|
|
|
|
|
}
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
const { branchId, provinceId, districtId, subDistrictId, username, ...rest } = body;
|
2024-04-17 11:21:57 +07:00
|
|
|
|
2024-07-01 13:24:02 +07:00
|
|
|
let list = await listRole();
|
2024-04-17 16:22:07 +07:00
|
|
|
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
if (Array.isArray(list)) {
|
|
|
|
|
list = list.filter(
|
|
|
|
|
(a) =>
|
|
|
|
|
!["uma_authorization", "offline_access", "default-roles"].some((b) => a.name.includes(b)),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const userId = await createUser(username, username, {
|
2024-04-17 11:21:57 +07:00
|
|
|
firstName: body.firstName,
|
|
|
|
|
lastName: body.lastName,
|
|
|
|
|
requiredActions: ["UPDATE_PASSWORD"],
|
2024-06-24 13:14:44 +07:00
|
|
|
enabled: rest.status !== "INACTIVE",
|
2024-04-17 11:21:57 +07:00
|
|
|
});
|
|
|
|
|
|
2024-04-17 16:22:07 +07:00
|
|
|
if (!userId || typeof userId !== "string") {
|
2024-04-17 11:21:57 +07:00
|
|
|
throw new Error("Cannot create user with keycloak service.");
|
|
|
|
|
}
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-18 16:47:50 +07:00
|
|
|
const role = list.find((v) => v.name === body.userRole);
|
2024-04-17 16:22:07 +07:00
|
|
|
|
|
|
|
|
const resultAddRole = role && (await addUserRoles(userId, [role]));
|
|
|
|
|
|
|
|
|
|
if (!resultAddRole) {
|
|
|
|
|
await deleteUser(userId);
|
|
|
|
|
throw new Error("Failed. Cannot set user's role.");
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
const record = await prisma.user.create({
|
2024-07-01 14:38:07 +07:00
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
|
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
|
|
|
|
},
|
2024-04-03 15:34:36 +07:00
|
|
|
data: {
|
2024-04-17 16:22:07 +07:00
|
|
|
id: userId,
|
2024-04-03 15:34:36 +07:00
|
|
|
...rest,
|
2024-06-24 13:14:44 +07:00
|
|
|
statusOrder: +(rest.status === "INACTIVE"),
|
2024-04-17 16:48:49 +07:00
|
|
|
username,
|
2024-04-17 16:22:07 +07:00
|
|
|
userRole: role.name,
|
2024-04-03 15:34:36 +07:00
|
|
|
province: { connect: provinceId ? { id: provinceId } : undefined },
|
|
|
|
|
district: { connect: districtId ? { id: districtId } : undefined },
|
|
|
|
|
subDistrict: { connect: subDistrictId ? { id: subDistrictId } : undefined },
|
2024-09-04 11:40:55 +07:00
|
|
|
branch: {
|
|
|
|
|
create: Array.isArray(branchId)
|
|
|
|
|
? branchId.map((v) => ({
|
|
|
|
|
branchId: v,
|
|
|
|
|
createdByUserId: req.user.sub,
|
|
|
|
|
udatedByUserId: req.user.sub,
|
|
|
|
|
}))
|
|
|
|
|
: {
|
|
|
|
|
branchId,
|
|
|
|
|
createdByUserId: req.user.sub,
|
|
|
|
|
updatedByUserId: req.user.sub,
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-07-01 13:24:02 +07:00
|
|
|
createdBy: { connect: { id: req.user.sub } },
|
|
|
|
|
updatedBy: { connect: { id: req.user.sub } },
|
2024-04-03 15:34:36 +07:00
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
const updated = await userBranchCodeGen(record, branch[0]); // only generate code by using first branch only
|
|
|
|
|
|
|
|
|
|
record.code = updated.code;
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
this.setStatus(HttpStatus.CREATED);
|
|
|
|
|
|
2024-09-05 14:43:33 +07:00
|
|
|
return record;
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Put("{userId}")
|
2024-09-04 11:40:55 +07:00
|
|
|
@Security("keycloak", MANAGE_ROLES)
|
2024-04-03 15:34:36 +07:00
|
|
|
async editUser(
|
|
|
|
|
@Request() req: RequestWithUser,
|
|
|
|
|
@Body() body: UserUpdate,
|
|
|
|
|
@Path() userId: string,
|
|
|
|
|
) {
|
2024-07-03 11:32:32 +07:00
|
|
|
const [province, district, subDistrict, user, branch] = await prisma.$transaction([
|
|
|
|
|
prisma.province.findFirst({ where: { id: body.provinceId || undefined } }),
|
|
|
|
|
prisma.district.findFirst({ where: { id: body.districtId || undefined } }),
|
|
|
|
|
prisma.subDistrict.findFirst({ where: { id: body.subDistrictId || undefined } }),
|
|
|
|
|
prisma.user.findFirst({
|
|
|
|
|
include: { branch: true },
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
}),
|
|
|
|
|
prisma.branch.findMany({
|
2024-09-04 16:47:14 +07:00
|
|
|
include: { user: { where: { userId: req.user.sub } } },
|
2024-07-03 11:32:32 +07:00
|
|
|
where: {
|
|
|
|
|
id: {
|
|
|
|
|
in: Array.isArray(body.branchId) ? body.branchId : body.branchId ? [body.branchId] : [],
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}),
|
|
|
|
|
]);
|
|
|
|
|
if (!user) {
|
|
|
|
|
throw new HttpError(HttpStatus.NOT_FOUND, "User cannot be found.", "userNotFound");
|
|
|
|
|
}
|
|
|
|
|
if (body.provinceId && !province)
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"Province cannot be found.",
|
|
|
|
|
"missing_or_invalid_parameter",
|
|
|
|
|
);
|
|
|
|
|
if (body.districtId && !district)
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"District cannot be found.",
|
|
|
|
|
"missing_or_invalid_parameter",
|
|
|
|
|
);
|
|
|
|
|
if (body.subDistrictId && !subDistrict)
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"Sub-district cannot be found.",
|
|
|
|
|
"missing_or_invalid_parameter",
|
|
|
|
|
);
|
|
|
|
|
if (body.branchId && branch.length === 0) {
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"Require at least one branch for a user.",
|
|
|
|
|
"minimumBranchNotMet",
|
|
|
|
|
);
|
|
|
|
|
}
|
2024-09-04 16:19:07 +07:00
|
|
|
const setRoleIndex = MANAGE_ROLES.findIndex((v) => v === body.userRole);
|
|
|
|
|
const userRoleIndex = MANAGE_ROLES.reduce(
|
|
|
|
|
(a, c, i) => (req.user.roles?.includes(c) ? i : a),
|
|
|
|
|
-1,
|
|
|
|
|
);
|
2024-09-04 11:40:55 +07:00
|
|
|
|
|
|
|
|
const THROW_PERM_MSG = "You do not have permission to perform this action.";
|
|
|
|
|
const THROW_PERM_CODE = "noPermission";
|
|
|
|
|
|
2024-09-04 16:47:14 +07:00
|
|
|
if (setRoleIndex !== -1 && setRoleIndex < userRoleIndex) {
|
2024-09-04 11:40:55 +07:00
|
|
|
throw new HttpError(HttpStatus.FORBIDDEN, THROW_PERM_MSG, THROW_PERM_CODE);
|
|
|
|
|
}
|
2024-09-04 16:47:14 +07:00
|
|
|
|
|
|
|
|
if (!globalAllow(req.user) && body.branchId) {
|
2024-09-04 11:40:55 +07:00
|
|
|
if (branch.some((v) => !v.user.find((v) => v.userId === req.user.sub))) {
|
|
|
|
|
throw new HttpError(HttpStatus.FORBIDDEN, THROW_PERM_MSG, THROW_PERM_CODE);
|
|
|
|
|
}
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
2024-04-18 16:32:38 +07:00
|
|
|
let userRole: string | undefined;
|
|
|
|
|
|
|
|
|
|
if (body.userRole) {
|
2024-07-01 13:24:02 +07:00
|
|
|
let list = await listRole();
|
2024-04-18 16:32:38 +07:00
|
|
|
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
if (Array.isArray(list)) {
|
|
|
|
|
list = list.filter(
|
|
|
|
|
(a) =>
|
|
|
|
|
!["uma_authorization", "offline_access", "default-roles"].some((b) =>
|
|
|
|
|
a.name.includes(b),
|
|
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
const currentRole = await getUserRoles(userId);
|
2024-04-17 16:35:35 +07:00
|
|
|
|
2024-04-18 16:50:12 +07:00
|
|
|
const role = list.find((v) => v.name === body.userRole);
|
2024-04-17 16:35:35 +07:00
|
|
|
|
2024-09-04 16:47:14 +07:00
|
|
|
if (role) {
|
|
|
|
|
const resultAddRole = await addUserRoles(userId, [role]);
|
|
|
|
|
|
|
|
|
|
if (!resultAddRole) {
|
|
|
|
|
throw new Error("Failed. Cannot set user's role.");
|
|
|
|
|
} else {
|
|
|
|
|
if (Array.isArray(currentRole))
|
|
|
|
|
await removeUserRoles(
|
|
|
|
|
userId,
|
|
|
|
|
currentRole.filter(
|
|
|
|
|
(a) =>
|
|
|
|
|
!["uma_authorization", "offline_access", "default-roles"].some((b) =>
|
|
|
|
|
a.name.includes(b),
|
|
|
|
|
),
|
|
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userRole = role.name;
|
2024-04-18 16:32:38 +07:00
|
|
|
}
|
2024-04-17 16:35:35 +07:00
|
|
|
}
|
|
|
|
|
|
2024-04-18 16:39:49 +07:00
|
|
|
if (body.username) {
|
2024-06-24 13:14:44 +07:00
|
|
|
await editUser(userId, { username: body.username, enabled: body.status !== "INACTIVE" });
|
2024-04-18 16:39:49 +07:00
|
|
|
}
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
const { provinceId, districtId, subDistrictId, branchId, ...rest } = body;
|
2024-04-09 13:05:49 +07:00
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
const record = await prisma.user.update({
|
2024-07-01 14:38:07 +07:00
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
|
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
|
|
|
|
},
|
2024-04-03 15:34:36 +07:00
|
|
|
data: {
|
|
|
|
|
...rest,
|
2024-06-24 13:14:44 +07:00
|
|
|
statusOrder: +(rest.status === "INACTIVE"),
|
2024-04-18 16:32:38 +07:00
|
|
|
userRole,
|
2024-04-03 15:34:36 +07:00
|
|
|
province: {
|
|
|
|
|
connect: provinceId ? { id: provinceId } : undefined,
|
|
|
|
|
disconnect: provinceId === null || undefined,
|
|
|
|
|
},
|
|
|
|
|
district: {
|
|
|
|
|
connect: districtId ? { id: districtId } : undefined,
|
|
|
|
|
disconnect: districtId === null || undefined,
|
|
|
|
|
},
|
|
|
|
|
subDistrict: {
|
|
|
|
|
connect: subDistrictId ? { id: subDistrictId } : undefined,
|
|
|
|
|
disconnect: subDistrictId === null || undefined,
|
|
|
|
|
},
|
2024-07-01 13:24:02 +07:00
|
|
|
updatedBy: { connect: { id: req.user.sub } },
|
2024-04-03 15:34:36 +07:00
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
2024-04-09 13:05:49 +07:00
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
if (branchId) {
|
|
|
|
|
await prisma.$transaction([
|
|
|
|
|
prisma.branchUser.deleteMany({
|
|
|
|
|
where: {
|
|
|
|
|
userId,
|
|
|
|
|
branchId: { not: { in: Array.isArray(branchId) ? branchId : [branchId] } },
|
|
|
|
|
},
|
|
|
|
|
}),
|
|
|
|
|
prisma.branchUser.createMany({
|
|
|
|
|
data: (Array.isArray(branchId) ? branchId : [branchId])
|
|
|
|
|
.filter((a) => !user.branch.some((b) => a === b.branchId))
|
|
|
|
|
.map((v) => ({
|
|
|
|
|
userId,
|
|
|
|
|
branchId: v,
|
|
|
|
|
})),
|
|
|
|
|
}),
|
2024-08-14 14:03:25 +07:00
|
|
|
prisma.branch.updateMany({
|
|
|
|
|
where: {
|
|
|
|
|
id: { in: Array.isArray(branchId) ? branchId : [branchId] },
|
|
|
|
|
status: "CREATED",
|
|
|
|
|
},
|
|
|
|
|
data: { status: "ACTIVE" },
|
|
|
|
|
}),
|
2024-07-03 11:32:32 +07:00
|
|
|
]);
|
|
|
|
|
|
2024-08-14 20:32:24 +07:00
|
|
|
if (branch[0]?.id !== user.branch[0]?.branchId) {
|
2024-07-03 11:32:32 +07:00
|
|
|
const updated = await userBranchCodeGen(user, branch[0]);
|
|
|
|
|
record.code = updated.code;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-05 14:43:33 +07:00
|
|
|
return record;
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Delete("{userId}")
|
2024-09-04 11:40:55 +07:00
|
|
|
@Security("keycloak", MANAGE_ROLES)
|
2024-07-03 11:32:32 +07:00
|
|
|
async deleteUser(@Request() req: RequestWithUser, @Path() userId: string) {
|
2024-04-03 16:26:52 +07:00
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
2024-07-01 14:38:07 +07:00
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
2024-07-03 11:32:32 +07:00
|
|
|
branch: {
|
2024-09-04 17:41:54 +07:00
|
|
|
include: {
|
|
|
|
|
branch: {
|
|
|
|
|
include: {
|
|
|
|
|
branch: {
|
|
|
|
|
include: {
|
|
|
|
|
headOffice: {
|
|
|
|
|
include: {
|
|
|
|
|
user: {
|
|
|
|
|
where: {
|
|
|
|
|
userId: req.user.sub,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
user: {
|
|
|
|
|
where: {
|
|
|
|
|
userId: req.user.sub,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-07-03 11:32:32 +07:00
|
|
|
},
|
|
|
|
|
},
|
2024-04-03 16:26:52 +07:00
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
2024-09-04 17:41:54 +07:00
|
|
|
if (
|
|
|
|
|
!isSystem(req.user) &&
|
|
|
|
|
record?.branch.some((v) => {
|
|
|
|
|
const allow = v.branch.user.some((u) => u.userId === req.user.sub);
|
|
|
|
|
if (!globalAllow(req.user) && !allow) {
|
|
|
|
|
return v.branch.branch.some((b) =>
|
|
|
|
|
b.headOffice?.user.some((u) => u.userId === req.user.sub),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
})
|
|
|
|
|
) {
|
2024-07-03 11:32:32 +07:00
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.FORBIDDEN,
|
|
|
|
|
"You do not have permission to perform this action.",
|
|
|
|
|
"noPermission",
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-03 16:26:52 +07:00
|
|
|
if (!record) {
|
2024-06-14 06:26:09 +00:00
|
|
|
throw new HttpError(HttpStatus.NOT_FOUND, "User cannot be found.", "userNotFound");
|
2024-04-03 16:26:52 +07:00
|
|
|
}
|
|
|
|
|
|
2024-04-05 10:38:29 +07:00
|
|
|
if (record.status !== Status.CREATED) {
|
2024-06-14 06:26:09 +00:00
|
|
|
throw new HttpError(HttpStatus.FORBIDDEN, "User is in used.", "userInUsed");
|
2024-04-03 16:26:52 +07:00
|
|
|
}
|
|
|
|
|
|
2024-04-04 11:02:01 +07:00
|
|
|
await minio.removeObject(MINIO_BUCKET, imageLocation(userId), {
|
|
|
|
|
forceDelete: true,
|
|
|
|
|
});
|
|
|
|
|
|
2024-04-10 10:50:45 +07:00
|
|
|
new Promise<string[]>((resolve, reject) => {
|
|
|
|
|
const item: string[] = [];
|
|
|
|
|
|
2024-09-06 13:09:17 +07:00
|
|
|
const stream = minio.listObjectsV2(MINIO_BUCKET, fileLocation.user.attachment(userId));
|
2024-04-10 10:50:45 +07:00
|
|
|
|
|
|
|
|
stream.on("data", (v) => v && v.name && item.push(v.name));
|
|
|
|
|
stream.on("end", () => resolve(item));
|
|
|
|
|
stream.on("error", () => reject(new Error("MinIO error.")));
|
|
|
|
|
}).then((list) => {
|
|
|
|
|
list.map(async (v) => {
|
2024-06-06 16:35:10 +07:00
|
|
|
await minio.removeObject(MINIO_BUCKET, v, { forceDelete: true });
|
2024-04-10 10:50:45 +07:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
2024-04-17 13:05:36 +07:00
|
|
|
await deleteUser(userId);
|
|
|
|
|
|
2024-04-03 16:26:52 +07:00
|
|
|
return await prisma.user.delete({
|
|
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
2024-07-01 14:38:07 +07:00
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
2024-04-03 16:26:52 +07:00
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
2024-07-31 11:43:07 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Get("{userId}/image")
|
|
|
|
|
async getUserImageByUserId(@Request() req: RequestWithUser, @Path() userId: string) {
|
|
|
|
|
const url = await presignedGetObjectIfExist(MINIO_BUCKET, imageLocation(userId), 60 * 60);
|
|
|
|
|
|
|
|
|
|
if (!url) {
|
|
|
|
|
throw new HttpError(HttpStatus.NOT_FOUND, "Image cannot be found", "imageNotFound");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return req.res?.redirect(url);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Put("{userId}/image")
|
2024-09-04 14:12:57 +07:00
|
|
|
@Security("keycloak", ["system", "head_of_admin", "admin", "branch_manager"])
|
2024-07-31 11:43:07 +07:00
|
|
|
async setUserImageByUserId(@Request() req: RequestWithUser, @Path() userId: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
include: {
|
|
|
|
|
branch: { where: { userId: req.user.sub } },
|
|
|
|
|
},
|
|
|
|
|
where: {
|
|
|
|
|
id: userId,
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!record) {
|
|
|
|
|
throw new HttpError(HttpStatus.NOT_FOUND, "User cannot be found.", "userNotFound");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (
|
|
|
|
|
!["system", "head_of_admin", "admin"].some((v) => req.user.roles?.includes(v)) &&
|
|
|
|
|
!record.branch.some((v) => v.userId === req.user.sub)
|
|
|
|
|
) {
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.FORBIDDEN,
|
|
|
|
|
"You do not have permission to perform this action.",
|
|
|
|
|
"noPermission",
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return req.res?.redirect(
|
|
|
|
|
await minio.presignedPutObject(MINIO_BUCKET, imageLocation(userId), 12 * 60 * 60),
|
|
|
|
|
);
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
}
|
2024-04-10 10:50:45 +07:00
|
|
|
|
2024-09-05 14:43:33 +07:00
|
|
|
@Route("api/v1/user/{userId}/profile-image")
|
|
|
|
|
@Tags("User")
|
|
|
|
|
export class UserProfileController extends Controller {
|
|
|
|
|
@Get()
|
|
|
|
|
@Security("keycloak")
|
|
|
|
|
async listImage(@Path() userId: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!record) {
|
|
|
|
|
throw new HttpError(HttpStatus.NOT_FOUND, "User cannot be found.", "userNotFound");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return await listFile(fileLocation.user.profile(userId));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Get("{name}")
|
|
|
|
|
async getImage(@Request() req: RequestWithUser, @Path() userId: string, @Path() name: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!record) {
|
|
|
|
|
throw new HttpError(HttpStatus.NOT_FOUND, "User cannot be found.", "userNotFound");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return req.res?.redirect(
|
|
|
|
|
await minio.presignedGetObject(
|
|
|
|
|
MINIO_BUCKET,
|
|
|
|
|
fileLocation.user.profile(userId, name),
|
|
|
|
|
12 * 60 * 60,
|
|
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Put("{name}")
|
|
|
|
|
@Security("keycloak")
|
|
|
|
|
async putImage(@Request() req: RequestWithUser, @Path() userId: string, @Path() name: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!record) {
|
|
|
|
|
throw new HttpError(HttpStatus.NOT_FOUND, "User cannot be found.", "userNotFound");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return req.res?.redirect(
|
|
|
|
|
await minio.presignedPutObject(
|
|
|
|
|
MINIO_BUCKET,
|
|
|
|
|
fileLocation.user.profile(userId, name),
|
|
|
|
|
12 * 60 * 60,
|
|
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Delete("{name}")
|
2024-09-06 13:38:18 +07:00
|
|
|
async deleteImage(@Path() userId: string, @Path() name: string) {
|
2024-09-05 14:43:33 +07:00
|
|
|
await minio.removeObject(MINIO_BUCKET, fileLocation.user.profile(userId, name), {
|
|
|
|
|
forceDelete: true,
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-06-06 09:42:02 +07:00
|
|
|
@Route("api/v1/user/{userId}/attachment")
|
2024-04-10 10:50:45 +07:00
|
|
|
@Tags("User")
|
|
|
|
|
@Security("keycloak")
|
|
|
|
|
export class UserAttachmentController extends Controller {
|
|
|
|
|
@Get()
|
|
|
|
|
async listAttachment(@Path() userId: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!record) {
|
2024-06-14 06:26:09 +00:00
|
|
|
throw new HttpError(HttpStatus.NOT_FOUND, "User cannot be found.", "userNotFound");
|
2024-04-10 10:50:45 +07:00
|
|
|
}
|
|
|
|
|
|
2024-09-06 13:09:17 +07:00
|
|
|
return await listFile(fileLocation.user.attachment(userId));
|
2024-04-10 10:50:45 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Post()
|
|
|
|
|
async addAttachment(@Path() userId: string, @Body() payload: { file: string[] }) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
if (!record) {
|
2024-06-14 06:26:09 +00:00
|
|
|
throw new HttpError(HttpStatus.NOT_FOUND, "User cannot be found.", "userNotFound");
|
2024-04-10 10:50:45 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return await Promise.all(
|
|
|
|
|
payload.file.map(async (v) => ({
|
|
|
|
|
name: v,
|
2024-09-06 13:09:17 +07:00
|
|
|
url: await minio.presignedGetObject(MINIO_BUCKET, fileLocation.user.attachment(userId, v)),
|
2024-04-10 10:50:45 +07:00
|
|
|
uploadUrl: await minio.presignedPutObject(
|
|
|
|
|
MINIO_BUCKET,
|
2024-09-06 13:09:17 +07:00
|
|
|
fileLocation.user.attachment(userId, v),
|
2024-04-10 10:50:45 +07:00
|
|
|
12 * 60 * 60,
|
|
|
|
|
),
|
|
|
|
|
})),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Delete()
|
|
|
|
|
async deleteAttachment(@Path() userId: string, @Body() payload: { file: string[] }) {
|
|
|
|
|
await Promise.all(
|
|
|
|
|
payload.file.map(async (v) => {
|
2024-09-06 13:09:17 +07:00
|
|
|
await minio.removeObject(MINIO_BUCKET, fileLocation.user.attachment(userId, v), {
|
2024-04-10 10:50:45 +07:00
|
|
|
forceDelete: true,
|
|
|
|
|
});
|
|
|
|
|
}),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
