jws-backend/src/controllers/07-task-controller.ts

import {
  Body,
  Controller,
  Delete,
  Get,
  Path,
  Post,
  Put,
  Query,
  Request,
  Route,
  Security,
  Tags,
} from "tsoa";
import prisma from "../db";
import { notFoundError } from "../utils/error";
import { TaskStatus } from "@prisma/client";
import { RequestWithUser } from "../interfaces/user";
import {
  branchRelationPermInclude,
  createPermCheck,
  createPermCondition,
} from "../services/permission";
import HttpError from "../interfaces/http-error";
import HttpStatus from "../interfaces/http-status";

const MANAGE_ROLES = ["system", "head_of_admin", "admin", "document_checker"];

function globalAllow(user: RequestWithUser["user"]) {
  const allowList = ["system", "head_of_admin"];
  return allowList.some((v) => user.roles?.includes(v));
}

const permissionCondCompany = createPermCondition((_) => true);

const permissionCheck = createPermCheck(globalAllow);
const permissionCheckCompany = createPermCheck((_) => true);

@Route("/api/v1/task")
@Tags("Task Order")
export class TaskController extends Controller {
  @Get("stats")
  async getTaskOrderStats() {
    const task = await prisma.taskOrder.groupBy({
      by: ["taskStatus"],
      _count: true,
    });
    return task.reduce<Record<TaskStatus, number>>(
      (a, c) => Object.assign(a, { [c.taskStatus]: c._count }),
      {
        [TaskStatus.Pending]: 0,
        [TaskStatus.InProgress]: 0,
        [TaskStatus.Validate]: 0,
        [TaskStatus.Complete]: 0,
        [TaskStatus.Canceled]: 0,
      },
    );
  }

  @Get()
  @Security("keycloak")
  async getTaskOrderList(
    @Request() req: RequestWithUser,
    @Query() query: string = "",
    @Query() page = 1,
    @Query() pageSize = 30,
    @Query() taskStatus?: TaskStatus,
  ) {
    return this.getTaskOrderListByCriteria(req, query, page, pageSize, taskStatus);
  }

  @Post("list")
  @Security("keycloak")
  async getTaskOrderListByCriteria(
    @Request() req: RequestWithUser,
    @Query() query: string = "",
    @Query() page = 1,
    @Query() pageSize = 30,
    @Query() taskStatus?: TaskStatus,
    @Body() body?: { code?: string[] },
  ) {
    const [result, total] = await prisma.$transaction([
      prisma.taskOrder.findMany({
        where: {
          taskStatus,
          registeredBranch: { OR: permissionCondCompany(req.user) },
          code: body?.code ? { in: body.code } : undefined,
          OR: [
            { code: { contains: query, mode: "insensitive" } },
            { taskName: { contains: query } },
            { contactName: { contains: query } },
            { contactTel: { contains: query } },
          ],
        },
        include: {
          institution: true,
          createdBy: true,
        },
      }),
      prisma.taskOrder.count(),
    ]);

    return { result, total, page, pageSize };
  }

  @Get("{taskId}")
  @Security("keycloak")
  async getTaskOrder(@Request() req: RequestWithUser, @Path() taskId: string) {
    const record = await prisma.taskOrder.findFirst({
      where: { id: taskId, registeredBranch: { OR: permissionCondCompany(req.user) } },
      include: {
        taskList: {
          include: {
            requestWork: {
              include: {
                request: {
                  include: {
                    employee: true,
                    quotation: true,
                  },
                },
                productService: {
                  include: {
                    service: true,
                    work: true,
                    product: true,
                  },
                },
              },
            },
          },
        },
        institution: true,
        createdBy: true,
      },
    });

    if (!record) throw notFoundError("Task Order");

    return record;
  }

  @Post()
  @Security("keycloak", MANAGE_ROLES)
  async createTaskOrderList(
    @Request() req: RequestWithUser,
    @Body()
    body: {
      taskName: string;

      contactName: string;
      contactTel: string;

      institutionId: string;
      registeredBranchId?: string;

      taskList: { requestWorkId: string; step: number }[];
    },
  ) {
    return await prisma.$transaction(async (tx) => {
      const last = await tx.runningNo.upsert({
        where: {
          key: "TASK",
        },
        create: {
          key: "TASK",
          value: 1,
        },
        update: {
          value: { increment: 1 },
        },
      });
      const current = new Date();
      const year = `${current.getFullYear()}`.slice(-2).padStart(2, "0");
      const month = `${current.getMonth() + 1}`.padStart(2, "0");

      const code = `PO${year}${month}${last.value.toString().padStart(6, "0")}`;

      const { taskList, ...rest } = body;

      const userAffiliatedBranch = await tx.branch.findFirst({
        include: branchRelationPermInclude(req.user),
        where: body.registeredBranchId
          ? { id: body.registeredBranchId }
          : {
              user: { some: { userId: req.user.sub } },
            },
      });
      if (!userAffiliatedBranch) {
        throw new HttpError(
          HttpStatus.BAD_REQUEST,
          "You must be affilated with at least one branch or specify branch to be registered (System permission required).",
          "reqMinAffilatedBranch",
        );
      }
      await permissionCheckCompany(req.user, userAffiliatedBranch);

      return await tx.taskOrder.create({
        include: {
          taskList: {
            include: {
              requestWork: {
                include: {
                  request: {
                    include: {
                      employee: true,
                      quotation: true,
                    },
                  },
                  productService: {
                    include: {
                      service: true,
                      work: true,
                      product: true,
                    },
                  },
                },
              },
            },
          },
          institution: true,
          createdBy: true,
        },
        data: {
          ...rest,
          code,
          registeredBranchId: userAffiliatedBranch.id,
          createdByUserId: req.user.sub,
          taskList: {
            connect: taskList.map((v) => ({ step_requestWorkId: v })),
          },
        },
      });
    });
  }

  @Put("{taskId}")
  @Security("keycloak")
  async editTaskById(
    @Request() req: RequestWithUser,
    @Path() taskId: string,
    @Body()
    body: {
      taskName: string;
      taskStatus: TaskStatus;

      contactName: string;
      contactTel: string;

      institutionId: string;

      taskList: { requestWorkId: string; step: number }[];
    },
  ) {
    const record = await prisma.taskOrder.findFirst({
      where: { id: taskId },
      include: {
        registeredBranch: { include: branchRelationPermInclude(req.user) },
        taskList: {
          include: { requestWork: true },
        },
        institution: true,
        createdBy: true,
      },
    });

    if (!record) throw notFoundError("Task Order");

    await permissionCheckCompany(req.user, record.registeredBranch);

    await prisma.taskOrder.update({
      where: { id: taskId },
      include: {
        taskList: {
          include: {
            requestWork: true,
          },
        },
        institution: true,
        registeredBranch: true,
        createdBy: true,
      },
      data: {
        ...body,
        taskList: {
          disconnect: record?.taskList
            .filter(
              (lhs) =>
                !body.taskList.find(
                  (rhs) => lhs.requestWorkId === rhs.requestWorkId && lhs.step === rhs.step,
                ),
            )
            .map((v) => ({
              step_requestWorkId: {
                requestWorkId: v.requestWorkId,
                step: v.step,
              },
            })),
          connect: body.taskList.map((v) => ({ step_requestWorkId: v })),
        },
      },
    });
  }

  @Delete("{taskId}")
  @Security("keycloak", MANAGE_ROLES)
  async deleteTask(@Request() req: RequestWithUser, @Path() taskId: string) {
    await prisma.$transaction(async (tx) => {
      let record = await tx.taskOrder.findFirst({
        where: { id: taskId },
        include: {
          registeredBranch: {
            include: branchRelationPermInclude(req.user),
          },
        },
      });

      if (!record) throw notFoundError("Task Order");

      await permissionCheck(req.user, record.registeredBranch);
    });
  }
}

@Route("/api/v1/task/{taskId}")
@Tags("Task Order")
export class TaskActionController extends Controller {
  @Post("accept")
  @Security("keycloak")
  async acceptTaskOrder(@Request() req: RequestWithUser, @Path() taskId: string) {
    const record = await prisma.taskOrder.findFirst({
      include: {
        taskList: {
          orderBy: { step: "asc" },
        },
      },
      where: { id: taskId },
    });

    if (!record) throw notFoundError("Task Order");

    return await prisma.$transaction(async (tx) => {
      await tx.taskOrder.update({
        where: { id: taskId },
        data: {
          taskStatus: "InProgress",
        },
      });
      await tx.requestWorkStepStatus.updateMany({
        where: { taskOrderId: taskId },
        data: {
          workStatus: "InProgress",
        },
      });
      await tx.requestData.updateMany({
        where: {
          requestWork: {
            some: {
              stepStatus: {
                some: { taskOrderId: taskId },
              },
            },
          },
        },
        data: { requestDataStatus: "InProgress" },
      });
    });
  }

  @Post("submit")
  @Security("keycloak")
  async submitTaskOrder(@Request() req: RequestWithUser, @Path() taskId: string) {}

  @Post("complete")
  @Security("keycloak")
  async completeTaskOrder(@Request() req: RequestWithUser, @Path() taskId: string) {}
}

@Route("api/v1/task-order/{taskId}")
@Tags("Task Order")
export class TaskOrderAttachmentController extends Controller {}