2024-04-03 15:34:36 +07:00
|
|
|
import {
|
|
|
|
|
Body,
|
|
|
|
|
Controller,
|
|
|
|
|
Delete,
|
|
|
|
|
Get,
|
|
|
|
|
Put,
|
|
|
|
|
Path,
|
|
|
|
|
Post,
|
|
|
|
|
Query,
|
|
|
|
|
Request,
|
|
|
|
|
Route,
|
|
|
|
|
Security,
|
|
|
|
|
Tags,
|
2024-10-22 17:54:46 +07:00
|
|
|
Head,
|
2024-04-03 15:34:36 +07:00
|
|
|
} from "tsoa";
|
2024-07-03 11:32:32 +07:00
|
|
|
import { Branch, Prisma, Status, User, UserType } from "@prisma/client";
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-05 10:42:16 +07:00
|
|
|
import prisma from "../db";
|
|
|
|
|
import { RequestWithUser } from "../interfaces/user";
|
|
|
|
|
import HttpError from "../interfaces/http-error";
|
|
|
|
|
import HttpStatus from "../interfaces/http-status";
|
2024-04-17 16:35:35 +07:00
|
|
|
import {
|
|
|
|
|
addUserRoles,
|
|
|
|
|
createUser,
|
|
|
|
|
deleteUser,
|
2024-04-18 16:39:49 +07:00
|
|
|
editUser,
|
2024-07-01 13:24:02 +07:00
|
|
|
listRole,
|
2024-04-17 16:35:35 +07:00
|
|
|
getUserRoles,
|
|
|
|
|
removeUserRoles,
|
|
|
|
|
} from "../services/keycloak";
|
2024-09-05 09:01:28 +07:00
|
|
|
import { isSystem } from "../utils/keycloak";
|
2024-10-22 17:54:46 +07:00
|
|
|
import {
|
|
|
|
|
deleteFile,
|
|
|
|
|
deleteFolder,
|
|
|
|
|
fileLocation,
|
|
|
|
|
getFile,
|
|
|
|
|
getPresigned,
|
|
|
|
|
listFile,
|
|
|
|
|
setFile,
|
|
|
|
|
} from "../utils/minio";
|
2024-09-09 14:51:17 +07:00
|
|
|
import { filterStatus } from "../services/prisma";
|
2024-09-10 13:23:03 +07:00
|
|
|
import {
|
|
|
|
|
branchRelationPermInclude,
|
|
|
|
|
createPermCheck,
|
|
|
|
|
createPermCondition,
|
|
|
|
|
} from "../services/permission";
|
2024-10-24 17:49:10 +07:00
|
|
|
import {
|
|
|
|
|
connectOrDisconnect,
|
|
|
|
|
connectOrNot,
|
|
|
|
|
queryOrNot,
|
|
|
|
|
whereAddressQuery,
|
|
|
|
|
} from "../utils/relation";
|
2024-10-03 09:41:47 +07:00
|
|
|
import { isUsedError, notFoundError, relationError } from "../utils/error";
|
2024-10-22 17:59:31 +07:00
|
|
|
import { retry } from "../utils/func";
|
2024-04-03 15:34:36 +07:00
|
|
|
|
|
|
|
|
if (!process.env.MINIO_BUCKET) {
|
|
|
|
|
throw Error("Require MinIO bucket.");
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-04 11:40:55 +07:00
|
|
|
const MANAGE_ROLES = ["system", "head_of_admin", "admin", "branch_manager"];
|
|
|
|
|
|
|
|
|
|
function globalAllow(user: RequestWithUser["user"]) {
|
|
|
|
|
const listAllowed = ["system", "head_of_admin"];
|
|
|
|
|
return user.roles?.some((v) => listAllowed.includes(v)) || false;
|
|
|
|
|
}
|
2024-04-03 15:34:36 +07:00
|
|
|
|
|
|
|
|
type UserCreate = {
|
2024-04-05 10:44:13 +07:00
|
|
|
status?: Status;
|
|
|
|
|
|
2024-04-09 13:05:49 +07:00
|
|
|
userType: UserType;
|
2024-04-03 15:34:36 +07:00
|
|
|
userRole: string;
|
|
|
|
|
|
2024-04-17 11:21:57 +07:00
|
|
|
username: string;
|
|
|
|
|
|
2024-09-12 09:48:56 +07:00
|
|
|
citizenId: string;
|
|
|
|
|
citizenIssue: Date;
|
|
|
|
|
citizenExpire?: Date | null;
|
|
|
|
|
|
2024-08-15 09:26:21 +07:00
|
|
|
namePrefix?: string | null;
|
2024-04-04 13:42:46 +07:00
|
|
|
firstName: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
firstNameEN: string;
|
2024-08-15 09:26:21 +07:00
|
|
|
middleName?: string | null;
|
|
|
|
|
middleNameEN?: string | null;
|
2024-04-04 13:42:46 +07:00
|
|
|
lastName: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
lastNameEN: string;
|
2024-04-05 16:43:59 +07:00
|
|
|
gender: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-17 16:22:07 +07:00
|
|
|
checkpoint?: string | null;
|
|
|
|
|
checkpointEN?: string | null;
|
2024-04-09 17:34:53 +07:00
|
|
|
registrationNo?: string | null;
|
|
|
|
|
startDate?: Date | null;
|
|
|
|
|
retireDate?: Date | null;
|
|
|
|
|
discountCondition?: string | null;
|
|
|
|
|
licenseNo?: string | null;
|
|
|
|
|
licenseIssueDate?: Date | null;
|
|
|
|
|
licenseExpireDate?: Date | null;
|
|
|
|
|
sourceNationality?: string | null;
|
|
|
|
|
importNationality?: string | null;
|
|
|
|
|
trainingPlace?: string | null;
|
2024-11-05 09:33:45 +07:00
|
|
|
responsibleArea?: string[] | null;
|
2024-04-10 11:37:12 +07:00
|
|
|
birthDate?: Date | null;
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-04 13:42:46 +07:00
|
|
|
address: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
addressEN: string;
|
2024-09-11 15:06:27 +07:00
|
|
|
soi?: string | null;
|
|
|
|
|
soiEN?: string | null;
|
|
|
|
|
moo?: string | null;
|
|
|
|
|
mooEN?: string | null;
|
|
|
|
|
street?: string | null;
|
|
|
|
|
streetEN?: string | null;
|
2024-04-03 15:34:36 +07:00
|
|
|
email: string;
|
|
|
|
|
telephoneNo: string;
|
|
|
|
|
|
|
|
|
|
subDistrictId?: string | null;
|
|
|
|
|
districtId?: string | null;
|
|
|
|
|
provinceId?: string | null;
|
2024-07-03 11:32:32 +07:00
|
|
|
|
2024-09-06 13:38:18 +07:00
|
|
|
selectedImage?: string;
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
branchId: string | string[];
|
2024-04-03 15:34:36 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
type UserUpdate = {
|
2024-04-05 10:44:13 +07:00
|
|
|
status?: "ACTIVE" | "INACTIVE";
|
|
|
|
|
|
2024-04-18 16:39:49 +07:00
|
|
|
username?: string;
|
|
|
|
|
|
2024-04-09 13:05:49 +07:00
|
|
|
userType?: UserType;
|
2024-04-03 15:34:36 +07:00
|
|
|
userRole?: string;
|
|
|
|
|
|
2024-09-12 09:48:56 +07:00
|
|
|
citizenId?: string;
|
|
|
|
|
citizenIssue?: Date;
|
|
|
|
|
citizenExpire?: Date | null;
|
|
|
|
|
|
2024-08-15 09:26:21 +07:00
|
|
|
namePrefix?: string | null;
|
2024-04-04 13:42:46 +07:00
|
|
|
firstName?: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
firstNameEN?: string;
|
2024-08-15 09:26:21 +07:00
|
|
|
middleName?: string | null;
|
|
|
|
|
middleNameEN?: string | null;
|
2024-04-04 13:42:46 +07:00
|
|
|
lastName?: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
lastNameEN?: string;
|
2024-04-05 16:43:59 +07:00
|
|
|
gender?: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-17 16:22:07 +07:00
|
|
|
checkpoint?: string | null;
|
|
|
|
|
checkpointEN?: string | null;
|
2024-04-09 17:34:53 +07:00
|
|
|
registrationNo?: string | null;
|
|
|
|
|
startDate?: Date | null;
|
|
|
|
|
retireDate?: Date | null;
|
|
|
|
|
discountCondition?: string | null;
|
|
|
|
|
licenseNo?: string | null;
|
|
|
|
|
licenseIssueDate?: Date | null;
|
|
|
|
|
licenseExpireDate?: Date | null;
|
|
|
|
|
sourceNationality?: string | null;
|
|
|
|
|
importNationality?: string | null;
|
|
|
|
|
trainingPlace?: string | null;
|
2024-11-05 09:33:45 +07:00
|
|
|
responsibleArea?: string[];
|
2024-04-10 11:37:12 +07:00
|
|
|
birthDate?: Date | null;
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-04 13:42:46 +07:00
|
|
|
address?: string;
|
2024-04-03 15:34:36 +07:00
|
|
|
addressEN?: string;
|
2024-09-11 15:06:27 +07:00
|
|
|
soi?: string | null;
|
|
|
|
|
soiEN?: string | null;
|
|
|
|
|
moo?: string | null;
|
|
|
|
|
mooEN?: string | null;
|
|
|
|
|
street?: string | null;
|
|
|
|
|
streetEN?: string | null;
|
2024-04-03 15:34:36 +07:00
|
|
|
email?: string;
|
|
|
|
|
telephoneNo?: string;
|
|
|
|
|
|
2024-09-06 13:38:18 +07:00
|
|
|
selectedImage?: string;
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
subDistrictId?: string | null;
|
|
|
|
|
districtId?: string | null;
|
|
|
|
|
provinceId?: string | null;
|
2024-07-03 11:32:32 +07:00
|
|
|
|
|
|
|
|
branchId?: string | string[];
|
2024-04-03 15:34:36 +07:00
|
|
|
};
|
|
|
|
|
|
2024-09-10 13:23:03 +07:00
|
|
|
const permissionCond = createPermCondition(globalAllow);
|
|
|
|
|
const permissionCheck = createPermCheck(globalAllow);
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
async function userBranchCodeGen(user: User, branch: Branch) {
|
2024-10-22 17:59:31 +07:00
|
|
|
return await retry(() =>
|
|
|
|
|
prisma.$transaction(
|
|
|
|
|
async (tx) => {
|
|
|
|
|
const typ = user.userType;
|
|
|
|
|
|
|
|
|
|
const mapTypeNo = {
|
|
|
|
|
USER: 1,
|
|
|
|
|
MESSENGER: 2,
|
|
|
|
|
DELEGATE: 3,
|
|
|
|
|
AGENCY: 4,
|
|
|
|
|
}[typ];
|
|
|
|
|
|
|
|
|
|
const last = await tx.runningNo.upsert({
|
|
|
|
|
where: {
|
|
|
|
|
key: `BR_USR_${branch.code}_${mapTypeNo}`,
|
|
|
|
|
},
|
|
|
|
|
create: {
|
|
|
|
|
key: `BR_USR_${branch.code}_${mapTypeNo}`,
|
|
|
|
|
value: 1,
|
|
|
|
|
},
|
|
|
|
|
update: { value: { increment: 1 } },
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return await tx.user.update({
|
|
|
|
|
where: { id: user.id },
|
|
|
|
|
data: {
|
|
|
|
|
code: mapTypeNo + `${last.value}`.padStart(6, "0"),
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
{ isolationLevel: Prisma.TransactionIsolationLevel.Serializable },
|
|
|
|
|
),
|
2024-07-03 11:32:32 +07:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2024-06-06 09:42:02 +07:00
|
|
|
@Route("api/v1/user")
|
2024-04-03 15:34:36 +07:00
|
|
|
@Tags("User")
|
|
|
|
|
export class UserController extends Controller {
|
2024-04-09 17:51:46 +07:00
|
|
|
@Get("type-stats")
|
2024-06-28 09:32:36 +07:00
|
|
|
@Security("keycloak")
|
2024-09-04 17:01:18 +07:00
|
|
|
async getUserTypeStats(@Request() req: RequestWithUser) {
|
2024-04-09 17:51:46 +07:00
|
|
|
const list = await prisma.user.groupBy({
|
|
|
|
|
by: "userType",
|
|
|
|
|
_count: true,
|
2024-08-16 18:00:53 +07:00
|
|
|
where: {
|
2024-09-04 17:01:18 +07:00
|
|
|
userRole: { not: "system" },
|
|
|
|
|
branch: isSystem(req.user)
|
|
|
|
|
? undefined
|
|
|
|
|
: {
|
|
|
|
|
some: {
|
|
|
|
|
branch: {
|
2024-09-10 13:23:03 +07:00
|
|
|
OR: permissionCond(req.user),
|
2024-09-04 17:01:18 +07:00
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-08-16 18:00:53 +07:00
|
|
|
},
|
2024-04-09 17:51:46 +07:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return list.reduce<Record<UserType, number>>(
|
|
|
|
|
(a, c) => {
|
|
|
|
|
a[c.userType] = c._count;
|
|
|
|
|
return a;
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
USER: 0,
|
|
|
|
|
MESSENGER: 0,
|
|
|
|
|
DELEGATE: 0,
|
|
|
|
|
AGENCY: 0,
|
|
|
|
|
},
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
@Get()
|
2024-06-28 09:32:36 +07:00
|
|
|
@Security("keycloak")
|
2024-04-03 15:34:36 +07:00
|
|
|
async getUser(
|
2024-08-30 10:20:51 +07:00
|
|
|
@Request() req: RequestWithUser,
|
2024-04-09 13:05:49 +07:00
|
|
|
@Query() userType?: UserType,
|
2024-04-10 15:11:13 +07:00
|
|
|
@Query() includeBranch: boolean = false,
|
2024-04-03 15:34:36 +07:00
|
|
|
@Query() query: string = "",
|
|
|
|
|
@Query() page: number = 1,
|
|
|
|
|
@Query() pageSize: number = 30,
|
2024-08-16 10:48:56 +07:00
|
|
|
@Query() status?: Status,
|
2024-04-03 15:34:36 +07:00
|
|
|
) {
|
|
|
|
|
const where = {
|
2024-10-24 17:49:10 +07:00
|
|
|
OR: queryOrNot<Prisma.UserWhereInput[]>(query, [
|
2024-10-24 10:03:20 +07:00
|
|
|
{ code: { contains: query, mode: "insensitive" } },
|
2024-09-10 16:26:23 +07:00
|
|
|
{ firstName: { contains: query } },
|
|
|
|
|
{ firstNameEN: { contains: query } },
|
|
|
|
|
{ lastName: { contains: query } },
|
|
|
|
|
{ lastNameEN: { contains: query } },
|
|
|
|
|
{ email: { contains: query } },
|
|
|
|
|
{ telephoneNo: { contains: query } },
|
2024-09-11 15:06:27 +07:00
|
|
|
...whereAddressQuery(query),
|
2024-10-24 17:49:10 +07:00
|
|
|
]),
|
2024-08-13 17:07:05 +07:00
|
|
|
AND: {
|
|
|
|
|
userRole: { not: "system" },
|
2024-09-10 16:26:23 +07:00
|
|
|
userType,
|
|
|
|
|
...filterStatus(status),
|
2024-09-04 16:47:31 +07:00
|
|
|
branch: isSystem(req.user)
|
|
|
|
|
? undefined
|
|
|
|
|
: {
|
|
|
|
|
some: {
|
|
|
|
|
branch: {
|
2024-09-10 13:23:03 +07:00
|
|
|
OR: permissionCond(req.user),
|
2024-09-04 16:47:31 +07:00
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-08-13 17:07:05 +07:00
|
|
|
},
|
2024-04-03 15:34:36 +07:00
|
|
|
} satisfies Prisma.UserWhereInput;
|
|
|
|
|
|
|
|
|
|
const [result, total] = await prisma.$transaction([
|
|
|
|
|
prisma.user.findMany({
|
2024-06-24 13:20:59 +07:00
|
|
|
orderBy: [{ statusOrder: "asc" }, { createdAt: "asc" }],
|
2024-04-03 15:34:36 +07:00
|
|
|
include: {
|
2024-11-05 09:46:52 +07:00
|
|
|
responsibleArea: true,
|
2024-04-03 15:34:36 +07:00
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
2024-04-10 15:11:13 +07:00
|
|
|
branch: { include: { branch: includeBranch } },
|
2024-07-01 14:38:07 +07:00
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
2024-04-03 15:34:36 +07:00
|
|
|
},
|
|
|
|
|
where,
|
|
|
|
|
take: pageSize,
|
|
|
|
|
skip: (page - 1) * pageSize,
|
|
|
|
|
}),
|
|
|
|
|
prisma.user.count({ where }),
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
return {
|
2024-09-06 14:25:19 +07:00
|
|
|
result: result.map((v) => ({
|
|
|
|
|
...v,
|
2024-11-05 09:46:52 +07:00
|
|
|
responsibleArea: v.responsibleArea.map((v) => v.area),
|
2024-09-06 14:25:19 +07:00
|
|
|
branch: includeBranch ? v.branch.map((a) => a.branch) : undefined,
|
|
|
|
|
})),
|
2024-04-03 15:34:36 +07:00
|
|
|
page,
|
|
|
|
|
pageSize,
|
|
|
|
|
total,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Get("{userId}")
|
2024-06-28 09:32:36 +07:00
|
|
|
@Security("keycloak")
|
2024-04-03 15:34:36 +07:00
|
|
|
async getUserById(@Path() userId: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
2024-07-01 14:38:07 +07:00
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
2024-04-03 15:34:36 +07:00
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
2024-09-11 18:04:53 +07:00
|
|
|
if (!record) throw notFoundError("User");
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-09-05 14:43:33 +07:00
|
|
|
return record;
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Post()
|
2024-09-04 11:40:55 +07:00
|
|
|
@Security("keycloak", MANAGE_ROLES)
|
2024-04-03 15:34:36 +07:00
|
|
|
async createUser(@Request() req: RequestWithUser, @Body() body: UserCreate) {
|
2024-08-29 13:18:25 +07:00
|
|
|
const [province, district, subDistrict, branch, user] = await prisma.$transaction([
|
2024-07-03 11:32:32 +07:00
|
|
|
prisma.province.findFirst({ where: { id: body.provinceId ?? undefined } }),
|
|
|
|
|
prisma.district.findFirst({ where: { id: body.districtId ?? undefined } }),
|
|
|
|
|
prisma.subDistrict.findFirst({ where: { id: body.subDistrictId ?? undefined } }),
|
|
|
|
|
prisma.branch.findMany({
|
2024-09-10 13:23:03 +07:00
|
|
|
include: branchRelationPermInclude(req.user),
|
2024-07-03 11:32:32 +07:00
|
|
|
where: { id: { in: Array.isArray(body.branchId) ? body.branchId : [body.branchId] } },
|
|
|
|
|
}),
|
2024-08-29 13:18:25 +07:00
|
|
|
prisma.user.findFirst({
|
2024-10-17 14:11:37 +07:00
|
|
|
where: { username: body.username },
|
2024-08-29 13:18:25 +07:00
|
|
|
}),
|
2024-07-03 11:32:32 +07:00
|
|
|
]);
|
2024-09-11 18:04:53 +07:00
|
|
|
if (body.provinceId && !province) throw relationError("Province");
|
|
|
|
|
if (body.districtId && !district) throw relationError("District");
|
|
|
|
|
if (body.subDistrictId && !subDistrict) throw relationError("SubDistrict");
|
2024-07-03 11:32:32 +07:00
|
|
|
if (branch.length === 0) {
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"Require at least one branch for a user.",
|
|
|
|
|
"minimumBranchNotMet",
|
|
|
|
|
);
|
|
|
|
|
}
|
2024-09-07 20:19:34 +07:00
|
|
|
|
2024-09-11 18:04:53 +07:00
|
|
|
await Promise.all(branch.map((branch) => permissionCheck(req.user, branch)));
|
2024-09-07 20:19:34 +07:00
|
|
|
|
2024-10-17 14:11:37 +07:00
|
|
|
if (user) {
|
|
|
|
|
throw new HttpError(HttpStatus.BAD_REQUEST, "User exists.", "userExists");
|
2024-08-29 13:18:25 +07:00
|
|
|
}
|
2024-08-30 09:57:22 +07:00
|
|
|
|
2024-09-04 16:19:07 +07:00
|
|
|
const setRoleIndex = MANAGE_ROLES.findIndex((v) => v === body.userRole);
|
|
|
|
|
const userRoleIndex = MANAGE_ROLES.reduce(
|
|
|
|
|
(a, c, i) => (req.user.roles?.includes(c) ? i : a),
|
|
|
|
|
-1,
|
|
|
|
|
);
|
2024-09-04 11:40:55 +07:00
|
|
|
|
|
|
|
|
const THROW_PERM_MSG = "You do not have permission to perform this action.";
|
|
|
|
|
const THROW_PERM_CODE = "noPermission";
|
|
|
|
|
|
2024-09-05 11:03:45 +07:00
|
|
|
if (setRoleIndex !== -1 && setRoleIndex < userRoleIndex) {
|
2024-09-04 11:40:55 +07:00
|
|
|
throw new HttpError(HttpStatus.FORBIDDEN, THROW_PERM_MSG, THROW_PERM_CODE);
|
|
|
|
|
}
|
|
|
|
|
if (!globalAllow(req.user)) {
|
|
|
|
|
if (branch.some((v) => !v.user.find((v) => v.userId === req.user.sub))) {
|
|
|
|
|
throw new HttpError(HttpStatus.FORBIDDEN, THROW_PERM_MSG, THROW_PERM_CODE);
|
|
|
|
|
}
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
const { branchId, provinceId, districtId, subDistrictId, username, ...rest } = body;
|
2024-04-17 11:21:57 +07:00
|
|
|
|
2024-07-01 13:24:02 +07:00
|
|
|
let list = await listRole();
|
2024-04-17 16:22:07 +07:00
|
|
|
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
if (Array.isArray(list)) {
|
|
|
|
|
list = list.filter(
|
|
|
|
|
(a) =>
|
|
|
|
|
!["uma_authorization", "offline_access", "default-roles"].some((b) => a.name.includes(b)),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const userId = await createUser(username, username, {
|
2024-04-17 11:21:57 +07:00
|
|
|
firstName: body.firstName,
|
|
|
|
|
lastName: body.lastName,
|
2024-09-25 13:20:27 +07:00
|
|
|
email: body.email,
|
2024-04-17 11:21:57 +07:00
|
|
|
requiredActions: ["UPDATE_PASSWORD"],
|
2024-06-24 13:14:44 +07:00
|
|
|
enabled: rest.status !== "INACTIVE",
|
2024-04-17 11:21:57 +07:00
|
|
|
});
|
|
|
|
|
|
2024-04-17 16:22:07 +07:00
|
|
|
if (!userId || typeof userId !== "string") {
|
2024-04-17 11:21:57 +07:00
|
|
|
throw new Error("Cannot create user with keycloak service.");
|
|
|
|
|
}
|
2024-04-03 15:34:36 +07:00
|
|
|
|
2024-04-18 16:47:50 +07:00
|
|
|
const role = list.find((v) => v.name === body.userRole);
|
2024-04-17 16:22:07 +07:00
|
|
|
|
|
|
|
|
const resultAddRole = role && (await addUserRoles(userId, [role]));
|
|
|
|
|
|
|
|
|
|
if (!resultAddRole) {
|
|
|
|
|
await deleteUser(userId);
|
|
|
|
|
throw new Error("Failed. Cannot set user's role.");
|
|
|
|
|
}
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
const record = await prisma.user.create({
|
2024-07-01 14:38:07 +07:00
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
|
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
|
|
|
|
},
|
2024-04-03 15:34:36 +07:00
|
|
|
data: {
|
2024-04-17 16:22:07 +07:00
|
|
|
id: userId,
|
2024-04-03 15:34:36 +07:00
|
|
|
...rest,
|
2024-11-05 09:33:45 +07:00
|
|
|
responsibleArea: rest.responsibleArea
|
|
|
|
|
? {
|
|
|
|
|
create: rest.responsibleArea.map((v) => ({ area: v })),
|
|
|
|
|
}
|
|
|
|
|
: undefined,
|
2024-06-24 13:14:44 +07:00
|
|
|
statusOrder: +(rest.status === "INACTIVE"),
|
2024-04-17 16:48:49 +07:00
|
|
|
username,
|
2024-04-17 16:22:07 +07:00
|
|
|
userRole: role.name,
|
2024-09-10 16:26:23 +07:00
|
|
|
province: connectOrNot(provinceId),
|
|
|
|
|
district: connectOrNot(districtId),
|
|
|
|
|
subDistrict: connectOrNot(subDistrictId),
|
2024-09-04 11:40:55 +07:00
|
|
|
branch: {
|
|
|
|
|
create: Array.isArray(branchId)
|
|
|
|
|
? branchId.map((v) => ({
|
|
|
|
|
branchId: v,
|
|
|
|
|
createdByUserId: req.user.sub,
|
2024-10-29 14:21:31 +07:00
|
|
|
updatedByUserId: req.user.sub,
|
2024-09-04 11:40:55 +07:00
|
|
|
}))
|
|
|
|
|
: {
|
|
|
|
|
branchId,
|
|
|
|
|
createdByUserId: req.user.sub,
|
|
|
|
|
updatedByUserId: req.user.sub,
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-07-01 13:24:02 +07:00
|
|
|
createdBy: { connect: { id: req.user.sub } },
|
|
|
|
|
updatedBy: { connect: { id: req.user.sub } },
|
2024-04-03 15:34:36 +07:00
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
const updated = await userBranchCodeGen(record, branch[0]); // only generate code by using first branch only
|
|
|
|
|
|
|
|
|
|
record.code = updated.code;
|
|
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
this.setStatus(HttpStatus.CREATED);
|
|
|
|
|
|
2024-09-05 14:43:33 +07:00
|
|
|
return record;
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Put("{userId}")
|
2024-09-04 11:40:55 +07:00
|
|
|
@Security("keycloak", MANAGE_ROLES)
|
2024-04-03 15:34:36 +07:00
|
|
|
async editUser(
|
|
|
|
|
@Request() req: RequestWithUser,
|
|
|
|
|
@Body() body: UserUpdate,
|
|
|
|
|
@Path() userId: string,
|
|
|
|
|
) {
|
2024-10-17 14:11:37 +07:00
|
|
|
const [province, district, subDistrict, user, branch] = await prisma.$transaction([
|
|
|
|
|
prisma.province.findFirst({ where: { id: body.provinceId || undefined } }),
|
|
|
|
|
prisma.district.findFirst({ where: { id: body.districtId || undefined } }),
|
|
|
|
|
prisma.subDistrict.findFirst({ where: { id: body.subDistrictId || undefined } }),
|
|
|
|
|
prisma.user.findFirst({
|
|
|
|
|
include: {
|
|
|
|
|
branch: {
|
|
|
|
|
include: {
|
|
|
|
|
branch: {
|
|
|
|
|
include: branchRelationPermInclude(req.user),
|
2024-09-07 20:19:34 +07:00
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2024-10-17 14:11:37 +07:00
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
}),
|
|
|
|
|
prisma.branch.findMany({
|
|
|
|
|
include: branchRelationPermInclude(req.user),
|
|
|
|
|
where: {
|
|
|
|
|
id: {
|
|
|
|
|
in: Array.isArray(body.branchId) ? body.branchId : body.branchId ? [body.branchId] : [],
|
2024-07-03 11:32:32 +07:00
|
|
|
},
|
2024-10-17 14:11:37 +07:00
|
|
|
},
|
|
|
|
|
}),
|
|
|
|
|
]);
|
2024-09-11 18:04:53 +07:00
|
|
|
if (!user) throw notFoundError("User");
|
|
|
|
|
if (body.provinceId && !province) throw relationError("Province");
|
|
|
|
|
if (body.districtId && !district) throw relationError("District");
|
|
|
|
|
if (body.subDistrictId && !subDistrict) throw relationError("SubDistrict");
|
2024-07-03 11:32:32 +07:00
|
|
|
if (body.branchId && branch.length === 0) {
|
|
|
|
|
throw new HttpError(
|
|
|
|
|
HttpStatus.BAD_REQUEST,
|
|
|
|
|
"Require at least one branch for a user.",
|
|
|
|
|
"minimumBranchNotMet",
|
|
|
|
|
);
|
|
|
|
|
}
|
2024-09-10 13:23:03 +07:00
|
|
|
await Promise.all([
|
|
|
|
|
...user.branch.map(async ({ branch }) => await permissionCheck(req.user, branch)),
|
|
|
|
|
...branch.map(async (branch) => await permissionCheck(req.user, branch)),
|
|
|
|
|
]);
|
2024-09-04 16:19:07 +07:00
|
|
|
const setRoleIndex = MANAGE_ROLES.findIndex((v) => v === body.userRole);
|
|
|
|
|
const userRoleIndex = MANAGE_ROLES.reduce(
|
|
|
|
|
(a, c, i) => (req.user.roles?.includes(c) ? i : a),
|
|
|
|
|
-1,
|
|
|
|
|
);
|
2024-09-04 11:40:55 +07:00
|
|
|
|
|
|
|
|
const THROW_PERM_MSG = "You do not have permission to perform this action.";
|
|
|
|
|
const THROW_PERM_CODE = "noPermission";
|
|
|
|
|
|
2024-09-04 16:47:14 +07:00
|
|
|
if (setRoleIndex !== -1 && setRoleIndex < userRoleIndex) {
|
2024-09-04 11:40:55 +07:00
|
|
|
throw new HttpError(HttpStatus.FORBIDDEN, THROW_PERM_MSG, THROW_PERM_CODE);
|
|
|
|
|
}
|
2024-09-04 16:47:14 +07:00
|
|
|
|
|
|
|
|
if (!globalAllow(req.user) && body.branchId) {
|
2024-09-04 11:40:55 +07:00
|
|
|
if (branch.some((v) => !v.user.find((v) => v.userId === req.user.sub))) {
|
|
|
|
|
throw new HttpError(HttpStatus.FORBIDDEN, THROW_PERM_MSG, THROW_PERM_CODE);
|
|
|
|
|
}
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
2024-04-18 16:32:38 +07:00
|
|
|
let userRole: string | undefined;
|
|
|
|
|
|
2024-09-06 17:41:04 +07:00
|
|
|
if (body.userRole && user.userRole !== body.userRole) {
|
2024-07-01 13:24:02 +07:00
|
|
|
let list = await listRole();
|
2024-04-18 16:32:38 +07:00
|
|
|
|
|
|
|
|
if (!Array.isArray(list)) throw new Error("Failed. Cannot get role(s) data from the server.");
|
|
|
|
|
if (Array.isArray(list)) {
|
|
|
|
|
list = list.filter(
|
|
|
|
|
(a) =>
|
|
|
|
|
!["uma_authorization", "offline_access", "default-roles"].some((b) =>
|
|
|
|
|
a.name.includes(b),
|
|
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
const currentRole = await getUserRoles(userId);
|
2024-04-17 16:35:35 +07:00
|
|
|
|
2024-04-18 16:50:12 +07:00
|
|
|
const role = list.find((v) => v.name === body.userRole);
|
2024-04-17 16:35:35 +07:00
|
|
|
|
2024-09-04 16:47:14 +07:00
|
|
|
if (role) {
|
|
|
|
|
const resultAddRole = await addUserRoles(userId, [role]);
|
|
|
|
|
|
|
|
|
|
if (!resultAddRole) {
|
|
|
|
|
throw new Error("Failed. Cannot set user's role.");
|
|
|
|
|
} else {
|
|
|
|
|
if (Array.isArray(currentRole))
|
|
|
|
|
await removeUserRoles(
|
|
|
|
|
userId,
|
|
|
|
|
currentRole.filter(
|
|
|
|
|
(a) =>
|
|
|
|
|
!["uma_authorization", "offline_access", "default-roles"].some((b) =>
|
|
|
|
|
a.name.includes(b),
|
|
|
|
|
),
|
|
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userRole = role.name;
|
2024-04-18 16:32:38 +07:00
|
|
|
}
|
2024-04-17 16:35:35 +07:00
|
|
|
}
|
|
|
|
|
|
2024-04-18 16:39:49 +07:00
|
|
|
if (body.username) {
|
2024-09-25 13:20:27 +07:00
|
|
|
await editUser(userId, {
|
|
|
|
|
username: body.username,
|
|
|
|
|
email: body.email,
|
|
|
|
|
enabled: body.status !== "INACTIVE",
|
|
|
|
|
});
|
2024-04-18 16:39:49 +07:00
|
|
|
}
|
|
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
const { provinceId, districtId, subDistrictId, branchId, ...rest } = body;
|
2024-04-09 13:05:49 +07:00
|
|
|
|
2024-04-03 15:34:36 +07:00
|
|
|
const record = await prisma.user.update({
|
2024-07-01 14:38:07 +07:00
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
|
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
|
|
|
|
},
|
2024-04-03 15:34:36 +07:00
|
|
|
data: {
|
|
|
|
|
...rest,
|
2024-11-05 09:33:45 +07:00
|
|
|
responsibleArea: rest.responsibleArea
|
|
|
|
|
? {
|
|
|
|
|
deleteMany: {},
|
|
|
|
|
create: rest.responsibleArea.map((v) => ({ area: v })),
|
|
|
|
|
}
|
|
|
|
|
: undefined,
|
2024-06-24 13:14:44 +07:00
|
|
|
statusOrder: +(rest.status === "INACTIVE"),
|
2024-04-18 16:32:38 +07:00
|
|
|
userRole,
|
2024-09-10 16:26:23 +07:00
|
|
|
province: connectOrDisconnect(provinceId),
|
|
|
|
|
district: connectOrDisconnect(districtId),
|
|
|
|
|
subDistrict: connectOrDisconnect(subDistrictId),
|
2024-07-01 13:24:02 +07:00
|
|
|
updatedBy: { connect: { id: req.user.sub } },
|
2024-04-03 15:34:36 +07:00
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
2024-04-09 13:05:49 +07:00
|
|
|
|
2024-07-03 11:32:32 +07:00
|
|
|
if (branchId) {
|
|
|
|
|
await prisma.$transaction([
|
|
|
|
|
prisma.branchUser.deleteMany({
|
|
|
|
|
where: {
|
|
|
|
|
userId,
|
|
|
|
|
branchId: { not: { in: Array.isArray(branchId) ? branchId : [branchId] } },
|
|
|
|
|
},
|
|
|
|
|
}),
|
|
|
|
|
prisma.branchUser.createMany({
|
|
|
|
|
data: (Array.isArray(branchId) ? branchId : [branchId])
|
|
|
|
|
.filter((a) => !user.branch.some((b) => a === b.branchId))
|
|
|
|
|
.map((v) => ({
|
|
|
|
|
userId,
|
|
|
|
|
branchId: v,
|
|
|
|
|
})),
|
|
|
|
|
}),
|
2024-08-14 14:03:25 +07:00
|
|
|
prisma.branch.updateMany({
|
|
|
|
|
where: {
|
|
|
|
|
id: { in: Array.isArray(branchId) ? branchId : [branchId] },
|
|
|
|
|
status: "CREATED",
|
|
|
|
|
},
|
|
|
|
|
data: { status: "ACTIVE" },
|
|
|
|
|
}),
|
2024-07-03 11:32:32 +07:00
|
|
|
]);
|
|
|
|
|
|
2024-08-14 20:32:24 +07:00
|
|
|
if (branch[0]?.id !== user.branch[0]?.branchId) {
|
2024-07-03 11:32:32 +07:00
|
|
|
const updated = await userBranchCodeGen(user, branch[0]);
|
|
|
|
|
record.code = updated.code;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-05 14:43:33 +07:00
|
|
|
return record;
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Delete("{userId}")
|
2024-09-04 11:40:55 +07:00
|
|
|
@Security("keycloak", MANAGE_ROLES)
|
2024-07-03 11:32:32 +07:00
|
|
|
async deleteUser(@Request() req: RequestWithUser, @Path() userId: string) {
|
2024-04-03 16:26:52 +07:00
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
2024-07-01 14:38:07 +07:00
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
2024-07-03 11:32:32 +07:00
|
|
|
branch: {
|
2024-09-04 17:41:54 +07:00
|
|
|
include: {
|
|
|
|
|
branch: {
|
2024-09-10 14:51:05 +07:00
|
|
|
include: branchRelationPermInclude(req.user),
|
2024-09-04 17:41:54 +07:00
|
|
|
},
|
2024-07-03 11:32:32 +07:00
|
|
|
},
|
|
|
|
|
},
|
2024-04-03 16:26:52 +07:00
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
2024-10-03 09:41:47 +07:00
|
|
|
if (!record) throw notFoundError("User");
|
2024-04-03 16:26:52 +07:00
|
|
|
|
2024-09-10 13:23:03 +07:00
|
|
|
await Promise.all([
|
|
|
|
|
...record.branch.map(async ({ branch }) => await permissionCheck(req.user, branch)),
|
|
|
|
|
]);
|
2024-09-07 20:19:34 +07:00
|
|
|
|
2024-10-03 09:41:47 +07:00
|
|
|
if (record.status !== Status.CREATED) throw isUsedError("User");
|
2024-04-03 16:26:52 +07:00
|
|
|
|
2024-09-13 16:16:14 +07:00
|
|
|
await deleteFolder(fileLocation.user.profile(userId));
|
|
|
|
|
await deleteFolder(fileLocation.user.attachment(userId));
|
2024-04-17 13:05:36 +07:00
|
|
|
await deleteUser(userId);
|
|
|
|
|
|
2024-04-03 16:26:52 +07:00
|
|
|
return await prisma.user.delete({
|
|
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
2024-07-01 14:38:07 +07:00
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
2024-04-03 16:26:52 +07:00
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
2024-07-31 11:43:07 +07:00
|
|
|
}
|
2024-04-03 15:34:36 +07:00
|
|
|
}
|
2024-04-10 10:50:45 +07:00
|
|
|
|
2024-09-10 15:17:48 +07:00
|
|
|
async function getUserCheckPerm(user: RequestWithUser["user"], userId: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
include: {
|
|
|
|
|
province: true,
|
|
|
|
|
district: true,
|
|
|
|
|
subDistrict: true,
|
|
|
|
|
createdBy: true,
|
|
|
|
|
updatedBy: true,
|
|
|
|
|
branch: {
|
|
|
|
|
include: {
|
|
|
|
|
branch: {
|
2024-09-10 16:26:23 +07:00
|
|
|
include: branchRelationPermInclude(user),
|
2024-09-10 15:17:48 +07:00
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
2024-10-03 09:41:47 +07:00
|
|
|
if (!record) throw notFoundError("User");
|
2024-09-10 15:17:48 +07:00
|
|
|
|
|
|
|
|
await Promise.all(record.branch.map(async ({ branch }) => await permissionCheck(user, branch)));
|
|
|
|
|
}
|
2024-09-05 14:43:33 +07:00
|
|
|
@Route("api/v1/user/{userId}/profile-image")
|
|
|
|
|
@Tags("User")
|
|
|
|
|
export class UserProfileController extends Controller {
|
|
|
|
|
@Get()
|
|
|
|
|
@Security("keycloak")
|
|
|
|
|
async listImage(@Path() userId: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
2024-10-03 09:41:47 +07:00
|
|
|
if (!record) throw notFoundError("User");
|
2024-09-05 14:43:33 +07:00
|
|
|
|
|
|
|
|
return await listFile(fileLocation.user.profile(userId));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Get("{name}")
|
|
|
|
|
async getImage(@Request() req: RequestWithUser, @Path() userId: string, @Path() name: string) {
|
2024-09-13 16:16:14 +07:00
|
|
|
return req.res?.redirect(await getFile(fileLocation.user.profile(userId, name)));
|
2024-09-05 14:43:33 +07:00
|
|
|
}
|
|
|
|
|
|
2024-10-22 17:54:46 +07:00
|
|
|
@Head("{name}")
|
|
|
|
|
async headImage(@Request() req: RequestWithUser, @Path() userId: string, @Path() name: string) {
|
|
|
|
|
return req.res?.redirect(await getPresigned("head", fileLocation.user.profile(userId, name)));
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-05 14:43:33 +07:00
|
|
|
@Put("{name}")
|
|
|
|
|
@Security("keycloak")
|
|
|
|
|
async putImage(@Request() req: RequestWithUser, @Path() userId: string, @Path() name: string) {
|
2024-09-10 15:17:48 +07:00
|
|
|
await getUserCheckPerm(req.user, userId);
|
2024-09-13 16:16:14 +07:00
|
|
|
return req.res?.redirect(await setFile(fileLocation.user.profile(userId, name)));
|
2024-09-05 14:43:33 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Delete("{name}")
|
2024-09-09 16:13:21 +07:00
|
|
|
@Security("keycloak")
|
2024-09-07 20:19:34 +07:00
|
|
|
async deleteImage(@Request() req: RequestWithUser, @Path() userId: string, @Path() name: string) {
|
2024-09-10 15:17:48 +07:00
|
|
|
await getUserCheckPerm(req.user, userId);
|
2024-09-13 16:16:14 +07:00
|
|
|
await deleteFile(fileLocation.user.profile(userId, name));
|
2024-09-05 14:43:33 +07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-06-06 09:42:02 +07:00
|
|
|
@Route("api/v1/user/{userId}/attachment")
|
2024-04-10 10:50:45 +07:00
|
|
|
@Tags("User")
|
|
|
|
|
@Security("keycloak")
|
|
|
|
|
export class UserAttachmentController extends Controller {
|
|
|
|
|
@Get()
|
|
|
|
|
async listAttachment(@Path() userId: string) {
|
|
|
|
|
const record = await prisma.user.findFirst({
|
|
|
|
|
where: { id: userId },
|
|
|
|
|
});
|
|
|
|
|
|
2024-10-03 09:41:47 +07:00
|
|
|
if (!record) throw notFoundError("User");
|
2024-04-10 10:50:45 +07:00
|
|
|
|
2024-09-06 14:13:00 +07:00
|
|
|
const list = await listFile(fileLocation.user.attachment(userId));
|
2024-09-07 20:19:34 +07:00
|
|
|
|
2024-09-06 14:13:00 +07:00
|
|
|
return await Promise.all(
|
|
|
|
|
list.map(async (v) => ({
|
|
|
|
|
name: v,
|
2024-09-13 16:16:14 +07:00
|
|
|
url: await getFile(fileLocation.user.attachment(userId, v)),
|
2024-09-06 14:13:00 +07:00
|
|
|
})),
|
|
|
|
|
);
|
2024-04-10 10:50:45 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Post()
|
2024-09-07 20:19:34 +07:00
|
|
|
async addAttachment(
|
|
|
|
|
@Request() req: RequestWithUser,
|
|
|
|
|
@Path() userId: string,
|
|
|
|
|
@Body() payload: { file: string[] },
|
|
|
|
|
) {
|
2024-09-10 15:17:48 +07:00
|
|
|
await getUserCheckPerm(req.user, userId);
|
2024-04-10 10:50:45 +07:00
|
|
|
|
|
|
|
|
return await Promise.all(
|
|
|
|
|
payload.file.map(async (v) => ({
|
|
|
|
|
name: v,
|
2024-09-13 16:16:14 +07:00
|
|
|
url: await getFile(fileLocation.user.attachment(userId, v)),
|
|
|
|
|
uploadUrl: await setFile(fileLocation.user.attachment(userId, v), 12 * 60 * 60),
|
2024-04-10 10:50:45 +07:00
|
|
|
})),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Delete()
|
2024-09-07 20:19:34 +07:00
|
|
|
async deleteAttachment(
|
|
|
|
|
@Request() req: RequestWithUser,
|
|
|
|
|
@Path() userId: string,
|
|
|
|
|
@Body() payload: { file: string[] },
|
|
|
|
|
) {
|
2024-09-10 15:17:48 +07:00
|
|
|
await getUserCheckPerm(req.user, userId);
|
2024-04-10 10:50:45 +07:00
|
|
|
await Promise.all(
|
|
|
|
|
payload.file.map(async (v) => {
|
2024-09-13 16:16:14 +07:00
|
|
|
await deleteFile(fileLocation.user.attachment(userId, v));
|
2024-04-10 10:50:45 +07:00
|
|
|
}),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
