chamomind/jws-backend
chamomind/jws-backend
7
0
Fork 0
Code Issues Projects 1 Releases Packages 1 Wiki Activity Actions

feat: detect same username / email

Browse source
This commit is contained in:
Methapon Metanipat 2024-10-17 14:04:47 +07:00
parent 4e5825c236
commit 3bb766cfb2
1 changed files with 44 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

68
src/controllers/02-user-controller.ts
View file

@ -332,7 +332,7 @@ export class UserController extends Controller {
where: { id: { in: Array.isArray(body.branchId) ? body.branchId : [body.branchId] } }, where: { id: { in: Array.isArray(body.branchId) ? body.branchId : [body.branchId] } },
}), }),
prisma.user.findFirst({ prisma.user.findFirst({
where: { username: body.username }, where: { OR: [{ username: body.username }, { email: body.email }] },
}), }),
]); ]);
if (body.provinceId && !province) throw relationError("Province"); if (body.provinceId && !province) throw relationError("Province");
@ -348,8 +348,11 @@ export class UserController extends Controller {
await Promise.all(branch.map((branch) => permissionCheck(req.user, branch))); await Promise.all(branch.map((branch) => permissionCheck(req.user, branch)));
if (user) { if (user && user.username === body.username) {
throw new HttpError(HttpStatus.BAD_REQUEST, "User exists.", "userExists"); throw new HttpError(HttpStatus.BAD_REQUEST, "User exists.", "userExistsSameUserName");
}
if (user && user.email === body.email) {
throw new HttpError(HttpStatus.BAD_REQUEST, "User exists.", "userExistsSameEmail");
} }
const setRoleIndex = MANAGE_ROLES.findIndex((v) => v === body.userRole); const setRoleIndex = MANAGE_ROLES.findIndex((v) => v === body.userRole);
@ -454,31 +457,40 @@ export class UserController extends Controller {
@Body() body: UserUpdate, @Body() body: UserUpdate,
@Path() userId: string, @Path() userId: string,
) { ) {
const [province, district, subDistrict, user, branch] = await prisma.$transaction([ const [province, district, subDistrict, user, branch, conflictUser] = await prisma.$transaction(
prisma.province.findFirst({ where: { id: body.provinceId || undefined } }), [
prisma.district.findFirst({ where: { id: body.districtId || undefined } }), prisma.province.findFirst({ where: { id: body.provinceId || undefined } }),
prisma.subDistrict.findFirst({ where: { id: body.subDistrictId || undefined } }), prisma.district.findFirst({ where: { id: body.districtId || undefined } }),
prisma.user.findFirst({ prisma.subDistrict.findFirst({ where: { id: body.subDistrictId || undefined } }),
include: { prisma.user.findFirst({
branch: { include: {
include: { branch: {
branch: { include: {
include: branchRelationPermInclude(req.user), branch: {
include: branchRelationPermInclude(req.user),
},
}, },
}, },
}, },
}, where: { id: userId },
where: { id: userId }, }),
}), prisma.branch.findMany({
prisma.branch.findMany({ include: branchRelationPermInclude(req.user),
include: branchRelationPermInclude(req.user), where: {
where: { id: {
id: { in: Array.isArray(body.branchId)
in: Array.isArray(body.branchId) ? body.branchId : body.branchId ? [body.branchId] : [], ? body.branchId
: body.branchId
? [body.branchId]
: [],
},
}, },
}, }),
}), prisma.user.findFirst({
]); where: { OR: [{ username: body.username }, { email: body.email }], NOT: { id: userId } },
}),
],
);
if (!user) throw notFoundError("User"); if (!user) throw notFoundError("User");
if (body.provinceId && !province) throw relationError("Province"); if (body.provinceId && !province) throw relationError("Province");
if (body.districtId && !district) throw relationError("District"); if (body.districtId && !district) throw relationError("District");
@ -490,6 +502,14 @@ export class UserController extends Controller {
"minimumBranchNotMet", "minimumBranchNotMet",
); );
} }
if (conflictUser && conflictUser.username === body.username) {
throw new HttpError(HttpStatus.BAD_REQUEST, "User exists.", "userExistsSameUserName");
}
if (conflictUser && conflictUser.email === body.email) {
throw new HttpError(HttpStatus.BAD_REQUEST, "User exists.", "userExistsSameEmail");
}
await Promise.all([ await Promise.all([
...user.branch.map(async ({ branch }) => await permissionCheck(req.user, branch)), ...user.branch.map(async ({ branch }) => await permissionCheck(req.user, branch)),
...branch.map(async (branch) => await permissionCheck(req.user, branch)), ...branch.map(async (branch) => await permissionCheck(req.user, branch)),