chamomind/jws-backend
chamomind/jws-backend
7
0
Fork 0
Code Issues Projects 1 Releases Packages 1 Wiki Activity Actions

refactor: separate and use helper function

Browse source
This commit is contained in:
Methapon Metanipat 2024-09-10 15:43:15 +07:00
parent b4f07c2137
commit 68d6bcfcab
1 changed files with 103 additions and 181 deletions
Download patch file Download diff file Expand all files Collapse all files

284
src/controllers/01-branch-controller.ts
View file

@ -18,17 +18,19 @@ import prisma from "../db";
import HttpError from "../interfaces/http-error"; import HttpError from "../interfaces/http-error";
import HttpStatus from "../interfaces/http-status"; import HttpStatus from "../interfaces/http-status";
import { RequestWithUser } from "../interfaces/user"; import { RequestWithUser } from "../interfaces/user";
import minio from "../services/minio"; import { deleteFile, deleteFolder, fileLocation, getFile, listFile, setFile } from "../utils/minio";
import { isSystem } from "../utils/keycloak"; import {
import { deleteFile, deleteFolder, fileLocation, listFile } from "../utils/minio"; branchRelationPermInclude,
import { createPermCheck, createPermCondition } from "../services/permission"; createPermCheck,
createPermCondition,
} from "../services/permission";
import { filterStatus } from "../services/prisma"; import { filterStatus } from "../services/prisma";
import { connectOrDisconnect, connectOrNot } from "../utils/relation";
if (!process.env.MINIO_BUCKET) { if (!process.env.MINIO_BUCKET) {
throw Error("Require MinIO bucket."); throw Error("Require MinIO bucket.");
} }
const MINIO_BUCKET = process.env.MINIO_BUCKET;
const MANAGE_ROLES = ["system", "head_of_admin"]; const MANAGE_ROLES = ["system", "head_of_admin"];
function globalAllow(user: RequestWithUser["user"]) { function globalAllow(user: RequestWithUser["user"]) {
@ -401,10 +403,10 @@ export class BranchController extends Controller {
telephoneNo: v, telephoneNo: v,
})), })),
}, },
province: { connect: provinceId ? { id: provinceId } : undefined }, province: connectOrNot(provinceId),
district: { connect: districtId ? { id: districtId } : undefined }, district: connectOrNot(districtId),
subDistrict: { connect: subDistrictId ? { id: subDistrictId } : undefined }, subDistrict: connectOrNot(subDistrictId),
headOffice: { connect: headOfficeId ? { id: headOfficeId } : undefined }, headOffice: connectOrNot(headOfficeId),
createdBy: { connect: { id: req.user.sub } }, createdBy: { connect: { id: req.user.sub } },
updatedBy: { connect: { id: req.user.sub } }, updatedBy: { connect: { id: req.user.sub } },
}, },
@ -483,9 +485,8 @@ export class BranchController extends Controller {
}) })
: []; : [];
await minio.removeObjects( await Promise.all(
MINIO_BUCKET, listDeleted.map((v) => deleteFile(fileLocation.branch.bank(v.branchId, v.id))),
listDeleted.map((v) => fileLocation.branch.bank(v.branchId, v.id)),
); );
return await prisma.branch.update({ return await prisma.branch.update({
@ -513,22 +514,10 @@ export class BranchController extends Controller {
})), })),
} }
: undefined, : undefined,
province: { province: connectOrDisconnect(provinceId),
connect: provinceId ? { id: provinceId } : undefined, district: connectOrDisconnect(districtId),
disconnect: provinceId === null || undefined, subDistrict: connectOrDisconnect(subDistrictId),
}, headOffice: connectOrDisconnect(headOfficeId),
district: {
connect: districtId ? { id: districtId } : undefined,
disconnect: districtId === null || undefined,
},
subDistrict: {
connect: subDistrictId ? { id: subDistrictId } : undefined,
disconnect: subDistrictId === null || undefined,
},
headOffice: {
connect: headOfficeId ? { id: headOfficeId } : undefined,
disconnect: headOfficeId === null || undefined,
},
contact: contact contact: contact
? { ? {
deleteMany: {}, deleteMany: {},
@ -548,15 +537,7 @@ export class BranchController extends Controller {
@Security("keycloak", MANAGE_ROLES) @Security("keycloak", MANAGE_ROLES)
async deleteBranch(@Request() req: RequestWithUser, @Path() branchId: string) { async deleteBranch(@Request() req: RequestWithUser, @Path() branchId: string) {
const record = await prisma.branch.findUnique({ const record = await prisma.branch.findUnique({
include: { include: branchRelationPermInclude(req.user),
headOffice: {
include: {
branch: { where: { user: { some: { userId: req.user.sub } } } },
user: { where: { userId: req.user.sub } },
},
},
user: { where: { userId: req.user.sub } },
},
where: { id: branchId }, where: { id: branchId },
}); });
@ -564,28 +545,7 @@ export class BranchController extends Controller {
throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound"); throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound");
} }
if (!isSystem(req.user)) { await permissionCheck(req.user, record);
if (!globalAllow(req.user) && record.user.length === 0) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
"noPermission",
);
} else {
if (
(record.user.length === 0 && !record.headOffice) ||
(record.headOffice &&
record.headOffice.user.length === 0 &&
record.headOffice.branch.length === 0)
) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
"noPermission",
);
}
}
}
if (!record) { if (!record) {
throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound"); throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound");
@ -619,149 +579,111 @@ export class BranchController extends Controller {
await Promise.all([ await Promise.all([
deleteFolder(fileLocation.branch.img(branchId)), deleteFolder(fileLocation.branch.img(branchId)),
minio.removeObject(MINIO_BUCKET, fileLocation.branch.line(branchId), { deleteFile(fileLocation.branch.line(branchId)),
forceDelete: true, ...data.bank.map((v) => deleteFile(fileLocation.branch.bank(branchId, v.id))),
}),
...data.bank.map(async (v) => {
await minio.removeObject(MINIO_BUCKET, fileLocation.branch.bank(branchId, v.id), {
forceDelete: true,
});
}),
]); ]);
return data; return data;
}); });
} }
}
@Get("{branchId}/line-image") @Route("api/v1/branch/{branchId}")
async getLineImageByBranchId(@Request() req: RequestWithUser, @Path() branchId: string) { @Tags("Branch")
const url = await minio.presignedGetObject( export class BranchFileController extends Controller {
MINIO_BUCKET, private async checkPermission(user: RequestWithUser["user"], id: string) {
fileLocation.branch.line(branchId), const data = await prisma.branch.findUnique({
60 * 60, include: branchRelationPermInclude(user),
); where: { id },
return req.res?.redirect(url);
}
@Put("{branchId}/line-image")
@Security("keycloak", MANAGE_ROLES.concat("admin", "branch_manager"))
async setLineImageByBranchId(@Request() req: RequestWithUser, @Path() branchId: string) {
await permissionCheck(req.user, branchId);
return req.res?.redirect(
await minio.presignedPutObject(
MINIO_BUCKET,
fileLocation.branch.line(branchId),
12 * 60 * 60,
),
);
}
@Delete("{branchId}/line-image")
@Security("keycloak", MANAGE_ROLES.concat("admin", "branch_manager"))
async deleteLineImage(@Request() req: RequestWithUser, @Path() branchId: string) {
await permissionCheck(req.user, branchId);
await deleteFile(fileLocation.branch.line(branchId));
}
@Get("{branchId}/bank-qr/{bankId}")
async getBankQRByBranchIdAndBankId(
@Request() req: RequestWithUser,
@Path() branchId: string,
@Path() bankId: string,
) {
const url = await minio.presignedGetObject(
MINIO_BUCKET,
fileLocation.branch.bank(branchId, bankId),
60 * 60,
);
return req.res?.redirect(url);
}
@Put("{branchId}/bank-qr/{bankId}")
@Security("keycloak", MANAGE_ROLES.concat("admin", "branch_manager"))
async setBankQRByBranchIdAndBankId(
@Request() req: RequestWithUser,
@Path() branchId: string,
@Path() bankId: string,
) {
await permissionCheck(req.user, branchId);
return req.res?.redirect(
await minio.presignedPutObject(
MINIO_BUCKET,
fileLocation.branch.bank(branchId, bankId),
12 * 60 * 60,
),
);
}
@Delete("{branchId}/bank-qr/{bankId}")
@Security("keycloak", MANAGE_ROLES.concat("admin", "branch_manager"))
async deleteImage(
@Request() req: RequestWithUser,
@Path() branchId: string,
@Path() bankId: string,
) {
await permissionCheck(req.user, branchId);
await deleteFile(fileLocation.branch.bank(branchId, bankId));
}
@Get("{branchId}/image")
@Security("keycloak")
async listImage(@Path() branchId: string) {
const record = await prisma.branch.findFirst({
where: { id: branchId },
}); });
if (!data) {
if (!record) {
throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound"); throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound");
} }
await permissionCheck(user, data);
}
@Get("image")
@Security("keycloak")
async listImage(@Request() req: RequestWithUser, @Path() branchId: string) {
await this.checkPermission(req.user, branchId);
return await listFile(fileLocation.branch.img(branchId)); return await listFile(fileLocation.branch.img(branchId));
} }
@Get("{branchId}/image/{name}") @Get("image/{name}")
async getImageByName( async getImage(@Request() req: RequestWithUser, @Path() branchId: string, @Path() name: string) {
@Request() req: RequestWithUser, return req.res?.redirect(await getFile(fileLocation.branch.img(branchId, name)));
@Path() branchId: string,
@Path() name: string,
) {
return req.res?.redirect(
await minio.presignedGetObject(
MINIO_BUCKET,
fileLocation.branch.img(branchId, name),
12 * 60 * 60,
),
);
} }
@Put("{branchId}/image/{name}") @Put("image/{name}")
@Security("keycloak") @Security("keycloak")
async putImageByName( async putImage(@Request() req: RequestWithUser, @Path() branchId: string, @Path() name: string) {
@Request() req: RequestWithUser, if (!req.headers["content-type"]?.startsWith("image/")) {
@Path() branchId: string, throw new HttpError(HttpStatus.BAD_REQUEST, "Not a valid image.", "notValidImage");
@Path() name: string, }
) { await this.checkPermission(req.user, branchId);
await permissionCheck(req.user, branchId); return req.res?.redirect(await setFile(fileLocation.branch.img(branchId, name)));
return req.res?.redirect(
await minio.presignedPutObject(
MINIO_BUCKET,
fileLocation.branch.img(branchId, name),
12 * 60 * 60,
),
);
} }
@Delete("{branchId}/image/{name}") @Delete("image/{name}")
@Security("keycloak") @Security("keycloak")
async deleteImageByName( async delImage(@Request() req: RequestWithUser, @Path() branchId: string, @Path() name: string) {
await this.checkPermission(req.user, branchId);
return await deleteFile(fileLocation.branch.img(branchId, name));
}
@Get("bank-qr/{bankId}")
async getBankImage(
@Request() req: RequestWithUser, @Request() req: RequestWithUser,
@Path() branchId: string, @Path() branchId: string,
@Path() name: string, @Path() bankId: string,
) { ) {
await permissionCheck(req.user, branchId); return req.res?.redirect(await getFile(fileLocation.branch.bank(branchId, bankId)));
await minio.removeObject(MINIO_BUCKET, fileLocation.branch.img(branchId, name), { }
forceDelete: true,
}); @Put("bank-qr/{bankId}")
@Security("keycloak")
async putBankImage(
@Request() req: RequestWithUser,
@Path() branchId: string,
@Path() bankId: string,
) {
if (!req.headers["content-type"]?.startsWith("image/")) {
throw new HttpError(HttpStatus.BAD_REQUEST, "Not a valid image.", "notValidImage");
}
await this.checkPermission(req.user, branchId);
return req.res?.redirect(await setFile(fileLocation.branch.bank(branchId, bankId)));
}
@Delete("bank-qr/{bankId}")
@Security("keycloak")
async delBankImage(
@Request() req: RequestWithUser,
@Path() branchId: string,
@Path() bankId: string,
) {
await this.checkPermission(req.user, branchId);
return await deleteFile(fileLocation.branch.bank(branchId, bankId));
}
@Get("line-image")
async getLineImage(@Request() req: RequestWithUser, @Path() branchId: string) {
return req.res?.redirect(await getFile(fileLocation.branch.line(branchId)));
}
@Put("line-image")
@Security("keycloak")
async putLineImage(@Request() req: RequestWithUser, @Path() branchId: string) {
if (!req.headers["content-type"]?.startsWith("image/")) {
throw new HttpError(HttpStatus.BAD_REQUEST, "Not a valid image.", "notValidImage");
}
await this.checkPermission(req.user, branchId);
return req.res?.redirect(await setFile(fileLocation.branch.line(branchId)));
}
@Delete("line-image")
@Security("keycloak")
async delLineImage(@Request() req: RequestWithUser, @Path() branchId: string) {
await this.checkPermission(req.user, branchId);
return await deleteFile(fileLocation.branch.line(branchId));
} }
} }