From a8ad8e37d41f423d425bbd1f40fac99d26b0dcf0 Mon Sep 17 00:00:00 2001 From: Methapon Metanipat Date: Thu, 5 Sep 2024 10:45:55 +0700 Subject: [PATCH] feat: add branch bank qr --- src/controllers/01-branch-controller.ts | 63 +++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/src/controllers/01-branch-controller.ts b/src/controllers/01-branch-controller.ts index 8679ff1..d610899 100644 --- a/src/controllers/01-branch-controller.ts +++ b/src/controllers/01-branch-controller.ts @@ -745,4 +745,67 @@ export class BranchController extends Controller { ), ); } + + @Get("{branchId}/bank-qr/{bankId}") + async getBankQRByBranchIdAndBankId( + @Request() req: RequestWithUser, + @Path() branchId: string, + @Path() bankId: string, + ) { + const url = await presignedGetObjectIfExist( + MINIO_BUCKET, + fileLocation.branch.bank(branchId, bankId), + 60 * 60, + ); + + if (!url) { + throw new HttpError(HttpStatus.NOT_FOUND, "Image cannot be found", "imageNotFound"); + } + + return req.res?.redirect(url); + } + + @Put("{branchId}/bank-qr/{bankId}") + async setBankQRByBranchIdAndBankId( + @Request() req: RequestWithUser, + @Path() branchId: string, + @Path() bankId: string, + ) { + const record = await prisma.branch.findUnique({ + include: { + user: { where: { userId: req.user.sub } }, + }, + where: { + id: branchId, + bank: { some: { id: bankId } }, + }, + }); + + if (!record) { + throw new HttpError( + HttpStatus.NOT_FOUND, + "Branch Bank cannot be found.", + "branchBankNotFound", + ); + } + + if ( + !MANAGE_ROLES.some((v) => req.user.roles?.includes(v)) && + !record?.user.find((v) => v.userId === req.user.sub) + ) { + throw new HttpError( + HttpStatus.FORBIDDEN, + "You do not have permission to perform this action.", + "noPermission", + ); + } + + return req.res?.redirect( + await minio.presignedPutObject( + MINIO_BUCKET, + fileLocation.branch.bank(branchId, bankId), + 12 * 60 * 60, + ), + ); + } }