From df6179efa8fc51af515c96f9cb16fb4d7e3ab878 Mon Sep 17 00:00:00 2001 From: Methapon2001 <61303214+Methapon2001@users.noreply.github.com> Date: Wed, 4 Dec 2024 13:56:49 +0700 Subject: [PATCH] feat: upload file --- src/controllers/06-request-list-controller.ts | 106 +++++++++++++++++- 1 file changed, 103 insertions(+), 3 deletions(-) diff --git a/src/controllers/06-request-list-controller.ts b/src/controllers/06-request-list-controller.ts index 46e83d9..950b762 100644 --- a/src/controllers/06-request-list-controller.ts +++ b/src/controllers/06-request-list-controller.ts @@ -1,10 +1,31 @@ import { Prisma, RequestDataStatus, RequestWorkStatus } from "@prisma/client"; -import { Body, Controller, Get, Path, Put, Query, Request, Route, Security, Tags } from "tsoa"; +import { + Body, + Controller, + Delete, + Get, + Head, + Path, + Put, + Query, + Request, + Route, + Security, + Tags, +} from "tsoa"; import { RequestWithUser } from "../interfaces/user"; import prisma from "../db"; -import { createPermCondition } from "../services/permission"; +import { + branchRelationPermInclude, + createPermCheck, + createPermCondition, +} from "../services/permission"; import { queryOrNot } from "../utils/relation"; import { notFoundError } from "../utils/error"; +import { deleteFile, fileLocation, getFile, getPresigned, listFile, setFile } from "../utils/minio"; + +// User in company can edit. +const permissionCheck = createPermCheck((_) => true); // User in company can see. const permissionCond = createPermCondition((_) => true); @@ -221,6 +242,7 @@ export class RequestListController extends Controller { } @Get("{requestWorkId}") + @Security("keycloak") async getRequestWorkById(@Path() requestWorkId: string) { const record = await prisma.requestWork.findFirst({ include: { @@ -362,4 +384,82 @@ export class RequestListController extends Controller { } } -export class RequestListAttachmentController extends Controller {} +@Route("api/v1/request-work/{requestId}/step-status/{step}") +@Tags("Request List") +export class RequestListFileController extends Controller { + private async checkPermission(user: RequestWithUser["user"], id: string) { + const data = await prisma.requestWork.findUnique({ + where: { id }, + include: { + request: { + include: { + quotation: { + include: { registeredBranch: { include: branchRelationPermInclude(user) } }, + }, + }, + }, + }, + }); + if (!data) throw notFoundError("Request Work"); + await permissionCheck(user, data.request.quotation.registeredBranch); + } + + @Get("attachment") + @Security("keycloak") + async listAttachment( + @Request() req: RequestWithUser, + @Path() requestId: string, + @Path() step: number, + ) { + await this.checkPermission(req.user, requestId); + return await listFile(fileLocation.request.attachment(requestId, step)); + } + + @Get("attachment/{name}") + @Security("keycloak") + async getAttachment( + @Request() req: RequestWithUser, + @Path() requestId: string, + @Path() step: number, + @Path() name: string, + ) { + await this.checkPermission(req.user, requestId); + return await getFile(fileLocation.request.attachment(requestId, step, name)); + } + + @Head("attachment/{name}") + @Security("keycloak") + async headAttachment( + @Request() req: RequestWithUser, + @Path() requestId: string, + @Path() step: number, + @Path() name: string, + ) { + await this.checkPermission(req.user, requestId); + return await getPresigned("head", fileLocation.request.attachment(requestId, step, name)); + } + + @Put("attachment/{name}") + @Security("keycloak") + async putAttachment( + @Request() req: RequestWithUser, + @Path() requestId: string, + @Path() step: number, + @Path() name: string, + ) { + await this.checkPermission(req.user, requestId); + return await setFile(fileLocation.request.attachment(requestId, step, name)); + } + + @Delete("attachment/{name}") + @Security("keycloak") + async delAttachment( + @Request() req: RequestWithUser, + @Path() requestId: string, + @Path() step: number, + @Path() name: string, + ) { + await this.checkPermission(req.user, requestId); + return await deleteFile(fileLocation.request.attachment(requestId, step, name)); + } +}