chamomind/jws-backend
chamomind/jws-backend
7
0
Fork 0
Code Issues Projects 1 Releases Packages 1 Wiki Activity Actions

feat: add delete image endpoint

Browse source
This commit is contained in:
Methapon Metanipat 2024-09-06 13:22:04 +07:00
parent 81f8aeeb7c
commit ebb5261b8d
1 changed files with 118 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

135
src/controllers/01-branch-controller.ts
View file

@ -20,7 +20,7 @@ import HttpStatus from "../interfaces/http-status";
import { RequestWithUser } from "../interfaces/user";
import minio, { presignedGetObjectIfExist } from "../services/minio";
import { isSystem } from "../utils/keycloak";
import { fileLocation } from "../utils/minio";
import { deleteFile, fileLocation } from "../utils/minio";
if (!process.env.MINIO_BUCKET) {
throw Error("Require MinIO bucket.");
@ -683,10 +683,7 @@ export class BranchController extends Controller {
throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound");
}
if (
!MANAGE_ROLES.some((v) => req.user.roles?.includes(v)) &&
!record?.user.find((v) => v.userId === req.user.sub)
) {
if (!globalAllow(req.user) && !record?.user.find((v) => v.userId === req.user.sub)) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
@ -703,6 +700,32 @@ export class BranchController extends Controller {
);
}
@Delete("{branchId}/line-image")
async deleteLineImage(@Request() req: RequestWithUser, @Path() branchId: string) {
const record = await prisma.branch.findUnique({
include: {
user: { where: { userId: req.user.sub } },
},
where: {
id: branchId,
},
});
if (!record) {
throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound");
}
if (!globalAllow(req.user) && !record?.user.find((v) => v.userId === req.user.sub)) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
"noPermission",
);
}
await deleteFile(fileLocation.branch.line(branchId));
}
@Get("{branchId}/branch-image")
async getBranchImageByBranchId(@Request() req: RequestWithUser, @Path() branchId: string) {
const url = await presignedGetObjectIfExist(
@ -732,10 +755,7 @@ export class BranchController extends Controller {
throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound");
}
if (
!MANAGE_ROLES.some((v) => req.user.roles?.includes(v)) &&
!record?.user.find((v) => v.userId === req.user.sub)
) {
if (!globalAllow(req.user) && !record?.user.find((v) => v.userId === req.user.sub)) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
@ -752,6 +772,32 @@ export class BranchController extends Controller {
);
}
@Delete("{branchId}/branch-image")
async deleteBranchImage(@Request() req: RequestWithUser, @Path() branchId: string) {
const record = await prisma.branch.findUnique({
include: {
user: { where: { userId: req.user.sub } },
},
where: {
id: branchId,
},
});
if (!record) {
throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound");
}
if (!globalAllow(req.user) && !record?.user.find((v) => v.userId === req.user.sub)) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
"noPermission",
);
}
await deleteFile(fileLocation.branch.image(branchId));
}
@Get("{branchId}/map-image")
async getMapImageByBranchId(@Request() req: RequestWithUser, @Path() branchId: string) {
const url = await presignedGetObjectIfExist(
@ -781,10 +827,7 @@ export class BranchController extends Controller {
throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound");
}
if (
!MANAGE_ROLES.some((v) => req.user.roles?.includes(v)) &&
!record?.user.find((v) => v.userId === req.user.sub)
) {
if (!globalAllow(req.user) && !record?.user.find((v) => v.userId === req.user.sub)) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
@ -801,6 +844,32 @@ export class BranchController extends Controller {
);
}
@Delete("{branchId}/map-image")
async deleteMapImage(@Request() req: RequestWithUser, @Path() branchId: string) {
const record = await prisma.branch.findUnique({
include: {
user: { where: { userId: req.user.sub } },
},
where: {
id: branchId,
},
});
if (!record) {
throw new HttpError(HttpStatus.NOT_FOUND, "Branch cannot be found.", "branchNotFound");
}
if (!globalAllow(req.user) && !record?.user.find((v) => v.userId === req.user.sub)) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
"noPermission",
);
}
await deleteFile(fileLocation.branch.map(branchId));
}
@Get("{branchId}/bank-qr/{bankId}")
async getBankQRByBranchIdAndBankId(
@Request() req: RequestWithUser,
@ -845,10 +914,7 @@ export class BranchController extends Controller {
);
}
if (
!MANAGE_ROLES.some((v) => req.user.roles?.includes(v)) &&
!record?.user.find((v) => v.userId === req.user.sub)
) {
if (!globalAllow(req.user) && !record?.user.find((v) => v.userId === req.user.sub)) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
@ -864,4 +930,39 @@ export class BranchController extends Controller {
),
);
}
@Delete("{branchId}/bank-qr/{bankId}")
async deleteImage(
@Request() req: RequestWithUser,
@Path() branchId: string,
@Path() bankId: string,
) {
const record = await prisma.branch.findUnique({
include: {
user: { where: { userId: req.user.sub } },
},
where: {
id: branchId,
bank: { some: { id: bankId } },
},
});
if (!record) {
throw new HttpError(
HttpStatus.NOT_FOUND,
"Branch Bank cannot be found.",
"branchBankNotFound",
);
}
if (!globalAllow(req.user) && !record?.user.find((v) => v.userId === req.user.sub)) {
throw new HttpError(
HttpStatus.FORBIDDEN,
"You do not have permission to perform this action.",
"noPermission",
);
}
await deleteFile(fileLocation.branch.bank(branchId, bankId));
}
}