jws-backend/src/controllers/03-employee-passport-controller.ts

import {
  Body,
  Controller,
  Delete,
  Get,
  Middlewares,
  Path,
  Post,
  Put,
  Route,
  Security,
  Tags,
} from "tsoa";
import { RequestWithUser } from "../interfaces/user";
import prisma from "../db";
import HttpStatus from "../interfaces/http-status";
import { permissionCheck } from "../middlewares/employee";
import { notFoundError } from "../utils/error";
import { deleteFile, fileLocation } from "../utils/minio";

const MANAGE_ROLES = [
  "system",
  "head_of_admin",
  "admin",
  "head_of_accountant",
  "accountant",
  "head_of_sale",
];

function globalAllow(user: RequestWithUser["user"]) {
  const allowList = ["system", "head_of_admin", "head_of_accountant", "head_of_sale"];
  return allowList.some((v) => user.roles?.includes(v));
}

type EmployeePassportPayload = {
  number: string;
  type: string;
  issueDate: Date;
  expireDate: Date;
  issueCountry: string;
  issuePlace: string;
  previousPassportRef?: string | null;

  workerStatus: string;
  nationality: string;
  namePrefix?: string | null;
  firstName: string;
  firstNameEN: string;
  middleName?: string | null;
  middleNameEN?: string | null;
  lastName: string;
  lastNameEN: string;
  gender: string;
  birthDate: string;
  birthCountry: string;
};

@Route("api/v1/employee/{employeeId}/passport")
@Tags("Employee Passport")
@Middlewares(permissionCheck(globalAllow))
export class EmployeePassportController extends Controller {
  @Get()
  @Security("keycloak")
  async list(@Path() employeeId: string) {
    return prisma.employeePassport.findMany({
      orderBy: { expireDate: "desc" },
      where: { employeeId },
    });
  }

  @Get("{passportId}")
  @Security("keycloak")
  async getById(@Path() employeeId: string, @Path() passportId: string) {
    const record = await prisma.employeePassport.findFirst({
      where: { id: passportId, employeeId },
    });
    if (!record) throw notFoundError("Passport");
    return record;
  }

  @Post()
  @Security("keycloak", MANAGE_ROLES)
  async create(@Path() employeeId: string, @Body() body: EmployeePassportPayload) {
    const record = await prisma.employeePassport.create({
      data: {
        ...body,
        employee: { connect: { id: employeeId } },
      },
    });

    this.setStatus(HttpStatus.CREATED);

    return record;
  }

  @Put("{passportId}")
  @Security("keycloak", MANAGE_ROLES)
  async editById(
    @Path() employeeId: string,
    @Path() passportId: string,
    @Body() body: EmployeePassportPayload,
  ) {
    const work = await prisma.employeePassport.findUnique({
      where: { id: passportId, employeeId },
    });

    if (!work) throw notFoundError("Passport");

    const record = await prisma.employeePassport.update({
      where: { id: passportId, employeeId },
      data: { ...body },
    });

    this.setStatus(HttpStatus.CREATED);

    return record;
  }

  @Delete("{passportId}")
  @Security("keycloak", MANAGE_ROLES)
  async deleteById(@Path() employeeId: string, @Path() passportId: string) {
    const record = await prisma.employeePassport.findFirst({
      where: { id: passportId, employeeId },
    });

    if (!record) throw notFoundError("Passport");

    await deleteFile(fileLocation.employee.passport(employeeId, passportId));

    return await prisma.employeePassport.delete({ where: { id: passportId, employeeId } });
  }
}