hrms-api-org/src/controllers/ApiKeyController.ts

import {
  Controller,
  Post,
  Delete,
  Route,
  Security,
  Tags,
  Body,
  Path,
  Request,
  Response,
  Get,
} from "tsoa";
import { AppDataSource } from "../database/data-source";
import HttpSuccess from "../interfaces/http-success";
import HttpStatusCode from "../interfaces/http-status";
import HttpError from "../interfaces/http-error";
import { CreateApiKey, ApiKey } from "../entities/ApiKey";
import { In } from "typeorm";
import { RequestWithUser } from "../middlewares/user";
import { ApiName } from "../entities/ApiName";
import { ApiHistory } from "../entities/ApiHistory";
@Route("api/v1/org/apiKey")
@Tags("ApiKey")
@Security("bearerAuth")
@Response(
  HttpStatusCode.INTERNAL_SERVER_ERROR,
  "เกิดข้อผิดพลาด ไม่สามารถแสดงรายการได้ กรุณาลองใหม่ในภายหลัง",
)
export class ApiKeyController extends Controller {
  private apiKeyRepository = AppDataSource.getRepository(ApiKey);
  private apiNameRepository = AppDataSource.getRepository(ApiName);
  private apiHistoryRepository = AppDataSource.getRepository(ApiHistory);

  /**
   * API สร้าง Api Key
   *
   * @summary สร้าง Api Key (ADMIN)
   *
   */
  @Post()
  async createApiKey(
    @Body()
    requestBody: CreateApiKey,
    @Request() request: RequestWithUser,
  ) {
    const checkName = await this.apiKeyRepository.findOne({
      where: { name: requestBody.name },
    });
    if (checkName) throw new HttpError(HttpStatusCode.NOT_FOUND, "ชื่อนี้มีอยู่ในระบบแล้ว");

    const apiName = await this.apiNameRepository.find({
      where: { id: In(requestBody.apiId) },
    });
    const apiKey = Object.assign(new ApiKey(), requestBody);
    apiKey.keyApi = require("crypto").randomBytes(64).toString("base64");
    apiKey.apiNames = apiName;
    apiKey.createdUserId = request.user.sub;
    apiKey.createdFullName = request.user.name;
    apiKey.lastUpdateUserId = request.user.sub;
    apiKey.lastUpdateFullName = request.user.name;
    apiKey.createdAt = new Date();
    apiKey.lastUpdatedAt = new Date();
    await this.apiKeyRepository.save(apiKey);
    return new HttpSuccess(apiKey.keyApi);
  }

  /**
   * API ลบ Api Key
   *
   * @summary ลบ Api Key (ADMIN)
   *
   * @param {string} id  Id  Api Key
   */
  @Delete("{id}")
  async deleteApiKey(@Path() id: string, @Request() req: RequestWithUser) {
    const delApiKey = await this.apiKeyRepository.findOne({
      where: { id },
      relations: ["apiHistorys"],
    });
    if (!delApiKey) {
      throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลตำแหน่งนี้");
    }
    await this.apiHistoryRepository.remove(delApiKey.apiHistorys);
    await this.apiKeyRepository.remove(delApiKey);
    return new HttpSuccess();
  }

  /**
   * API รายการ Api Key
   *
   * @summary รายการ Api Key (ADMIN)
   *
   */
  @Get("list")
  async listApiKey() {
    const apiKey = await this.apiKeyRepository.find({
      relations: ["apiNames", "apiHistorys"],
      order: { createdAt: "DESC", apiNames: { createdAt: "DESC" } },
    });
    const data = apiKey.map((_data) => ({
      id: _data.id,
      createdAt: _data.createdAt,
      createdUserId: _data.createdUserId,
      createdFullName: _data.createdFullName,
      name: _data.name,
      apiNames: _data.apiNames.map((x) => ({
        id: x.id,
        name: x.name,
        pathApi: x.pathApi,
        methodApi: x.methodApi,
      })),
      amount: _data.apiHistorys.length,
    }));
    return new HttpSuccess(data);
  }

  /**
   * API รายการ Api Key
   *
   * @summary รายการ Api Key (ADMIN)
   *
   */
  @Get("name")
  async listApiName() {
    const apiName = await this.apiNameRepository.find({
      order: { createdAt: "DESC" },
    });
    return new HttpSuccess(apiName);
  }
}