@hed-hog/contact 0.0.333 → 0.0.347

package/src/person/person.service.ts

@@ -4,40 +4,40 @@ import { PaginationDTO, PaginationService } from '@hed-hog/api-pagination';
 import { Prisma, PrismaService } from '@hed-hog/api-prisma';
 import { FileService, IntegrationDeveloperApiService, SettingService } from '@hed-hog/core';
 import {
-    BadRequestException,
-    Inject,
-    Injectable,
-    Logger,
-    NotFoundException,
-    forwardRef,
+  BadRequestException,
+  Inject,
+  Injectable,
+  Logger,
+  NotFoundException,
+  forwardRef,
 } from '@nestjs/common';
 import {
-    ACCOUNT_LIFECYCLE_STAGES,
-    type AccountLifecycleStage,
-    type CreateAccountDTO,
-    type UpdateAccountDTO,
+  ACCOUNT_LIFECYCLE_STAGES,
+  type AccountLifecycleStage,
+  type CreateAccountDTO,
+  type UpdateAccountDTO,
 } from './dto/account.dto';
 import {
-    type ActivityListQueryDTO,
-    type CrmActivityPriority,
-    type CrmActivitySourceKind,
-    type CrmActivityStatus,
-    type CrmActivityType,
+  type ActivityListQueryDTO,
+  type CrmActivityPriority,
+  type CrmActivitySourceKind,
+  type CrmActivityStatus,
+  type CrmActivityType,
 } from './dto/activity.dto';
 import { CreateFollowupDTO } from './dto/create-followup.dto';
 import {
-    CreateInteractionDTO,
-    PersonInteractionTypeDTO,
+  CreateInteractionDTO,
+  PersonInteractionTypeDTO,
 } from './dto/create-interaction.dto';
 import { CreateDTO } from './dto/create.dto';
 import {
-    type CrmDashboardPeriod,
-    type DashboardQueryDTO,
+  type CrmDashboardPeriod,
+  type DashboardQueryDTO,
 } from './dto/dashboard-query.dto';
 import { CheckPersonDuplicatesQueryDTO } from './dto/duplicates-query.dto';
 import {
-    FollowupListQueryDTO,
-    FollowupStatsQueryDTO,
+  FollowupListQueryDTO,
+  FollowupStatsQueryDTO,
 } from './dto/followup-query.dto';
 import { CRM_IMPORT_FIELDS } from './dto/import.dto';
 import { MergePersonDTO } from './dto/merge.dto';
@@ -52,6 +52,11 @@ const CONTACT_OWNER_ALLOWED_ROLE_SLUGS = [
   'admin-contact',
   CONTACT_OWNER_ROLE_SLUG,
 ];
+const PERSON_USER_LINKER_ALLOWED_ROLE_SLUGS = [
+  'admin',
+  'admin-contact',
+  'person-user-linker',
+];
 type PersonActivityAction = 'created' | 'updated' | 'interaction_created';
 const EMPLOYER_COMPANY_METADATA_KEY = 'employer_company_id';
 const NOTES_METADATA_KEY = 'notes';
@@ -850,6 +855,32 @@ export class PersonService {
     return Array.from(byId.values());
   }
 
+  private async canLinkPersonUser(userId: number): Promise<boolean> {
+    if (!userId || userId <= 0) {
+      return false;
+    }
+
+    const userWithRole = await this.prismaService.user.findUnique({
+      where: { id: userId },
+      select: {
+        role_user: {
+          select: {
+            role: {
+              select: { slug: true },
+            },
+          },
+        },
+      },
+    });
+
+    if (!userWithRole?.role_user) {
+      return false;
+    }
+
+    const userRoles = userWithRole.role_user.map((r) => r.role.slug);
+    return userRoles.some((role) => PERSON_USER_LINKER_ALLOWED_ROLE_SLUGS.includes(role));
+  }
+
   async getLinkedUserOptions(search?: string) {
     const where: Prisma.userWhereInput = search
       ? { name: { contains: search, mode: 'insensitive' } }
@@ -860,7 +891,6 @@ export class PersonService {
       select: {
         id: true,
         name: true,
-        photo_id: true,
         user_identifier: {
           where: { type: 'email' },
           select: { value: true },
@@ -875,7 +905,6 @@ export class PersonService {
       id: user.id,
       name: user.name || `#${user.id}`,
       email: user.user_identifier[0]?.value || '',
-      photo_id: user.photo_id ?? null,
     }));
   }
 
@@ -2171,7 +2200,7 @@ export class PersonService {
     };
   }
 
-  async create(data: CreateDTO, locale: string) {
+  async create(data: CreateDTO, locale: string, user?: { id?: number; name?: string | null }) {
     const allowCompanyRegistration = await this.isCompanyRegistrationAllowed();
 
     await this.ensureCompanyRegistrationAllowed({
@@ -2179,6 +2208,20 @@ export class PersonService {
       locale,
     });
 
+    // Validate user linking permission
+    if (data.user_id !== undefined && data.user_id !== null) {
+      const canLink = await this.canLinkPersonUser(data.user_id);
+      if (!canLink) {
+        throw new BadRequestException(
+          getLocaleText(
+            'personUserLinkingNotAllowed',
+            locale,
+            'You do not have permission to link a person to a user.',
+          ),
+        );
+      }
+    }
+
     const result = await this.prismaService.$transaction(async (tx) => {
       const person = await tx.person.create({
         data: {
@@ -2226,7 +2269,16 @@ export class PersonService {
     user?: { id?: number; name?: string | null },
   ) {
     const allowCompanyRegistration = await this.isCompanyRegistrationAllowed();
-    const person = await this.prismaService.person.findUnique({ where: { id } });
+    const person = await this.prismaService.person.findUnique({
+      where: { id },
+      include: {
+        person_user: {
+          select: {
+            user_id: true,
+          },
+        },
+      },
+    });
     if (!person) {
       throw new BadRequestException(
         getLocaleText('personNotFound', locale, `Person with ID ${id} not found`),
@@ -2245,6 +2297,23 @@ export class PersonService {
       locale,
     });
 
+    // Validate user linking permission
+    if (data.user_id !== undefined && data.user_id !== person.person_user?.[0]?.user_id) {
+      if (data.user_id !== null) {
+        const canLink = await this.canLinkPersonUser(data.user_id);
+        if (!canLink) {
+          throw new BadRequestException(
+            getLocaleText(
+              'personUserLinkingNotAllowed',
+              locale,
+              'You do not have permission to link a person to a user.',
+            ),
+          );
+        }
+      }
+      // Permitir remover vinculação (null) sem restrição
+    }
+
     const currentLifecycleStage = await this.getPersonLifecycleStage(id);
     const nextLifecycleStage = this.normalizeTextOrNull(data.lifecycle_stage);
     const stageTransitionParams =
@@ -3047,6 +3116,39 @@ export class PersonService {
       ]),
     );
 
+    // Sync: if person has no avatar but has a linked user with a photo, copy it
+    const personsWithoutAvatar = people.filter((p) => !p.avatar_id);
+    const syncedAvatarById = new Map<number, number>();
+    if (personsWithoutAvatar.length > 0) {
+      const idsWithoutAvatar = personsWithoutAvatar.map((p) => p.id);
+      const userLinks = await this.prismaService.person_user.findMany({
+        where: {
+          person_id: { in: idsWithoutAvatar },
+          user: { photo_id: { not: null } },
+        },
+        select: {
+          person_id: true,
+          user: { select: { photo_id: true } },
+        },
+        orderBy: { created_at: 'desc' },
+      });
+      for (const link of userLinks) {
+        if (!syncedAvatarById.has(link.person_id) && link.user?.photo_id) {
+          syncedAvatarById.set(link.person_id, link.user.photo_id);
+        }
+      }
+      if (syncedAvatarById.size > 0) {
+        await Promise.all(
+          Array.from(syncedAvatarById.entries()).map(([personId, photoId]) =>
+            this.prismaService.person.update({
+              where: { id: personId },
+              data: { avatar_id: photoId },
+            }),
+          ),
+        );
+      }
+    }
+
     return people.map((person) => {
       const metadata = this.metadataArrayToMap(person.person_metadata);
       const companyData = companyById.get(person.id);
@@ -3067,7 +3169,7 @@ export class PersonService {
         name: person.name,
         type: person.type,
         status: person.status,
-        avatar_id: person.avatar_id ?? null,
+        avatar_id: syncedAvatarById.get(person.id) ?? person.avatar_id ?? null,
         created_at: person.created_at,
         updated_at: person.updated_at,
         birth_date: individualData?.birth_date ?? null,