@intlayer/backend 5.7.2 → 5.7.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (183) hide show
  1. package/dist/cjs/controllers/ai.controller.cjs.map +1 -1
  2. package/dist/cjs/controllers/dictionary.controller.cjs +39 -20
  3. package/dist/cjs/controllers/dictionary.controller.cjs.map +1 -1
  4. package/dist/cjs/controllers/newsletter.controller.cjs +12 -13
  5. package/dist/cjs/controllers/newsletter.controller.cjs.map +1 -1
  6. package/dist/cjs/controllers/organization.controller.cjs +72 -53
  7. package/dist/cjs/controllers/organization.controller.cjs.map +1 -1
  8. package/dist/cjs/controllers/project.controller.cjs +48 -12
  9. package/dist/cjs/controllers/project.controller.cjs.map +1 -1
  10. package/dist/cjs/controllers/projectAccessKey.controller.cjs +30 -6
  11. package/dist/cjs/controllers/projectAccessKey.controller.cjs.map +1 -1
  12. package/dist/cjs/controllers/search.controller.cjs.map +1 -1
  13. package/dist/cjs/controllers/stripe.controller.cjs +15 -3
  14. package/dist/cjs/controllers/stripe.controller.cjs.map +1 -1
  15. package/dist/cjs/controllers/tag.controller.cjs +46 -17
  16. package/dist/cjs/controllers/tag.controller.cjs.map +1 -1
  17. package/dist/cjs/controllers/user.controller.cjs +19 -8
  18. package/dist/cjs/controllers/user.controller.cjs.map +1 -1
  19. package/dist/cjs/emails/OAuthTokenCreatedEmail.cjs +5 -7
  20. package/dist/cjs/emails/OAuthTokenCreatedEmail.cjs.map +1 -1
  21. package/dist/cjs/middlewares/sessionAuth.middleware.cjs.map +1 -1
  22. package/dist/cjs/routes/ai.routes.cjs.map +1 -1
  23. package/dist/cjs/routes/dictionary.routes.cjs.map +1 -1
  24. package/dist/cjs/routes/eventListener.routes.cjs.map +1 -1
  25. package/dist/cjs/routes/newsletter.routes.cjs.map +1 -1
  26. package/dist/cjs/routes/organization.routes.cjs.map +1 -1
  27. package/dist/cjs/routes/project.routes.cjs +3 -12
  28. package/dist/cjs/routes/project.routes.cjs.map +1 -1
  29. package/dist/cjs/routes/search.routes.cjs.map +1 -1
  30. package/dist/cjs/routes/stripe.routes.cjs.map +1 -1
  31. package/dist/cjs/routes/tags.routes.cjs.map +1 -1
  32. package/dist/cjs/routes/user.routes.cjs.map +1 -1
  33. package/dist/cjs/schemas/dictionary.schema.cjs +1 -1
  34. package/dist/cjs/schemas/dictionary.schema.cjs.map +1 -1
  35. package/dist/cjs/schemas/discussion.schema.cjs +1 -1
  36. package/dist/cjs/schemas/discussion.schema.cjs.map +1 -1
  37. package/dist/cjs/schemas/oAuth2.schema.cjs +1 -1
  38. package/dist/cjs/schemas/oAuth2.schema.cjs.map +1 -1
  39. package/dist/cjs/schemas/organization.schema.cjs +1 -1
  40. package/dist/cjs/schemas/organization.schema.cjs.map +1 -1
  41. package/dist/cjs/schemas/plans.schema.cjs +1 -1
  42. package/dist/cjs/schemas/plans.schema.cjs.map +1 -1
  43. package/dist/cjs/schemas/project.schema.cjs +1 -1
  44. package/dist/cjs/schemas/project.schema.cjs.map +1 -1
  45. package/dist/cjs/schemas/session.schema.cjs +1 -1
  46. package/dist/cjs/schemas/session.schema.cjs.map +1 -1
  47. package/dist/cjs/schemas/tag.schema.cjs +6 -1
  48. package/dist/cjs/schemas/tag.schema.cjs.map +1 -1
  49. package/dist/cjs/schemas/user.schema.cjs +1 -1
  50. package/dist/cjs/schemas/user.schema.cjs.map +1 -1
  51. package/dist/cjs/services/dictionary.service.cjs +0 -8
  52. package/dist/cjs/services/dictionary.service.cjs.map +1 -1
  53. package/dist/cjs/services/organization.service.cjs +0 -9
  54. package/dist/cjs/services/organization.service.cjs.map +1 -1
  55. package/dist/cjs/types/organization.types.cjs.map +1 -1
  56. package/dist/cjs/types/project.types.cjs.map +1 -1
  57. package/dist/cjs/types/tag.types.cjs.map +1 -1
  58. package/dist/cjs/utils/AI/askDocQuestion/askDocQuestion.cjs +3 -0
  59. package/dist/cjs/utils/AI/askDocQuestion/askDocQuestion.cjs.map +1 -1
  60. package/dist/cjs/utils/auth/getAuth.cjs +9 -5
  61. package/dist/cjs/utils/auth/getAuth.cjs.map +1 -1
  62. package/dist/cjs/utils/errors/errorCodes.cjs +13 -0
  63. package/dist/cjs/utils/errors/errorCodes.cjs.map +1 -1
  64. package/dist/cjs/utils/mapper/project.cjs +1 -2
  65. package/dist/cjs/utils/mapper/project.cjs.map +1 -1
  66. package/dist/cjs/utils/mapper/session.cjs +37 -0
  67. package/dist/cjs/utils/mapper/session.cjs.map +1 -0
  68. package/dist/cjs/utils/permissions.cjs +133 -38
  69. package/dist/cjs/utils/permissions.cjs.map +1 -1
  70. package/dist/cjs/utils/validation/validateArray.cjs +5 -1
  71. package/dist/cjs/utils/validation/validateArray.cjs.map +1 -1
  72. package/dist/esm/controllers/ai.controller.mjs.map +1 -1
  73. package/dist/esm/controllers/dictionary.controller.mjs +39 -20
  74. package/dist/esm/controllers/dictionary.controller.mjs.map +1 -1
  75. package/dist/esm/controllers/newsletter.controller.mjs +12 -13
  76. package/dist/esm/controllers/newsletter.controller.mjs.map +1 -1
  77. package/dist/esm/controllers/organization.controller.mjs +72 -53
  78. package/dist/esm/controllers/organization.controller.mjs.map +1 -1
  79. package/dist/esm/controllers/project.controller.mjs +48 -12
  80. package/dist/esm/controllers/project.controller.mjs.map +1 -1
  81. package/dist/esm/controllers/projectAccessKey.controller.mjs +31 -7
  82. package/dist/esm/controllers/projectAccessKey.controller.mjs.map +1 -1
  83. package/dist/esm/controllers/search.controller.mjs.map +1 -1
  84. package/dist/esm/controllers/stripe.controller.mjs +15 -3
  85. package/dist/esm/controllers/stripe.controller.mjs.map +1 -1
  86. package/dist/esm/controllers/tag.controller.mjs +46 -17
  87. package/dist/esm/controllers/tag.controller.mjs.map +1 -1
  88. package/dist/esm/controllers/user.controller.mjs +19 -8
  89. package/dist/esm/controllers/user.controller.mjs.map +1 -1
  90. package/dist/esm/emails/OAuthTokenCreatedEmail.mjs +5 -7
  91. package/dist/esm/emails/OAuthTokenCreatedEmail.mjs.map +1 -1
  92. package/dist/esm/middlewares/sessionAuth.middleware.mjs.map +1 -1
  93. package/dist/esm/routes/ai.routes.mjs.map +1 -1
  94. package/dist/esm/routes/dictionary.routes.mjs.map +1 -1
  95. package/dist/esm/routes/eventListener.routes.mjs.map +1 -1
  96. package/dist/esm/routes/newsletter.routes.mjs.map +1 -1
  97. package/dist/esm/routes/organization.routes.mjs.map +1 -1
  98. package/dist/esm/routes/project.routes.mjs +3 -12
  99. package/dist/esm/routes/project.routes.mjs.map +1 -1
  100. package/dist/esm/routes/search.routes.mjs.map +1 -1
  101. package/dist/esm/routes/stripe.routes.mjs.map +1 -1
  102. package/dist/esm/routes/tags.routes.mjs.map +1 -1
  103. package/dist/esm/routes/user.routes.mjs.map +1 -1
  104. package/dist/esm/schemas/dictionary.schema.mjs +1 -1
  105. package/dist/esm/schemas/dictionary.schema.mjs.map +1 -1
  106. package/dist/esm/schemas/discussion.schema.mjs +1 -1
  107. package/dist/esm/schemas/discussion.schema.mjs.map +1 -1
  108. package/dist/esm/schemas/oAuth2.schema.mjs +1 -1
  109. package/dist/esm/schemas/oAuth2.schema.mjs.map +1 -1
  110. package/dist/esm/schemas/organization.schema.mjs +1 -1
  111. package/dist/esm/schemas/organization.schema.mjs.map +1 -1
  112. package/dist/esm/schemas/plans.schema.mjs +1 -1
  113. package/dist/esm/schemas/plans.schema.mjs.map +1 -1
  114. package/dist/esm/schemas/project.schema.mjs +1 -1
  115. package/dist/esm/schemas/project.schema.mjs.map +1 -1
  116. package/dist/esm/schemas/session.schema.mjs +1 -1
  117. package/dist/esm/schemas/session.schema.mjs.map +1 -1
  118. package/dist/esm/schemas/tag.schema.mjs +6 -1
  119. package/dist/esm/schemas/tag.schema.mjs.map +1 -1
  120. package/dist/esm/schemas/user.schema.mjs +1 -1
  121. package/dist/esm/schemas/user.schema.mjs.map +1 -1
  122. package/dist/esm/services/dictionary.service.mjs +0 -7
  123. package/dist/esm/services/dictionary.service.mjs.map +1 -1
  124. package/dist/esm/services/organization.service.mjs +0 -9
  125. package/dist/esm/services/organization.service.mjs.map +1 -1
  126. package/dist/esm/utils/AI/askDocQuestion/askDocQuestion.mjs +3 -0
  127. package/dist/esm/utils/AI/askDocQuestion/askDocQuestion.mjs.map +1 -1
  128. package/dist/esm/utils/auth/getAuth.mjs +9 -5
  129. package/dist/esm/utils/auth/getAuth.mjs.map +1 -1
  130. package/dist/esm/utils/errors/errorCodes.mjs +13 -0
  131. package/dist/esm/utils/errors/errorCodes.mjs.map +1 -1
  132. package/dist/esm/utils/mapper/project.mjs +1 -2
  133. package/dist/esm/utils/mapper/project.mjs.map +1 -1
  134. package/dist/esm/utils/mapper/session.mjs +13 -0
  135. package/dist/esm/utils/mapper/session.mjs.map +1 -0
  136. package/dist/esm/utils/permissions.mjs +133 -38
  137. package/dist/esm/utils/permissions.mjs.map +1 -1
  138. package/dist/esm/utils/validation/validateArray.mjs +5 -1
  139. package/dist/esm/utils/validation/validateArray.mjs.map +1 -1
  140. package/dist/types/controllers/ai.controller.d.ts +10 -9
  141. package/dist/types/controllers/ai.controller.d.ts.map +1 -1
  142. package/dist/types/controllers/dictionary.controller.d.ts +9 -8
  143. package/dist/types/controllers/dictionary.controller.d.ts.map +1 -1
  144. package/dist/types/controllers/newsletter.controller.d.ts +5 -4
  145. package/dist/types/controllers/newsletter.controller.d.ts.map +1 -1
  146. package/dist/types/controllers/organization.controller.d.ts +14 -15
  147. package/dist/types/controllers/organization.controller.d.ts.map +1 -1
  148. package/dist/types/controllers/project.controller.d.ts +10 -9
  149. package/dist/types/controllers/project.controller.d.ts.map +1 -1
  150. package/dist/types/controllers/projectAccessKey.controller.d.ts +5 -4
  151. package/dist/types/controllers/projectAccessKey.controller.d.ts.map +1 -1
  152. package/dist/types/controllers/search.controller.d.ts.map +1 -1
  153. package/dist/types/controllers/stripe.controller.d.ts +9 -5
  154. package/dist/types/controllers/stripe.controller.d.ts.map +1 -1
  155. package/dist/types/controllers/tag.controller.d.ts +6 -5
  156. package/dist/types/controllers/tag.controller.d.ts.map +1 -1
  157. package/dist/types/controllers/user.controller.d.ts +9 -8
  158. package/dist/types/controllers/user.controller.d.ts.map +1 -1
  159. package/dist/types/emails/OAuthTokenCreatedEmail.d.ts.map +1 -1
  160. package/dist/types/middlewares/sessionAuth.middleware.d.ts +2 -0
  161. package/dist/types/middlewares/sessionAuth.middleware.d.ts.map +1 -1
  162. package/dist/types/schemas/tag.schema.d.ts.map +1 -1
  163. package/dist/types/services/dictionary.service.d.ts +0 -1
  164. package/dist/types/services/dictionary.service.d.ts.map +1 -1
  165. package/dist/types/services/organization.service.d.ts.map +1 -1
  166. package/dist/types/types/organization.types.d.ts +1 -3
  167. package/dist/types/types/organization.types.d.ts.map +1 -1
  168. package/dist/types/types/project.types.d.ts +1 -3
  169. package/dist/types/types/project.types.d.ts.map +1 -1
  170. package/dist/types/types/tag.types.d.ts +2 -0
  171. package/dist/types/types/tag.types.d.ts.map +1 -1
  172. package/dist/types/utils/AI/askDocQuestion/askDocQuestion.d.ts.map +1 -1
  173. package/dist/types/utils/auth/getAuth.d.ts +2 -2
  174. package/dist/types/utils/auth/getAuth.d.ts.map +1 -1
  175. package/dist/types/utils/errors/errorCodes.d.ts +13 -0
  176. package/dist/types/utils/errors/errorCodes.d.ts.map +1 -1
  177. package/dist/types/utils/mapper/project.d.ts.map +1 -1
  178. package/dist/types/utils/mapper/session.d.ts +4 -0
  179. package/dist/types/utils/mapper/session.d.ts.map +1 -0
  180. package/dist/types/utils/permissions.d.ts +83 -38
  181. package/dist/types/utils/permissions.d.ts.map +1 -1
  182. package/dist/types/utils/validation/validateArray.d.ts.map +1 -1
  183. package/package.json +10 -10
package/dist/esm/controllers/projectAccessKey.controller.mjs CHANGED
@@ -1,11 +1,12 @@
1
1
  import { sendEmail } from "./../services/email.service.mjs";
2
2
  import * as projectAccessKeyService from "./../services/projectAccessKey.service.mjs";
3
3
  import { ErrorHandler } from "./../utils/errors/index.mjs";
4
- import { hasPermission } from "./../utils/permissions.mjs";
4
+ import { hasPermission, intersectPermissions } from "./../utils/permissions.mjs";
5
5
  import { formatResponse } from "./../utils/responseData.mjs";
6
6
  import { t } from "express-intlayer";
7
7
  const addNewAccessKey = async (req, res, _next) => {
8
- const { user, project, roles } = res.locals;
8
+ const { user, project, roles, permissions } = res.locals;
9
+ const { grants, name, expiresAt } = req.body;
9
10
  if (!project) {
10
11
  ErrorHandler.handleGenericErrorResponse(res, "PROJECT_NOT_DEFINED");
11
12
  return;
@@ -14,13 +15,24 @@ const addNewAccessKey = async (req, res, _next) => {
14
15
  ErrorHandler.handleGenericErrorResponse(res, "USER_NOT_DEFINED");
15
16
  return;
16
17
  }
17
- if (!hasPermission(roles, "project:write")()) {
18
+ if (!hasPermission(
19
+ roles,
20
+ "project:write"
21
+ )({
22
+ ...res.locals,
23
+ targetProjectIds: [project.id]
24
+ })) {
18
25
  ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
19
26
  return;
20
27
  }
28
+ const filteredPermisions = intersectPermissions(permissions, grants);
21
29
  try {
22
30
  const newAccessKey = await projectAccessKeyService.addNewAccessKey(
23
- req.body,
31
+ {
32
+ name,
33
+ expiresAt,
34
+ grants: filteredPermisions
35
+ },
24
36
  project.id,
25
37
  user
26
38
  );
@@ -42,7 +54,7 @@ const addNewAccessKey = async (req, res, _next) => {
42
54
  type: "oAuthTokenCreated",
43
55
  to: user.email,
44
56
  username: user.name,
45
- applicationName: newAccessKey.clientId,
57
+ applicationName: newAccessKey.name ?? newAccessKey.clientId,
46
58
  scopes: newAccessKey.grants,
47
59
  tokenDetailsUrl: `${process.env.CLIENT_URL}/oauth2/token`,
48
60
  securityLogUrl: `${process.env.CLIENT_URL}/security-log`,
@@ -69,7 +81,13 @@ const deleteAccessKey = async (req, res, _next) => {
69
81
  ErrorHandler.handleGenericErrorResponse(res, "CLIENT_ID_NOT_FOUND");
70
82
  return;
71
83
  }
72
- if (!hasPermission(roles, "project:write")()) {
84
+ if (!hasPermission(
85
+ roles,
86
+ "project:write"
87
+ )({
88
+ ...res.locals,
89
+ targetProjectIds: [project.id]
90
+ })) {
73
91
  ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
74
92
  return;
75
93
  }
@@ -117,7 +135,13 @@ const refreshAccessKey = async (req, res, _next) => {
117
135
  if (!clientId) {
118
136
  ErrorHandler.handleGenericErrorResponse(res, "CLIENT_ID_NOT_FOUND");
119
137
  }
120
- if (!hasPermission(roles, "project:write")()) {
138
+ if (!hasPermission(
139
+ roles,
140
+ "project:write"
141
+ )({
142
+ ...res.locals,
143
+ targetProjectIds: [project.id]
144
+ })) {
121
145
  ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
122
146
  return;
123
147
  }
package/dist/esm/controllers/projectAccessKey.controller.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/controllers/projectAccessKey.controller.ts"],"sourcesContent":["import type { AccessKeyData, OAuth2Access } from '@/types/project.types';\nimport { sendEmail } from '@services/email.service';\nimport * as projectAccessKeyService from '@services/projectAccessKey.service';\nimport { type AppError, ErrorHandler } from '@utils/errors';\nimport { hasPermission } from '@utils/permissions';\nimport { type ResponseData, formatResponse } from '@utils/responseData';\nimport type { NextFunction, Request, Response } from 'express';\nimport { t } from 'express-intlayer';\n\nexport type AddNewAccessKeyBody = AccessKeyData;\nexport type AddNewAccessKeyResponse = ResponseData<OAuth2Access>;\n\n/**\n * Adds a new access key to a project.\n */\nexport const addNewAccessKey = async (\n req: Request<AddNewAccessKeyBody>,\n res: Response<AddNewAccessKeyResponse>,\n _next: NextFunction\n): Promise<void> => {\n const { user, project, roles } = res.locals;\n\n if (!project) {\n ErrorHandler.handleGenericErrorResponse(res, 'PROJECT_NOT_DEFINED');\n return;\n }\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!hasPermission(roles, 'project:write')()) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const newAccessKey = await projectAccessKeyService.addNewAccessKey(\n req.body,\n project.id,\n user\n );\n\n const responseData = formatResponse<OAuth2Access>({\n message: t({\n en: 'Access key created successfully',\n es: 'Clave de acceso creada con éxito',\n fr: \"Clé d'accès créée avec succès\",\n }),\n description: t({\n en: 'The access key has been created successfully',\n es: 'La clave de acceso ha sido creada con éxito',\n fr: \"La clé d'accès a été créée avec succès\",\n }),\n data: newAccessKey,\n });\n\n res.json(responseData);\n\n sendEmail({\n type: 'oAuthTokenCreated',\n to: user.email,\n username: user.name,\n applicationName: newAccessKey.clientId,\n scopes: newAccessKey.grants,\n tokenDetailsUrl: `${process.env.CLIENT_URL}/oauth2/token`,\n securityLogUrl: `${process.env.CLIENT_URL}/security-log`,\n supportUrl: `${process.env.CLIENT_URL}/support`,\n });\n\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type DeleteAccessKeyBody = { clientId: string };\nexport type DeleteAccessKeyResponse = ResponseData<null>;\n\n/**\n * Deletes an access key from a project.\n */\nexport const deleteAccessKey = async (\n req: Request,\n res: Response<AddNewAccessKeyResponse>,\n _next: NextFunction\n): Promise<void> => {\n const { user, project, roles } = res.locals;\n const { clientId } = req.body;\n\n if (!project) {\n ErrorHandler.handleGenericErrorResponse(res, 'PROJECT_NOT_DEFINED');\n return;\n }\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!clientId) {\n ErrorHandler.handleGenericErrorResponse(res, 'CLIENT_ID_NOT_FOUND');\n return;\n }\n\n if (!hasPermission(roles, 'project:write')()) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const deletedAccessKey = await projectAccessKeyService.deleteAccessKey(\n clientId,\n project,\n user.id\n );\n\n if (!deletedAccessKey) {\n ErrorHandler.handleGenericErrorResponse(res, 'ACCESS_KEY_NOT_FOUND', {\n clientId,\n });\n return;\n }\n\n const responseData = formatResponse<null>({\n message: t({\n en: 'Access key deleted successfully',\n es: 'Clave de acceso eliminada con éxito',\n fr: \"Clé d'accès supprimée avec succès\",\n }),\n description: t({\n en: 'The access key has been deleted successfully',\n es: 'La clave de acceso ha sido eliminada con éxito',\n fr: \"La clé d'accès a été supprimée avec succès\",\n }),\n data: null,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type RefreshAccessKeyBody = { clientId: string };\nexport type RefreshAccessKeyResponse = ResponseData<OAuth2Access>;\n\n/**\n * Refreshes an access key from a project.\n */\nexport const refreshAccessKey = async (\n req: Request<RefreshAccessKeyBody>,\n res: Response<RefreshAccessKeyResponse>,\n _next: NextFunction\n): Promise<void> => {\n const { user, project, roles } = res.locals;\n const { clientId } = req.body;\n\n if (!project) {\n ErrorHandler.handleGenericErrorResponse(res, 'PROJECT_NOT_DEFINED');\n }\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n }\n\n if (!clientId) {\n ErrorHandler.handleGenericErrorResponse(res, 'CLIENT_ID_NOT_FOUND');\n }\n\n if (!hasPermission(roles, 'project:write')()) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const newAccessKey = await projectAccessKeyService.refreshAccessKey(\n clientId,\n project!.id,\n user!.id\n );\n\n const responseData = formatResponse<OAuth2Access>({\n message: t({\n en: 'Access key refreshed successfully',\n es: 'Clave de acceso actualizada con éxito',\n fr: \"Clé d'accès actualisée avec succès\",\n }),\n description: t({\n en: 'The access key has been refreshed successfully',\n es: 'La clave de acceso ha sido actualizada con éxito',\n fr: \"La clé d'accès a été actualisée avec succès\",\n }),\n data: newAccessKey,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n"],"mappings":"AACA,SAAS,iBAAiB;AAC1B,YAAY,6BAA6B;AACzC,SAAwB,oBAAoB;AAC5C,SAAS,qBAAqB;AAC9B,SAA4B,sBAAsB;AAElD,SAAS,SAAS;AAQX,MAAM,kBAAkB,OAC7B,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,SAAS,MAAM,IAAI,IAAI;AAErC,MAAI,CAAC,SAAS;AACZ,iBAAa,2BAA2B,KAAK,qBAAqB;AAClE;AAAA,EACF;AAEA,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc,OAAO,eAAe,EAAE,GAAG;AAC5C,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,eAAe,MAAM,wBAAwB;AAAA,MACjD,IAAI;AAAA,MACJ,QAAQ;AAAA,MACR;AAAA,IACF;AAEA,UAAM,eAAe,eAA6B;AAAA,MAChD,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AAErB,cAAU;AAAA,MACR,MAAM;AAAA,MACN,IAAI,KAAK;AAAA,MACT,UAAU,KAAK;AAAA,MACf,iBAAiB,aAAa;AAAA,MAC9B,QAAQ,aAAa;AAAA,MACrB,iBAAiB,GAAG,QAAQ,IAAI,UAAU;AAAA,MAC1C,gBAAgB,GAAG,QAAQ,IAAI,UAAU;AAAA,MACzC,YAAY,GAAG,QAAQ,IAAI,UAAU;AAAA,IACvC,CAAC;AAED;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,kBAAkB,OAC7B,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,SAAS,MAAM,IAAI,IAAI;AACrC,QAAM,EAAE,SAAS,IAAI,IAAI;AAEzB,MAAI,CAAC,SAAS;AACZ,iBAAa,2BAA2B,KAAK,qBAAqB;AAClE;AAAA,EACF;AAEA,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,UAAU;AACb,iBAAa,2BAA2B,KAAK,qBAAqB;AAClE;AAAA,EACF;AAEA,MAAI,CAAC,cAAc,OAAO,eAAe,EAAE,GAAG;AAC5C,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,mBAAmB,MAAM,wBAAwB;AAAA,MACrD;AAAA,MACA;AAAA,MACA,KAAK;AAAA,IACP;AAEA,QAAI,CAAC,kBAAkB;AACrB,mBAAa,2BAA2B,KAAK,wBAAwB;AAAA,QACnE;AAAA,MACF,CAAC;AACD;AAAA,IACF;AAEA,UAAM,eAAe,eAAqB;AAAA,MACxC,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,mBAAmB,OAC9B,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,SAAS,MAAM,IAAI,IAAI;AACrC,QAAM,EAAE,SAAS,IAAI,IAAI;AAEzB,MAAI,CAAC,SAAS;AACZ,iBAAa,2BAA2B,KAAK,qBAAqB;AAAA,EACpE;AAEA,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAAA,EACjE;AAEA,MAAI,CAAC,UAAU;AACb,iBAAa,2BAA2B,KAAK,qBAAqB;AAAA,EACpE;AAEA,MAAI,CAAC,cAAc,OAAO,eAAe,EAAE,GAAG;AAC5C,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,eAAe,MAAM,wBAAwB;AAAA,MACjD;AAAA,MACA,QAAS;AAAA,MACT,KAAM;AAAA,IACR;AAEA,UAAM,eAAe,eAA6B;AAAA,MAChD,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;","names":[]}
1
+ {"version":3,"sources":["../../../src/controllers/projectAccessKey.controller.ts"],"sourcesContent":["import type { AccessKeyData, OAuth2Access } from '@/types/project.types';\nimport type { ResponseWithSession } from '@middlewares/sessionAuth.middleware';\nimport { sendEmail } from '@services/email.service';\nimport * as projectAccessKeyService from '@services/projectAccessKey.service';\nimport { type AppError, ErrorHandler } from '@utils/errors';\nimport { hasPermission, intersectPermissions } from '@utils/permissions';\nimport { type ResponseData, formatResponse } from '@utils/responseData';\nimport type { NextFunction, Request } from 'express';\nimport { t } from 'express-intlayer';\n\nexport type AddNewAccessKeyBody = AccessKeyData;\nexport type AddNewAccessKeyResponse = ResponseData<OAuth2Access>;\n\n/**\n * Adds a new access key to a project.\n */\nexport const addNewAccessKey = async (\n req: Request<AddNewAccessKeyBody>,\n res: ResponseWithSession<AddNewAccessKeyResponse>,\n _next: NextFunction\n): Promise<void> => {\n const { user, project, roles, permissions } = res.locals;\n const { grants, name, expiresAt } = req.body;\n\n if (!project) {\n ErrorHandler.handleGenericErrorResponse(res, 'PROJECT_NOT_DEFINED');\n return;\n }\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (\n !hasPermission(\n roles,\n 'project:write'\n )({\n ...res.locals,\n targetProjectIds: [project.id],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n const filteredPermisions = intersectPermissions(permissions, grants);\n\n try {\n const newAccessKey = await projectAccessKeyService.addNewAccessKey(\n {\n name,\n expiresAt,\n grants: filteredPermisions,\n },\n project.id,\n user\n );\n\n const responseData = formatResponse<OAuth2Access>({\n message: t({\n en: 'Access key created successfully',\n es: 'Clave de acceso creada con éxito',\n fr: \"Clé d'accès créée avec succès\",\n }),\n description: t({\n en: 'The access key has been created successfully',\n es: 'La clave de acceso ha sido creada con éxito',\n fr: \"La clé d'accès a été créée avec succès\",\n }),\n data: newAccessKey,\n });\n\n res.json(responseData);\n\n sendEmail({\n type: 'oAuthTokenCreated',\n to: user.email,\n username: user.name,\n applicationName: newAccessKey.name ?? newAccessKey.clientId,\n scopes: newAccessKey.grants,\n tokenDetailsUrl: `${process.env.CLIENT_URL}/oauth2/token`,\n securityLogUrl: `${process.env.CLIENT_URL}/security-log`,\n supportUrl: `${process.env.CLIENT_URL}/support`,\n });\n\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type DeleteAccessKeyBody = { clientId: string };\nexport type DeleteAccessKeyResponse = ResponseData<null>;\n\n/**\n * Deletes an access key from a project.\n */\nexport const deleteAccessKey = async (\n req: Request,\n res: ResponseWithSession<AddNewAccessKeyResponse>,\n _next: NextFunction\n): Promise<void> => {\n const { user, project, roles } = res.locals;\n const { clientId } = req.body;\n\n if (!project) {\n ErrorHandler.handleGenericErrorResponse(res, 'PROJECT_NOT_DEFINED');\n return;\n }\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!clientId) {\n ErrorHandler.handleGenericErrorResponse(res, 'CLIENT_ID_NOT_FOUND');\n return;\n }\n\n if (\n !hasPermission(\n roles,\n 'project:write'\n )({\n ...res.locals,\n targetProjectIds: [project.id],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const deletedAccessKey = await projectAccessKeyService.deleteAccessKey(\n clientId,\n project,\n user.id\n );\n\n if (!deletedAccessKey) {\n ErrorHandler.handleGenericErrorResponse(res, 'ACCESS_KEY_NOT_FOUND', {\n clientId,\n });\n return;\n }\n\n const responseData = formatResponse<null>({\n message: t({\n en: 'Access key deleted successfully',\n es: 'Clave de acceso eliminada con éxito',\n fr: \"Clé d'accès supprimée avec succès\",\n }),\n description: t({\n en: 'The access key has been deleted successfully',\n es: 'La clave de acceso ha sido eliminada con éxito',\n fr: \"La clé d'accès a été supprimée avec succès\",\n }),\n data: null,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type RefreshAccessKeyBody = { clientId: string };\nexport type RefreshAccessKeyResponse = ResponseData<OAuth2Access>;\n\n/**\n * Refreshes an access key from a project.\n */\nexport const refreshAccessKey = async (\n req: Request<RefreshAccessKeyBody>,\n res: ResponseWithSession<RefreshAccessKeyResponse>,\n _next: NextFunction\n): Promise<void> => {\n const { user, project, roles } = res.locals;\n const { clientId } = req.body;\n\n if (!project) {\n ErrorHandler.handleGenericErrorResponse(res, 'PROJECT_NOT_DEFINED');\n }\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n }\n\n if (!clientId) {\n ErrorHandler.handleGenericErrorResponse(res, 'CLIENT_ID_NOT_FOUND');\n }\n\n if (\n !hasPermission(\n roles,\n 'project:write'\n )({\n ...res.locals,\n targetProjectIds: [project!.id],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const newAccessKey = await projectAccessKeyService.refreshAccessKey(\n clientId,\n project!.id,\n user!.id\n );\n\n const responseData = formatResponse<OAuth2Access>({\n message: t({\n en: 'Access key refreshed successfully',\n es: 'Clave de acceso actualizada con éxito',\n fr: \"Clé d'accès actualisée avec succès\",\n }),\n description: t({\n en: 'The access key has been refreshed successfully',\n es: 'La clave de acceso ha sido actualizada con éxito',\n fr: \"La clé d'accès a été actualisée avec succès\",\n }),\n data: newAccessKey,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n"],"mappings":"AAEA,SAAS,iBAAiB;AAC1B,YAAY,6BAA6B;AACzC,SAAwB,oBAAoB;AAC5C,SAAS,eAAe,4BAA4B;AACpD,SAA4B,sBAAsB;AAElD,SAAS,SAAS;AAQX,MAAM,kBAAkB,OAC7B,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,SAAS,OAAO,YAAY,IAAI,IAAI;AAClD,QAAM,EAAE,QAAQ,MAAM,UAAU,IAAI,IAAI;AAExC,MAAI,CAAC,SAAS;AACZ,iBAAa,2BAA2B,KAAK,qBAAqB;AAClE;AAAA,EACF;AAEA,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MACE,CAAC;AAAA,IACC;AAAA,IACA;AAAA,EACF,EAAE;AAAA,IACA,GAAG,IAAI;AAAA,IACP,kBAAkB,CAAC,QAAQ,EAAE;AAAA,EAC/B,CAAC,GACD;AACA,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,QAAM,qBAAqB,qBAAqB,aAAa,MAAM;AAEnE,MAAI;AACF,UAAM,eAAe,MAAM,wBAAwB;AAAA,MACjD;AAAA,QACE;AAAA,QACA;AAAA,QACA,QAAQ;AAAA,MACV;AAAA,MACA,QAAQ;AAAA,MACR;AAAA,IACF;AAEA,UAAM,eAAe,eAA6B;AAAA,MAChD,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AAErB,cAAU;AAAA,MACR,MAAM;AAAA,MACN,IAAI,KAAK;AAAA,MACT,UAAU,KAAK;AAAA,MACf,iBAAiB,aAAa,QAAQ,aAAa;AAAA,MACnD,QAAQ,aAAa;AAAA,MACrB,iBAAiB,GAAG,QAAQ,IAAI,UAAU;AAAA,MAC1C,gBAAgB,GAAG,QAAQ,IAAI,UAAU;AAAA,MACzC,YAAY,GAAG,QAAQ,IAAI,UAAU;AAAA,IACvC,CAAC;AAED;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,kBAAkB,OAC7B,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,SAAS,MAAM,IAAI,IAAI;AACrC,QAAM,EAAE,SAAS,IAAI,IAAI;AAEzB,MAAI,CAAC,SAAS;AACZ,iBAAa,2BAA2B,KAAK,qBAAqB;AAClE;AAAA,EACF;AAEA,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,UAAU;AACb,iBAAa,2BAA2B,KAAK,qBAAqB;AAClE;AAAA,EACF;AAEA,MACE,CAAC;AAAA,IACC;AAAA,IACA;AAAA,EACF,EAAE;AAAA,IACA,GAAG,IAAI;AAAA,IACP,kBAAkB,CAAC,QAAQ,EAAE;AAAA,EAC/B,CAAC,GACD;AACA,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,mBAAmB,MAAM,wBAAwB;AAAA,MACrD;AAAA,MACA;AAAA,MACA,KAAK;AAAA,IACP;AAEA,QAAI,CAAC,kBAAkB;AACrB,mBAAa,2BAA2B,KAAK,wBAAwB;AAAA,QACnE;AAAA,MACF,CAAC;AACD;AAAA,IACF;AAEA,UAAM,eAAe,eAAqB;AAAA,MACxC,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,mBAAmB,OAC9B,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,SAAS,MAAM,IAAI,IAAI;AACrC,QAAM,EAAE,SAAS,IAAI,IAAI;AAEzB,MAAI,CAAC,SAAS;AACZ,iBAAa,2BAA2B,KAAK,qBAAqB;AAAA,EACpE;AAEA,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAAA,EACjE;AAEA,MAAI,CAAC,UAAU;AACb,iBAAa,2BAA2B,KAAK,qBAAqB;AAAA,EACpE;AAEA,MACE,CAAC;AAAA,IACC;AAAA,IACA;AAAA,EACF,EAAE;AAAA,IACA,GAAG,IAAI;AAAA,IACP,kBAAkB,CAAC,QAAS,EAAE;AAAA,EAChC,CAAC,GACD;AACA,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,eAAe,MAAM,wBAAwB;AAAA,MACjD;AAAA,MACA,QAAS;AAAA,MACT,KAAM;AAAA,IACR;AAEA,UAAM,eAAe,eAA6B;AAAA,MAChD,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;","names":[]}
package/dist/esm/controllers/search.controller.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/controllers/search.controller.ts"],"sourcesContent":["import * as askDocQuestionUtil from '@utils/AI/askDocQuestion/askDocQuestion';\n\nimport { formatResponse, type ResponseData } from '@utils/responseData';\nimport type { Request, Response } from 'express';\n\nexport type SearchDocUtilParams = {\n input: string;\n};\nexport type SearchDocUtilResult = ResponseData<string[]>;\n\nexport const searchDocUtil = async (\n req: Request<unknown, unknown, unknown, SearchDocUtilParams>,\n res: Response<SearchDocUtilResult>\n) => {\n const { input } = req.query;\n\n const response = await askDocQuestionUtil.searchChunkReference(\n input,\n 30,\n 0.2\n );\n const docFileList = response.map((doc) => doc.fileKey);\n\n const uniqueDocFileList = Array.from(new Set(docFileList));\n\n const responseData = formatResponse<string[]>({\n data: uniqueDocFileList,\n });\n\n res.json(responseData);\n};\n"],"mappings":"AAAA,YAAY,wBAAwB;AAEpC,SAAS,sBAAyC;AAQ3C,MAAM,gBAAgB,OAC3B,KACA,QACG;AACH,QAAM,EAAE,MAAM,IAAI,IAAI;AAEtB,QAAM,WAAW,MAAM,mBAAmB;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACA,QAAM,cAAc,SAAS,IAAI,CAAC,QAAQ,IAAI,OAAO;AAErD,QAAM,oBAAoB,MAAM,KAAK,IAAI,IAAI,WAAW,CAAC;AAEzD,QAAM,eAAe,eAAyB;AAAA,IAC5C,MAAM;AAAA,EACR,CAAC;AAED,MAAI,KAAK,YAAY;AACvB;","names":[]}
1
+ {"version":3,"sources":["../../../src/controllers/search.controller.ts"],"sourcesContent":["import * as askDocQuestionUtil from '@utils/AI/askDocQuestion/askDocQuestion';\nimport { formatResponse, type ResponseData } from '@utils/responseData';\nimport type { Request, Response } from 'express';\n\nexport type SearchDocUtilParams = {\n input: string;\n};\nexport type SearchDocUtilResult = ResponseData<string[]>;\n\nexport const searchDocUtil = async (\n req: Request<unknown, unknown, unknown, SearchDocUtilParams>,\n res: Response<SearchDocUtilResult>\n) => {\n const { input } = req.query;\n\n const response = await askDocQuestionUtil.searchChunkReference(\n input,\n 30,\n 0.2\n );\n const docFileList = response.map((doc) => doc.fileKey);\n\n const uniqueDocFileList = Array.from(new Set(docFileList));\n\n const responseData = formatResponse<string[]>({\n data: uniqueDocFileList,\n });\n\n res.json(responseData);\n};\n"],"mappings":"AAAA,YAAY,wBAAwB;AACpC,SAAS,sBAAyC;AAQ3C,MAAM,gBAAgB,OAC3B,KACA,QACG;AACH,QAAM,EAAE,MAAM,IAAI,IAAI;AAEtB,QAAM,WAAW,MAAM,mBAAmB;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACA,QAAM,cAAc,SAAS,IAAI,CAAC,QAAQ,IAAI,OAAO;AAErD,QAAM,oBAAoB,MAAM,KAAK,IAAI,IAAI,WAAW,CAAC;AAEzD,QAAM,eAAe,eAAyB;AAAA,IAC5C,MAAM;AAAA,EACR,CAAC;AAED,MAAI,KAAK,YAAY;AACvB;","names":[]}
package/dist/esm/controllers/stripe.controller.mjs CHANGED
@@ -55,8 +55,7 @@ const getSubscription = async (req, res) => {
55
55
  // Associate the subscription with the customer
56
56
  items: [{ price: priceId }],
57
57
  // Set the price ID for the subscription
58
- expand: ["latest_invoice.payment_intent"],
59
- // Expand to get payment intent details
58
+ expand: ["latest_invoice.confirmation_secret"],
60
59
  payment_settings: {
61
60
  payment_method_types: ["card"]
62
61
  // Specify payment method types
@@ -77,8 +76,21 @@ const getSubscription = async (req, res) => {
77
76
  );
78
77
  return;
79
78
  }
79
+ const clientSecret = subscription.latest_invoice?.confirmation_secret?.client_secret;
80
+ if (!clientSecret) {
81
+ ErrorHandler.handleGenericErrorResponse(
82
+ res,
83
+ "SUBSCRIPTION_CREATION_FAILED",
84
+ {
85
+ user,
86
+ organization,
87
+ priceId
88
+ }
89
+ );
90
+ return;
91
+ }
80
92
  const responseData = formatResponse({
81
- data: subscription
93
+ data: { subscription, clientSecret }
82
94
  });
83
95
  res.json(responseData);
84
96
  return;
package/dist/esm/controllers/stripe.controller.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/controllers/stripe.controller.ts"],"sourcesContent":["import type { Organization } from '@/types/organization.types';\nimport * as emailService from '@services/email.service';\nimport * as subscriptionService from '@services/subscription.service';\nimport { type AppError, ErrorHandler } from '@utils/errors';\nimport { retrievePlanInformation } from '@utils/plan';\nimport { type ResponseData, formatResponse } from '@utils/responseData';\nimport type { Request, Response } from 'express';\nimport { t } from 'express-intlayer';\nimport type { Locales } from 'intlayer';\nimport { Stripe } from 'stripe';\n\nexport type GetPricingBody = {\n priceIds: string[];\n promoCode?: string;\n};\n\nexport type GetPricingResult = ResponseData<subscriptionService.PricingResult>;\n\n/**\n * Simulate pricing for a given set of prices and a promotion code.\n *\n * @param req - The request object containing the price IDs and promotion code.\n * @param res - The response object to send the simulated pricing result.\n */\nexport const getPricing = async (\n req: Request<undefined, undefined, GetPricingBody>,\n res: Response<GetPricingResult>\n) => {\n const { priceIds, promoCode } = req.body;\n\n const pricingResult = await subscriptionService.getPricing(\n priceIds,\n promoCode\n );\n\n const formattedPricingResult =\n formatResponse<subscriptionService.PricingResult>({\n data: pricingResult,\n });\n\n res.status(200).json(formattedPricingResult);\n};\n\nexport type GetCheckoutSessionBody = {\n priceId: string;\n promoCode?: string;\n};\n\nexport type GetCheckoutSessionResult = ResponseData<\n Stripe.Response<Stripe.Subscription>\n>;\n\n/**\n * Handles subscription creation or update with Stripe and returns a ClientSecret.\n * @param req - Express request object.\n * @param res - Express response object.\n */\nexport const getSubscription = async (\n req: Request<undefined, undefined, GetCheckoutSessionBody>,\n res: Response<GetCheckoutSessionResult>\n): Promise<void> => {\n try {\n const stripe = new Stripe(process.env.STRIPE_SECRET_KEY!);\n\n // Extract organization and user from response locals (set by authentication middleware)\n const { organization, user } = res.locals;\n // Get the price ID (Stripe Price ID) from the request body\n const { priceId, promoCode } = req.body;\n\n // Validate that the organization exists\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_FOUND');\n return;\n }\n\n // Validate that the user exists\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_FOUND');\n return;\n }\n\n const { period, type } = retrievePlanInformation(priceId);\n\n if (\n organization.plan?.subscriptionId &&\n organization.plan?.type === type &&\n organization.plan?.period === period &&\n organization.plan?.status === 'active'\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'ALREADY_SUBSCRIBED', {\n organizationId: organization.id,\n });\n return;\n }\n\n // Attempt to retrieve the Stripe customer ID from the organization's plan\n let customerId = organization.plan?.customerId;\n\n if (!customerId) {\n // If no customer ID exists, create a new Stripe customer for the organization\n const customer = await stripe.customers.create({\n metadata: {\n organizationId: String(organization.id),\n userId: String(user.id),\n // Include the locale for potential localization\n locale: (res.locals as unknown as { locale: Locales }).locale,\n },\n });\n customerId = customer.id;\n }\n\n const promoCodeId = promoCode\n ? await subscriptionService.getCouponId(promoCode)\n : null;\n\n const discounts: Stripe.SubscriptionCreateParams.Discount[] = promoCodeId\n ? [{ coupon: promoCodeId }]\n : [];\n\n // If no subscription exists, create a new one\n const subscription = await stripe.subscriptions.create({\n customer: customerId, // Associate the subscription with the customer\n items: [{ price: priceId }], // Set the price ID for the subscription\n expand: ['latest_invoice.payment_intent'], // Expand to get payment intent details\n payment_settings: {\n payment_method_types: ['card'], // Specify payment method types\n },\n payment_behavior: 'default_incomplete', // Create the subscription in an incomplete state until payment is confirmed\n discounts: discounts,\n });\n\n // Handle subscription creation failure\n if (!subscription) {\n ErrorHandler.handleGenericErrorResponse(\n res,\n 'SUBSCRIPTION_CREATION_FAILED',\n {\n user,\n organization,\n priceId,\n }\n );\n return;\n }\n\n // Prepare the response data with subscription details\n const responseData = formatResponse<Stripe.Response<Stripe.Subscription>>({\n data: subscription,\n });\n\n // Send the response back to the client\n res.json(responseData);\n\n return;\n } catch (error) {\n // Handle any errors that occur during the process\n\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\ntype CancelSubscriptionData = Organization['plan'];\n\ntype CancelSubscriptionResult = ResponseData<CancelSubscriptionData>;\n\n/**\n * Cancels a subscription for an organization.\n * @param _req - Express request object.\n * @param res - Express response object.\n */\nexport const cancelSubscription = async (\n _req: Request,\n res: Response<CancelSubscriptionResult>\n): Promise<void> => {\n const stripe = new Stripe(process.env.STRIPE_SECRET_KEY!);\n\n try {\n // Extract the organization and user from the response locals\n // These are typically set by authentication middleware earlier in the request pipeline\n const { organization, user } = res.locals;\n\n // Validate that the organization exists\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_FOUND');\n return;\n }\n\n // Validate that the user exists\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_FOUND');\n return;\n }\n\n // Check if the organization has an active subscription to cancel\n if (!organization.plan?.subscriptionId) {\n ErrorHandler.handleGenericErrorResponse(\n res,\n 'ORGANIZATION_PLAN_NOT_FOUND'\n );\n return;\n }\n\n // Cancel the subscription on Stripe immediately using the subscription ID\n await stripe.subscriptions.cancel(organization.plan.subscriptionId);\n\n // Update the organization's plan in the database to reflect the cancellation\n const plan = await subscriptionService.cancelSubscription(\n organization.plan.subscriptionId,\n String(organization.id)\n );\n\n // If the plan could not be updated in the database, handle the error\n if (!plan) {\n ErrorHandler.handleGenericErrorResponse(\n res,\n 'ORGANIZATION_PLAN_NOT_FOUND'\n );\n return;\n }\n\n // Prepare a formatted response with a success message and the updated plan data\n const formattedPlan = formatResponse<CancelSubscriptionData>({\n message: t({\n en: 'Subscription cancelled successfully',\n fr: 'Souscription annulée avec succès',\n es: 'Suscripción cancelada con éxito',\n }),\n description: t({\n en: 'Your subscription has been cancelled successfully',\n fr: 'Votre souscription a été annulée avec succès',\n es: 'Su suscripción ha sido cancelada con éxito',\n }),\n data: plan!,\n });\n\n // Send the response back to the client\n res.json(formattedPlan);\n\n await emailService.sendEmail({\n type: 'subscriptionPaymentCancellation',\n to: user.email,\n email: user.email,\n cancellationDate: new Date().toLocaleDateString(),\n reactivateLink: `${process.env.CLIENT_URL}/pricing`,\n username: user.name,\n organizationName: organization.name,\n planName: plan.type,\n });\n } catch (error) {\n // Handle any errors that occur during the cancellation process\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n }\n};\n"],"mappings":"AACA,YAAY,kBAAkB;AAC9B,YAAY,yBAAyB;AACrC,SAAwB,oBAAoB;AAC5C,SAAS,+BAA+B;AACxC,SAA4B,sBAAsB;AAElD,SAAS,SAAS;AAElB,SAAS,cAAc;AAehB,MAAM,aAAa,OACxB,KACA,QACG;AACH,QAAM,EAAE,UAAU,UAAU,IAAI,IAAI;AAEpC,QAAM,gBAAgB,MAAM,oBAAoB;AAAA,IAC9C;AAAA,IACA;AAAA,EACF;AAEA,QAAM,yBACJ,eAAkD;AAAA,IAChD,MAAM;AAAA,EACR,CAAC;AAEH,MAAI,OAAO,GAAG,EAAE,KAAK,sBAAsB;AAC7C;AAgBO,MAAM,kBAAkB,OAC7B,KACA,QACkB;AAClB,MAAI;AACF,UAAM,SAAS,IAAI,OAAO,QAAQ,IAAI,iBAAkB;AAGxD,UAAM,EAAE,cAAc,KAAK,IAAI,IAAI;AAEnC,UAAM,EAAE,SAAS,UAAU,IAAI,IAAI;AAGnC,QAAI,CAAC,cAAc;AACjB,mBAAa,2BAA2B,KAAK,wBAAwB;AACrE;AAAA,IACF;AAGA,QAAI,CAAC,MAAM;AACT,mBAAa,2BAA2B,KAAK,gBAAgB;AAC7D;AAAA,IACF;AAEA,UAAM,EAAE,QAAQ,KAAK,IAAI,wBAAwB,OAAO;AAExD,QACE,aAAa,MAAM,kBACnB,aAAa,MAAM,SAAS,QAC5B,aAAa,MAAM,WAAW,UAC9B,aAAa,MAAM,WAAW,UAC9B;AACA,mBAAa,2BAA2B,KAAK,sBAAsB;AAAA,QACjE,gBAAgB,aAAa;AAAA,MAC/B,CAAC;AACD;AAAA,IACF;AAGA,QAAI,aAAa,aAAa,MAAM;AAEpC,QAAI,CAAC,YAAY;AAEf,YAAM,WAAW,MAAM,OAAO,UAAU,OAAO;AAAA,QAC7C,UAAU;AAAA,UACR,gBAAgB,OAAO,aAAa,EAAE;AAAA,UACtC,QAAQ,OAAO,KAAK,EAAE;AAAA;AAAA,UAEtB,QAAS,IAAI,OAA0C;AAAA,QACzD;AAAA,MACF,CAAC;AACD,mBAAa,SAAS;AAAA,IACxB;AAEA,UAAM,cAAc,YAChB,MAAM,oBAAoB,YAAY,SAAS,IAC/C;AAEJ,UAAM,YAAwD,cAC1D,CAAC,EAAE,QAAQ,YAAY,CAAC,IACxB,CAAC;AAGL,UAAM,eAAe,MAAM,OAAO,cAAc,OAAO;AAAA,MACrD,UAAU;AAAA;AAAA,MACV,OAAO,CAAC,EAAE,OAAO,QAAQ,CAAC;AAAA;AAAA,MAC1B,QAAQ,CAAC,+BAA+B;AAAA;AAAA,MACxC,kBAAkB;AAAA,QAChB,sBAAsB,CAAC,MAAM;AAAA;AAAA,MAC/B;AAAA,MACA,kBAAkB;AAAA;AAAA,MAClB;AAAA,IACF,CAAC;AAGD,QAAI,CAAC,cAAc;AACjB,mBAAa;AAAA,QACX;AAAA,QACA;AAAA,QACA;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,QACF;AAAA,MACF;AACA;AAAA,IACF;AAGA,UAAM,eAAe,eAAqD;AAAA,MACxE,MAAM;AAAA,IACR,CAAC;AAGD,QAAI,KAAK,YAAY;AAErB;AAAA,EACF,SAAS,OAAO;AAGd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAWO,MAAM,qBAAqB,OAChC,MACA,QACkB;AAClB,QAAM,SAAS,IAAI,OAAO,QAAQ,IAAI,iBAAkB;AAExD,MAAI;AAGF,UAAM,EAAE,cAAc,KAAK,IAAI,IAAI;AAGnC,QAAI,CAAC,cAAc;AACjB,mBAAa,2BAA2B,KAAK,wBAAwB;AACrE;AAAA,IACF;AAGA,QAAI,CAAC,MAAM;AACT,mBAAa,2BAA2B,KAAK,gBAAgB;AAC7D;AAAA,IACF;AAGA,QAAI,CAAC,aAAa,MAAM,gBAAgB;AACtC,mBAAa;AAAA,QACX;AAAA,QACA;AAAA,MACF;AACA;AAAA,IACF;AAGA,UAAM,OAAO,cAAc,OAAO,aAAa,KAAK,cAAc;AAGlE,UAAM,OAAO,MAAM,oBAAoB;AAAA,MACrC,aAAa,KAAK;AAAA,MAClB,OAAO,aAAa,EAAE;AAAA,IACxB;AAGA,QAAI,CAAC,MAAM;AACT,mBAAa;AAAA,QACX;AAAA,QACA;AAAA,MACF;AACA;AAAA,IACF;AAGA,UAAM,gBAAgB,eAAuC;AAAA,MAC3D,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAGD,QAAI,KAAK,aAAa;AAEtB,UAAM,aAAa,UAAU;AAAA,MAC3B,MAAM;AAAA,MACN,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,mBAAkB,oBAAI,KAAK,GAAE,mBAAmB;AAAA,MAChD,gBAAgB,GAAG,QAAQ,IAAI,UAAU;AAAA,MACzC,UAAU,KAAK;AAAA,MACf,kBAAkB,aAAa;AAAA,MAC/B,UAAU,KAAK;AAAA,IACjB,CAAC;AAAA,EACH,SAAS,OAAO;AAEd,iBAAa,uBAAuB,KAAK,KAAiB;AAAA,EAC5D;AACF;","names":[]}
1
+ {"version":3,"sources":["../../../src/controllers/stripe.controller.ts"],"sourcesContent":["import type { Organization } from '@/types/organization.types';\nimport type { ResponseWithSession } from '@middlewares/sessionAuth.middleware';\nimport * as emailService from '@services/email.service';\nimport * as subscriptionService from '@services/subscription.service';\nimport { type AppError, ErrorHandler } from '@utils/errors';\nimport { retrievePlanInformation } from '@utils/plan';\nimport { type ResponseData, formatResponse } from '@utils/responseData';\nimport type { Request } from 'express';\nimport { t } from 'express-intlayer';\nimport type { Locales } from 'intlayer';\nimport { Stripe } from 'stripe';\n\nexport type GetPricingBody = {\n priceIds: string[];\n promoCode?: string;\n};\n\nexport type GetPricingResult = ResponseData<subscriptionService.PricingResult>;\n\n/**\n * Simulate pricing for a given set of prices and a promotion code.\n *\n * @param req - The request object containing the price IDs and promotion code.\n * @param res - The response object to send the simulated pricing result.\n */\nexport const getPricing = async (\n req: Request<undefined, undefined, GetPricingBody>,\n res: ResponseWithSession<GetPricingResult>\n) => {\n const { priceIds, promoCode } = req.body;\n\n const pricingResult = await subscriptionService.getPricing(\n priceIds,\n promoCode\n );\n\n const formattedPricingResult =\n formatResponse<subscriptionService.PricingResult>({\n data: pricingResult,\n });\n\n res.status(200).json(formattedPricingResult);\n};\n\nexport type GetCheckoutSessionBody = {\n priceId: string;\n promoCode?: string;\n};\n\nexport type GetCheckoutSessionResult = ResponseData<{\n subscription: Stripe.Response<Stripe.Subscription>;\n clientSecret: string;\n}>;\n\n/**\n * Handles subscription creation or update with Stripe and returns a ClientSecret.\n * @param req - Express request object.\n * @param res - Express response object.\n */\nexport const getSubscription = async (\n req: Request<undefined, undefined, GetCheckoutSessionBody>,\n res: ResponseWithSession<GetCheckoutSessionResult>\n): Promise<void> => {\n try {\n const stripe = new Stripe(process.env.STRIPE_SECRET_KEY!);\n\n // Extract organization and user from response locals (set by authentication middleware)\n const { organization, user } = res.locals;\n // Get the price ID (Stripe Price ID) from the request body\n const { priceId, promoCode } = req.body;\n\n // Validate that the organization exists\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_FOUND');\n return;\n }\n\n // Validate that the user exists\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_FOUND');\n return;\n }\n\n const { period, type } = retrievePlanInformation(priceId);\n\n if (\n organization.plan?.subscriptionId &&\n organization.plan?.type === type &&\n organization.plan?.period === period &&\n organization.plan?.status === 'active'\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'ALREADY_SUBSCRIBED', {\n organizationId: organization.id,\n });\n return;\n }\n\n // Attempt to retrieve the Stripe customer ID from the organization's plan\n let customerId = organization.plan?.customerId;\n\n if (!customerId) {\n // If no customer ID exists, create a new Stripe customer for the organization\n const customer = await stripe.customers.create({\n metadata: {\n organizationId: String(organization.id),\n userId: String(user.id),\n // Include the locale for potential localization\n locale: (res.locals as unknown as { locale: Locales }).locale,\n },\n });\n customerId = customer.id;\n }\n\n const promoCodeId = promoCode\n ? await subscriptionService.getCouponId(promoCode)\n : null;\n\n const discounts: Stripe.SubscriptionCreateParams.Discount[] = promoCodeId\n ? [{ coupon: promoCodeId }]\n : [];\n\n // If no subscription exists, create a new one\n const subscription = await stripe.subscriptions.create({\n customer: customerId, // Associate the subscription with the customer\n items: [{ price: priceId }], // Set the price ID for the subscription\n expand: ['latest_invoice.confirmation_secret'],\n payment_settings: {\n payment_method_types: ['card'], // Specify payment method types\n },\n payment_behavior: 'default_incomplete', // Create the subscription in an incomplete state until payment is confirmed\n discounts,\n });\n\n // Handle subscription creation failure\n if (!subscription) {\n ErrorHandler.handleGenericErrorResponse(\n res,\n 'SUBSCRIPTION_CREATION_FAILED',\n {\n user,\n organization,\n priceId,\n }\n );\n return;\n }\n\n const clientSecret = (\n subscription.latest_invoice as Stripe.Invoice & {\n confirmation_secret?: { client_secret: string };\n }\n )?.confirmation_secret?.client_secret;\n\n // Handle subscription creation failure\n if (!clientSecret) {\n ErrorHandler.handleGenericErrorResponse(\n res,\n 'SUBSCRIPTION_CREATION_FAILED',\n {\n user,\n organization,\n priceId,\n }\n );\n return;\n }\n\n // Prepare the response data with subscription details\n const responseData = formatResponse<GetCheckoutSessionResult['data']>({\n data: { subscription, clientSecret },\n });\n\n // Send the response back to the client\n res.json(responseData);\n\n return;\n } catch (error) {\n // Handle any errors that occur during the process\n\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\ntype CancelSubscriptionData = Organization['plan'];\n\ntype CancelSubscriptionResult = ResponseData<CancelSubscriptionData>;\n\n/**\n * Cancels a subscription for an organization.\n * @param _req - Express request object.\n * @param res - Express response object.\n */\nexport const cancelSubscription = async (\n _req: Request,\n res: ResponseWithSession<CancelSubscriptionResult>\n): Promise<void> => {\n const stripe = new Stripe(process.env.STRIPE_SECRET_KEY!);\n\n try {\n // Extract the organization and user from the response locals\n // These are typically set by authentication middleware earlier in the request pipeline\n const { organization, user } = res.locals;\n\n // Validate that the organization exists\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_FOUND');\n return;\n }\n\n // Validate that the user exists\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_FOUND');\n return;\n }\n\n // Check if the organization has an active subscription to cancel\n if (!organization.plan?.subscriptionId) {\n ErrorHandler.handleGenericErrorResponse(\n res,\n 'ORGANIZATION_PLAN_NOT_FOUND'\n );\n return;\n }\n\n // Cancel the subscription on Stripe immediately using the subscription ID\n await stripe.subscriptions.cancel(organization.plan.subscriptionId);\n\n // Update the organization's plan in the database to reflect the cancellation\n const plan = await subscriptionService.cancelSubscription(\n organization.plan.subscriptionId,\n String(organization.id)\n );\n\n // If the plan could not be updated in the database, handle the error\n if (!plan) {\n ErrorHandler.handleGenericErrorResponse(\n res,\n 'ORGANIZATION_PLAN_NOT_FOUND'\n );\n return;\n }\n\n // Prepare a formatted response with a success message and the updated plan data\n const formattedPlan = formatResponse<CancelSubscriptionData>({\n message: t({\n en: 'Subscription cancelled successfully',\n fr: 'Souscription annulée avec succès',\n es: 'Suscripción cancelada con éxito',\n }),\n description: t({\n en: 'Your subscription has been cancelled successfully',\n fr: 'Votre souscription a été annulée avec succès',\n es: 'Su suscripción ha sido cancelada con éxito',\n }),\n data: plan!,\n });\n\n // Send the response back to the client\n res.json(formattedPlan);\n\n await emailService.sendEmail({\n type: 'subscriptionPaymentCancellation',\n to: user.email,\n email: user.email,\n cancellationDate: new Date().toLocaleDateString(),\n reactivateLink: `${process.env.CLIENT_URL}/pricing`,\n username: user.name,\n organizationName: organization.name,\n planName: plan.type,\n });\n } catch (error) {\n // Handle any errors that occur during the cancellation process\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n }\n};\n"],"mappings":"AAEA,YAAY,kBAAkB;AAC9B,YAAY,yBAAyB;AACrC,SAAwB,oBAAoB;AAC5C,SAAS,+BAA+B;AACxC,SAA4B,sBAAsB;AAElD,SAAS,SAAS;AAElB,SAAS,cAAc;AAehB,MAAM,aAAa,OACxB,KACA,QACG;AACH,QAAM,EAAE,UAAU,UAAU,IAAI,IAAI;AAEpC,QAAM,gBAAgB,MAAM,oBAAoB;AAAA,IAC9C;AAAA,IACA;AAAA,EACF;AAEA,QAAM,yBACJ,eAAkD;AAAA,IAChD,MAAM;AAAA,EACR,CAAC;AAEH,MAAI,OAAO,GAAG,EAAE,KAAK,sBAAsB;AAC7C;AAiBO,MAAM,kBAAkB,OAC7B,KACA,QACkB;AAClB,MAAI;AACF,UAAM,SAAS,IAAI,OAAO,QAAQ,IAAI,iBAAkB;AAGxD,UAAM,EAAE,cAAc,KAAK,IAAI,IAAI;AAEnC,UAAM,EAAE,SAAS,UAAU,IAAI,IAAI;AAGnC,QAAI,CAAC,cAAc;AACjB,mBAAa,2BAA2B,KAAK,wBAAwB;AACrE;AAAA,IACF;AAGA,QAAI,CAAC,MAAM;AACT,mBAAa,2BAA2B,KAAK,gBAAgB;AAC7D;AAAA,IACF;AAEA,UAAM,EAAE,QAAQ,KAAK,IAAI,wBAAwB,OAAO;AAExD,QACE,aAAa,MAAM,kBACnB,aAAa,MAAM,SAAS,QAC5B,aAAa,MAAM,WAAW,UAC9B,aAAa,MAAM,WAAW,UAC9B;AACA,mBAAa,2BAA2B,KAAK,sBAAsB;AAAA,QACjE,gBAAgB,aAAa;AAAA,MAC/B,CAAC;AACD;AAAA,IACF;AAGA,QAAI,aAAa,aAAa,MAAM;AAEpC,QAAI,CAAC,YAAY;AAEf,YAAM,WAAW,MAAM,OAAO,UAAU,OAAO;AAAA,QAC7C,UAAU;AAAA,UACR,gBAAgB,OAAO,aAAa,EAAE;AAAA,UACtC,QAAQ,OAAO,KAAK,EAAE;AAAA;AAAA,UAEtB,QAAS,IAAI,OAA0C;AAAA,QACzD;AAAA,MACF,CAAC;AACD,mBAAa,SAAS;AAAA,IACxB;AAEA,UAAM,cAAc,YAChB,MAAM,oBAAoB,YAAY,SAAS,IAC/C;AAEJ,UAAM,YAAwD,cAC1D,CAAC,EAAE,QAAQ,YAAY,CAAC,IACxB,CAAC;AAGL,UAAM,eAAe,MAAM,OAAO,cAAc,OAAO;AAAA,MACrD,UAAU;AAAA;AAAA,MACV,OAAO,CAAC,EAAE,OAAO,QAAQ,CAAC;AAAA;AAAA,MAC1B,QAAQ,CAAC,oCAAoC;AAAA,MAC7C,kBAAkB;AAAA,QAChB,sBAAsB,CAAC,MAAM;AAAA;AAAA,MAC/B;AAAA,MACA,kBAAkB;AAAA;AAAA,MAClB;AAAA,IACF,CAAC;AAGD,QAAI,CAAC,cAAc;AACjB,mBAAa;AAAA,QACX;AAAA,QACA;AAAA,QACA;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,QACF;AAAA,MACF;AACA;AAAA,IACF;AAEA,UAAM,eACJ,aAAa,gBAGZ,qBAAqB;AAGxB,QAAI,CAAC,cAAc;AACjB,mBAAa;AAAA,QACX;AAAA,QACA;AAAA,QACA;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,QACF;AAAA,MACF;AACA;AAAA,IACF;AAGA,UAAM,eAAe,eAAiD;AAAA,MACpE,MAAM,EAAE,cAAc,aAAa;AAAA,IACrC,CAAC;AAGD,QAAI,KAAK,YAAY;AAErB;AAAA,EACF,SAAS,OAAO;AAGd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAWO,MAAM,qBAAqB,OAChC,MACA,QACkB;AAClB,QAAM,SAAS,IAAI,OAAO,QAAQ,IAAI,iBAAkB;AAExD,MAAI;AAGF,UAAM,EAAE,cAAc,KAAK,IAAI,IAAI;AAGnC,QAAI,CAAC,cAAc;AACjB,mBAAa,2BAA2B,KAAK,wBAAwB;AACrE;AAAA,IACF;AAGA,QAAI,CAAC,MAAM;AACT,mBAAa,2BAA2B,KAAK,gBAAgB;AAC7D;AAAA,IACF;AAGA,QAAI,CAAC,aAAa,MAAM,gBAAgB;AACtC,mBAAa;AAAA,QACX;AAAA,QACA;AAAA,MACF;AACA;AAAA,IACF;AAGA,UAAM,OAAO,cAAc,OAAO,aAAa,KAAK,cAAc;AAGlE,UAAM,OAAO,MAAM,oBAAoB;AAAA,MACrC,aAAa,KAAK;AAAA,MAClB,OAAO,aAAa,EAAE;AAAA,IACxB;AAGA,QAAI,CAAC,MAAM;AACT,mBAAa;AAAA,QACX;AAAA,QACA;AAAA,MACF;AACA;AAAA,IACF;AAGA,UAAM,gBAAgB,eAAuC;AAAA,MAC3D,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAGD,QAAI,KAAK,aAAa;AAEtB,UAAM,aAAa,UAAU;AAAA,MAC3B,MAAM;AAAA,MACN,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,mBAAkB,oBAAI,KAAK,GAAE,mBAAmB;AAAA,MAChD,gBAAgB,GAAG,QAAQ,IAAI,UAAU;AAAA,MACzC,UAAU,KAAK;AAAA,MACf,kBAAkB,aAAa;AAAA,MAC/B,UAAU,KAAK;AAAA,IACjB,CAAC;AAAA,EACH,SAAS,OAAO;AAEd,iBAAa,uBAAuB,KAAK,KAAiB;AAAA,EAC5D;AACF;","names":[]}
package/dist/esm/controllers/tag.controller.mjs CHANGED
@@ -22,16 +22,22 @@ const getTags = async (req, res, _next) => {
22
22
  ErrorHandler.handleGenericErrorResponse(res, "ORGANIZATION_NOT_DEFINED");
23
23
  return;
24
24
  }
25
- if (!hasPermission(roles, "tag:read")()) {
26
- ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
27
- return;
28
- }
29
25
  const restrictedFilter = {
30
26
  ...filters,
31
27
  organizationId: String(organization.id)
32
28
  };
33
29
  try {
34
30
  const tags = await tagService.findTags(restrictedFilter, skip, pageSize);
31
+ if (!hasPermission(
32
+ roles,
33
+ "tag:read"
34
+ )({
35
+ ...res.locals,
36
+ targetTags: tags
37
+ })) {
38
+ ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
39
+ return;
40
+ }
35
41
  const totalItems = await tagService.countTags(filters);
36
42
  const formattedTags = mapTagsToAPI(tags);
37
43
  const responseData = formatPaginatedResponse({
@@ -49,7 +55,7 @@ const getTags = async (req, res, _next) => {
49
55
  }
50
56
  };
51
57
  const addTag = async (req, res, _next) => {
52
- const { organization, user, roles } = res.locals;
58
+ const { organization, project, user, roles } = res.locals;
53
59
  const tagData = req.body;
54
60
  if (!user) {
55
61
  ErrorHandler.handleGenericErrorResponse(res, "USER_NOT_DEFINED");
@@ -59,18 +65,29 @@ const addTag = async (req, res, _next) => {
59
65
  ErrorHandler.handleGenericErrorResponse(res, "ORGANIZATION_NOT_DEFINED");
60
66
  return;
61
67
  }
68
+ if (!project) {
69
+ ErrorHandler.handleGenericErrorResponse(res, "PROJECT_NOT_DEFINED");
70
+ return;
71
+ }
62
72
  if (!tagData) {
63
73
  ErrorHandler.handleGenericErrorResponse(res, "PROJECT_DATA_NOT_FOUND");
64
74
  }
65
- if (!hasPermission(roles, "tag:admin")(res.locals)) {
66
- ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
67
- return;
68
- }
69
75
  const tag = {
70
76
  creatorId: user.id,
71
77
  organizationId: organization.id,
78
+ projectId: project.id,
72
79
  ...tagData
73
80
  };
81
+ if (!hasPermission(
82
+ roles,
83
+ "tag:admin"
84
+ )({
85
+ ...res.locals,
86
+ targetTags: [tag]
87
+ })) {
88
+ ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
89
+ return;
90
+ }
74
91
  try {
75
92
  const newTag = await tagService.createTag(tag);
76
93
  const formattedTag = mapTagToAPI(newTag);
@@ -105,10 +122,6 @@ const updateTag = async (req, res, _next) => {
105
122
  ErrorHandler.handleGenericErrorResponse(res, "ORGANIZATION_NOT_DEFINED");
106
123
  return;
107
124
  }
108
- if (!hasPermission(roles, "tag:write")()) {
109
- ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
110
- return;
111
- }
112
125
  try {
113
126
  const tag = {
114
127
  _id: tagId,
@@ -118,6 +131,16 @@ const updateTag = async (req, res, _next) => {
118
131
  instructions: req.body.instructions
119
132
  };
120
133
  const tagToDelete = await tagService.getTagById(tagId);
134
+ if (!hasPermission(
135
+ roles,
136
+ "tag:write"
137
+ )({
138
+ ...res.locals,
139
+ targetTags: [tagToDelete]
140
+ })) {
141
+ ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
142
+ return;
143
+ }
121
144
  if (String(tagToDelete.organizationId) !== String(organization.id)) {
122
145
  ErrorHandler.handleGenericErrorResponse(res, "TAG_NOT_IN_ORGANIZATION");
123
146
  return;
@@ -159,12 +182,18 @@ const deleteTag = async (req, res, _next) => {
159
182
  ErrorHandler.handleGenericErrorResponse(res, "TAG_ID_NOT_FOUND");
160
183
  return;
161
184
  }
162
- if (!hasPermission(roles, "tag:admin")(res.locals)) {
163
- ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
164
- return;
165
- }
166
185
  try {
167
186
  const tagToDelete = await tagService.getTagById(tagId);
187
+ if (!hasPermission(
188
+ roles,
189
+ "tag:admin"
190
+ )({
191
+ ...res.locals,
192
+ targetTags: [tagToDelete]
193
+ })) {
194
+ ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
195
+ return;
196
+ }
168
197
  if (String(tagToDelete.organizationId) !== String(organization.id)) {
169
198
  ErrorHandler.handleGenericErrorResponse(res, "TAG_NOT_IN_ORGANIZATION");
170
199
  return;
package/dist/esm/controllers/tag.controller.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/controllers/tag.controller.ts"],"sourcesContent":["import type {\n Tag,\n TagAPI,\n TagCreationData,\n TagData,\n TagSchema,\n} from '@/types/tag.types';\nimport { logger } from '@logger';\nimport * as tagService from '@services/tag.service';\nimport { type AppError, ErrorHandler } from '@utils/errors';\nimport type { FiltersAndPagination } from '@utils/filtersAndPagination/getFiltersAndPaginationFromBody';\nimport {\n getTagFiltersAndPagination,\n type TagFilters,\n type TagFiltersParams,\n} from '@utils/filtersAndPagination/getTagFiltersAndPagination';\nimport { mapTagsToAPI, mapTagToAPI } from '@utils/mapper/tag';\nimport { hasPermission } from '@utils/permissions';\nimport {\n formatPaginatedResponse,\n formatResponse,\n type PaginatedResponse,\n type ResponseData,\n} from '@utils/responseData';\nimport type { NextFunction, Request, Response } from 'express';\nimport { t } from 'express-intlayer';\n\nexport type GetTagsParams = FiltersAndPagination<TagFiltersParams>;\nexport type GetTagsResult = PaginatedResponse<TagAPI>;\n\n/**\n * Retrieves a list of tags based on filters and pagination.\n */\nexport const getTags = async (\n req: Request<GetTagsParams>,\n res: Response<GetTagsResult>,\n _next: NextFunction\n): Promise<void> => {\n const { user, organization, roles } = res.locals;\n const { filters, pageSize, skip, page, getNumberOfPages } =\n getTagFiltersAndPagination(req);\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_DEFINED');\n return;\n }\n\n if (!hasPermission(roles, 'tag:read')()) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n const restrictedFilter: TagFilters = {\n ...filters,\n organizationId: String(organization.id),\n };\n\n try {\n const tags = await tagService.findTags(restrictedFilter, skip, pageSize);\n const totalItems = await tagService.countTags(filters);\n\n const formattedTags = mapTagsToAPI(tags);\n\n const responseData = formatPaginatedResponse<TagAPI>({\n data: formattedTags,\n page,\n pageSize,\n totalPages: getNumberOfPages(totalItems),\n totalItems,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type AddTagBody = TagCreationData;\nexport type AddTagResult = ResponseData<TagAPI>;\n\n/**\n * Adds a new tag to the database.\n */\nexport const addTag = async (\n req: Request<any, any, AddTagBody>,\n res: Response<AddTagResult>,\n _next: NextFunction\n): Promise<void> => {\n const { organization, user, roles } = res.locals;\n const tagData = req.body;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_DEFINED');\n return;\n }\n\n if (!tagData) {\n ErrorHandler.handleGenericErrorResponse(res, 'PROJECT_DATA_NOT_FOUND');\n }\n\n if (!hasPermission(roles, 'tag:admin')(res.locals)) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n const tag: TagData = {\n creatorId: user.id,\n organizationId: organization.id,\n ...tagData,\n };\n\n try {\n const newTag = await tagService.createTag(tag);\n\n const formattedTag = mapTagToAPI(newTag);\n\n const responseData = formatResponse<TagAPI>({\n message: t({\n en: 'Tag created successfully',\n fr: 'Tag créé avec succès',\n es: 'Tag creado con éxito',\n }),\n description: t({\n en: 'Your tag has been created successfully',\n fr: 'Votre tag a été créé avec succès',\n es: 'Su tag ha sido creado con éxito',\n }),\n data: formattedTag,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type UpdateTagParams = { tagId: string | Tag['id'] };\nexport type UpdateTagBody = Partial<TagData>;\nexport type UpdateTagResult = ResponseData<TagAPI>;\n\n/**\n * Updates an existing tag in the database.\n */\nexport const updateTag = async (\n req: Request<UpdateTagParams, any, UpdateTagBody>,\n res: Response<UpdateTagResult>,\n _next: NextFunction\n): Promise<void> => {\n const { tagId } = req.params;\n const { organization, user, roles } = res.locals;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_DEFINED');\n return;\n }\n\n if (!hasPermission(roles, 'tag:write')()) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const tag = {\n _id: tagId,\n name: req.body.name,\n key: req.body.key,\n description: req.body.description,\n instructions: req.body.instructions,\n } as Partial<TagSchema> & { _id: Tag['id'] };\n\n const tagToDelete = await tagService.getTagById(tagId);\n\n if (String(tagToDelete.organizationId) !== String(organization.id)) {\n ErrorHandler.handleGenericErrorResponse(res, 'TAG_NOT_IN_ORGANIZATION');\n return;\n }\n\n const updatedTag = await tagService.updateTagById(tag._id, tag);\n\n const formattedTag = mapTagToAPI(updatedTag);\n\n const responseData = formatResponse<TagAPI>({\n message: t({\n en: 'Tag updated successfully',\n fr: 'Tag mis à jour avec succès',\n es: 'Tag actualizado con éxito',\n }),\n description: t({\n en: 'Your tag has been updated successfully',\n fr: 'Votre tag a été mis à jour avec succès',\n es: 'Su tag ha sido actualizado con éxito',\n }),\n data: formattedTag,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type DeleteTagParams = { tagId: string | Tag['id'] };\nexport type DeleteTagResult = ResponseData<TagAPI>;\n\n/**\n * Deletes a tag from the database by its ID.\n * @param req - Express request object.\n * @param res - Express response object.\n * @returns Response confirming the deletion.\n */\nexport const deleteTag = async (\n req: Request<DeleteTagParams>,\n res: Response<DeleteTagResult>,\n _next: NextFunction\n): Promise<void> => {\n const { user, organization, roles } = res.locals;\n const { tagId } = req.params;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_DEFINED');\n return;\n }\n\n if (!tagId) {\n ErrorHandler.handleGenericErrorResponse(res, 'TAG_ID_NOT_FOUND');\n return;\n }\n\n if (!hasPermission(roles, 'tag:admin')(res.locals)) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const tagToDelete = await tagService.getTagById(tagId);\n\n if (String(tagToDelete.organizationId) !== String(organization.id)) {\n ErrorHandler.handleGenericErrorResponse(res, 'TAG_NOT_IN_ORGANIZATION');\n return;\n }\n\n const deletedTag = await tagService.deleteTagById(tagId);\n\n if (!deletedTag) {\n ErrorHandler.handleGenericErrorResponse(res, 'TAG_NOT_FOUND', {\n tagId,\n });\n\n return;\n }\n\n logger.info(`Tag deleted: ${String(deletedTag.id)}`);\n\n const formattedTag = mapTagToAPI(deletedTag);\n\n const responseData = formatResponse<TagAPI>({\n message: t({\n en: 'Tag deleted successfully',\n fr: 'Tag supprimé avec succès',\n es: 'Tag eliminado con éxito',\n }),\n description: t({\n en: 'Your tag has been deleted successfully',\n fr: 'Votre tag a été supprimé avec succès',\n es: 'Su tag ha sido eliminado con éxito',\n }),\n data: formattedTag,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n"],"mappings":"AAOA,SAAS,cAAc;AACvB,YAAY,gBAAgB;AAC5B,SAAwB,oBAAoB;AAE5C;AAAA,EACE;AAAA,OAGK;AACP,SAAS,cAAc,mBAAmB;AAC1C,SAAS,qBAAqB;AAC9B;AAAA,EACE;AAAA,EACA;AAAA,OAGK;AAEP,SAAS,SAAS;AAQX,MAAM,UAAU,OACrB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,cAAc,MAAM,IAAI,IAAI;AAC1C,QAAM,EAAE,SAAS,UAAU,MAAM,MAAM,iBAAiB,IACtD,2BAA2B,GAAG;AAEhC,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc;AACjB,iBAAa,2BAA2B,KAAK,0BAA0B;AACvE;AAAA,EACF;AAEA,MAAI,CAAC,cAAc,OAAO,UAAU,EAAE,GAAG;AACvC,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,QAAM,mBAA+B;AAAA,IACnC,GAAG;AAAA,IACH,gBAAgB,OAAO,aAAa,EAAE;AAAA,EACxC;AAEA,MAAI;AACF,UAAM,OAAO,MAAM,WAAW,SAAS,kBAAkB,MAAM,QAAQ;AACvE,UAAM,aAAa,MAAM,WAAW,UAAU,OAAO;AAErD,UAAM,gBAAgB,aAAa,IAAI;AAEvC,UAAM,eAAe,wBAAgC;AAAA,MACnD,MAAM;AAAA,MACN;AAAA,MACA;AAAA,MACA,YAAY,iBAAiB,UAAU;AAAA,MACvC;AAAA,IACF,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,SAAS,OACpB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,cAAc,MAAM,MAAM,IAAI,IAAI;AAC1C,QAAM,UAAU,IAAI;AAEpB,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc;AACjB,iBAAa,2BAA2B,KAAK,0BAA0B;AACvE;AAAA,EACF;AAEA,MAAI,CAAC,SAAS;AACZ,iBAAa,2BAA2B,KAAK,wBAAwB;AAAA,EACvE;AAEA,MAAI,CAAC,cAAc,OAAO,WAAW,EAAE,IAAI,MAAM,GAAG;AAClD,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,QAAM,MAAe;AAAA,IACnB,WAAW,KAAK;AAAA,IAChB,gBAAgB,aAAa;AAAA,IAC7B,GAAG;AAAA,EACL;AAEA,MAAI;AACF,UAAM,SAAS,MAAM,WAAW,UAAU,GAAG;AAE7C,UAAM,eAAe,YAAY,MAAM;AAEvC,UAAM,eAAe,eAAuB;AAAA,MAC1C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AASO,MAAM,YAAY,OACvB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,IAAI,IAAI;AACtB,QAAM,EAAE,cAAc,MAAM,MAAM,IAAI,IAAI;AAE1C,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc;AACjB,iBAAa,2BAA2B,KAAK,0BAA0B;AACvE;AAAA,EACF;AAEA,MAAI,CAAC,cAAc,OAAO,WAAW,EAAE,GAAG;AACxC,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,MAAM;AAAA,MACV,KAAK;AAAA,MACL,MAAM,IAAI,KAAK;AAAA,MACf,KAAK,IAAI,KAAK;AAAA,MACd,aAAa,IAAI,KAAK;AAAA,MACtB,cAAc,IAAI,KAAK;AAAA,IACzB;AAEA,UAAM,cAAc,MAAM,WAAW,WAAW,KAAK;AAErD,QAAI,OAAO,YAAY,cAAc,MAAM,OAAO,aAAa,EAAE,GAAG;AAClE,mBAAa,2BAA2B,KAAK,yBAAyB;AACtE;AAAA,IACF;AAEA,UAAM,aAAa,MAAM,WAAW,cAAc,IAAI,KAAK,GAAG;AAE9D,UAAM,eAAe,YAAY,UAAU;AAE3C,UAAM,eAAe,eAAuB;AAAA,MAC1C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAWO,MAAM,YAAY,OACvB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,cAAc,MAAM,IAAI,IAAI;AAC1C,QAAM,EAAE,MAAM,IAAI,IAAI;AAEtB,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc;AACjB,iBAAa,2BAA2B,KAAK,0BAA0B;AACvE;AAAA,EACF;AAEA,MAAI,CAAC,OAAO;AACV,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc,OAAO,WAAW,EAAE,IAAI,MAAM,GAAG;AAClD,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,cAAc,MAAM,WAAW,WAAW,KAAK;AAErD,QAAI,OAAO,YAAY,cAAc,MAAM,OAAO,aAAa,EAAE,GAAG;AAClE,mBAAa,2BAA2B,KAAK,yBAAyB;AACtE;AAAA,IACF;AAEA,UAAM,aAAa,MAAM,WAAW,cAAc,KAAK;AAEvD,QAAI,CAAC,YAAY;AACf,mBAAa,2BAA2B,KAAK,iBAAiB;AAAA,QAC5D;AAAA,MACF,CAAC;AAED;AAAA,IACF;AAEA,WAAO,KAAK,gBAAgB,OAAO,WAAW,EAAE,CAAC,EAAE;AAEnD,UAAM,eAAe,YAAY,UAAU;AAE3C,UAAM,eAAe,eAAuB;AAAA,MAC1C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;","names":[]}
1
+ {"version":3,"sources":["../../../src/controllers/tag.controller.ts"],"sourcesContent":["import type {\n Tag,\n TagAPI,\n TagCreationData,\n TagData,\n TagSchema,\n} from '@/types/tag.types';\nimport { logger } from '@logger';\nimport type { ResponseWithSession } from '@middlewares/sessionAuth.middleware';\nimport * as tagService from '@services/tag.service';\nimport { type AppError, ErrorHandler } from '@utils/errors';\nimport type { FiltersAndPagination } from '@utils/filtersAndPagination/getFiltersAndPaginationFromBody';\nimport {\n getTagFiltersAndPagination,\n type TagFilters,\n type TagFiltersParams,\n} from '@utils/filtersAndPagination/getTagFiltersAndPagination';\nimport { mapTagsToAPI, mapTagToAPI } from '@utils/mapper/tag';\nimport { hasPermission } from '@utils/permissions';\nimport {\n formatPaginatedResponse,\n formatResponse,\n type PaginatedResponse,\n type ResponseData,\n} from '@utils/responseData';\nimport type { NextFunction, Request } from 'express';\nimport { t } from 'express-intlayer';\n\nexport type GetTagsParams = FiltersAndPagination<TagFiltersParams>;\nexport type GetTagsResult = PaginatedResponse<TagAPI>;\n\n/**\n * Retrieves a list of tags based on filters and pagination.\n */\nexport const getTags = async (\n req: Request<GetTagsParams>,\n res: ResponseWithSession<GetTagsResult>,\n _next: NextFunction\n): Promise<void> => {\n const { user, organization, roles } = res.locals;\n const { filters, pageSize, skip, page, getNumberOfPages } =\n getTagFiltersAndPagination(req);\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_DEFINED');\n return;\n }\n\n const restrictedFilter: TagFilters = {\n ...filters,\n organizationId: String(organization.id),\n };\n\n try {\n const tags = await tagService.findTags(restrictedFilter, skip, pageSize);\n\n if (\n !hasPermission(\n roles,\n 'tag:read'\n )({\n ...res.locals,\n targetTags: tags,\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n const totalItems = await tagService.countTags(filters);\n\n const formattedTags = mapTagsToAPI(tags);\n\n const responseData = formatPaginatedResponse<TagAPI>({\n data: formattedTags,\n page,\n pageSize,\n totalPages: getNumberOfPages(totalItems),\n totalItems,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type AddTagBody = TagCreationData;\nexport type AddTagResult = ResponseData<TagAPI>;\n\n/**\n * Adds a new tag to the database.\n */\nexport const addTag = async (\n req: Request<any, any, AddTagBody>,\n res: ResponseWithSession<AddTagResult>,\n _next: NextFunction\n): Promise<void> => {\n const { organization, project, user, roles } = res.locals;\n const tagData = req.body;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_DEFINED');\n return;\n }\n\n if (!project) {\n ErrorHandler.handleGenericErrorResponse(res, 'PROJECT_NOT_DEFINED');\n return;\n }\n\n if (!tagData) {\n ErrorHandler.handleGenericErrorResponse(res, 'PROJECT_DATA_NOT_FOUND');\n }\n\n const tag: TagData = {\n creatorId: user.id,\n organizationId: organization.id,\n projectId: project.id,\n ...tagData,\n };\n\n if (\n !hasPermission(\n roles,\n 'tag:admin'\n )({\n ...res.locals,\n targetTags: [tag as Tag],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const newTag = await tagService.createTag(tag);\n\n const formattedTag = mapTagToAPI(newTag);\n\n const responseData = formatResponse<TagAPI>({\n message: t({\n en: 'Tag created successfully',\n fr: 'Tag créé avec succès',\n es: 'Tag creado con éxito',\n }),\n description: t({\n en: 'Your tag has been created successfully',\n fr: 'Votre tag a été créé avec succès',\n es: 'Su tag ha sido creado con éxito',\n }),\n data: formattedTag,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type UpdateTagParams = { tagId: string | Tag['id'] };\nexport type UpdateTagBody = Partial<TagData>;\nexport type UpdateTagResult = ResponseData<TagAPI>;\n\n/**\n * Updates an existing tag in the database.\n */\nexport const updateTag = async (\n req: Request<UpdateTagParams, any, UpdateTagBody>,\n res: ResponseWithSession<UpdateTagResult>,\n _next: NextFunction\n): Promise<void> => {\n const { tagId } = req.params;\n const { organization, user, roles } = res.locals;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_DEFINED');\n return;\n }\n\n try {\n const tag = {\n _id: tagId,\n name: req.body.name,\n key: req.body.key,\n description: req.body.description,\n instructions: req.body.instructions,\n } as Partial<TagSchema> & { _id: Tag['id'] };\n\n const tagToDelete = await tagService.getTagById(tagId);\n\n if (\n !hasPermission(\n roles,\n 'tag:write'\n )({\n ...res.locals,\n targetTags: [tagToDelete],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n if (String(tagToDelete.organizationId) !== String(organization.id)) {\n ErrorHandler.handleGenericErrorResponse(res, 'TAG_NOT_IN_ORGANIZATION');\n return;\n }\n\n const updatedTag = await tagService.updateTagById(tag._id, tag);\n\n const formattedTag = mapTagToAPI(updatedTag);\n\n const responseData = formatResponse<TagAPI>({\n message: t({\n en: 'Tag updated successfully',\n fr: 'Tag mis à jour avec succès',\n es: 'Tag actualizado con éxito',\n }),\n description: t({\n en: 'Your tag has been updated successfully',\n fr: 'Votre tag a été mis à jour avec succès',\n es: 'Su tag ha sido actualizado con éxito',\n }),\n data: formattedTag,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type DeleteTagParams = { tagId: string | Tag['id'] };\nexport type DeleteTagResult = ResponseData<TagAPI>;\n\n/**\n * Deletes a tag from the database by its ID.\n * @param req - Express request object.\n * @param res - Express response object.\n * @returns Response confirming the deletion.\n */\nexport const deleteTag = async (\n req: Request<DeleteTagParams>,\n res: ResponseWithSession<DeleteTagResult>,\n _next: NextFunction\n): Promise<void> => {\n const { user, organization, roles } = res.locals;\n const { tagId } = req.params;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (!organization) {\n ErrorHandler.handleGenericErrorResponse(res, 'ORGANIZATION_NOT_DEFINED');\n return;\n }\n\n if (!tagId) {\n ErrorHandler.handleGenericErrorResponse(res, 'TAG_ID_NOT_FOUND');\n return;\n }\n\n try {\n const tagToDelete = await tagService.getTagById(tagId);\n\n if (\n !hasPermission(\n roles,\n 'tag:admin'\n )({\n ...res.locals,\n targetTags: [tagToDelete],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n if (String(tagToDelete.organizationId) !== String(organization.id)) {\n ErrorHandler.handleGenericErrorResponse(res, 'TAG_NOT_IN_ORGANIZATION');\n return;\n }\n\n const deletedTag = await tagService.deleteTagById(tagId);\n\n if (!deletedTag) {\n ErrorHandler.handleGenericErrorResponse(res, 'TAG_NOT_FOUND', {\n tagId,\n });\n\n return;\n }\n\n logger.info(`Tag deleted: ${String(deletedTag.id)}`);\n\n const formattedTag = mapTagToAPI(deletedTag);\n\n const responseData = formatResponse<TagAPI>({\n message: t({\n en: 'Tag deleted successfully',\n fr: 'Tag supprimé avec succès',\n es: 'Tag eliminado con éxito',\n }),\n description: t({\n en: 'Your tag has been deleted successfully',\n fr: 'Votre tag a été supprimé avec succès',\n es: 'Su tag ha sido eliminado con éxito',\n }),\n data: formattedTag,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n"],"mappings":"AAOA,SAAS,cAAc;AAEvB,YAAY,gBAAgB;AAC5B,SAAwB,oBAAoB;AAE5C;AAAA,EACE;AAAA,OAGK;AACP,SAAS,cAAc,mBAAmB;AAC1C,SAAS,qBAAqB;AAC9B;AAAA,EACE;AAAA,EACA;AAAA,OAGK;AAEP,SAAS,SAAS;AAQX,MAAM,UAAU,OACrB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,cAAc,MAAM,IAAI,IAAI;AAC1C,QAAM,EAAE,SAAS,UAAU,MAAM,MAAM,iBAAiB,IACtD,2BAA2B,GAAG;AAEhC,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc;AACjB,iBAAa,2BAA2B,KAAK,0BAA0B;AACvE;AAAA,EACF;AAEA,QAAM,mBAA+B;AAAA,IACnC,GAAG;AAAA,IACH,gBAAgB,OAAO,aAAa,EAAE;AAAA,EACxC;AAEA,MAAI;AACF,UAAM,OAAO,MAAM,WAAW,SAAS,kBAAkB,MAAM,QAAQ;AAEvE,QACE,CAAC;AAAA,MACC;AAAA,MACA;AAAA,IACF,EAAE;AAAA,MACA,GAAG,IAAI;AAAA,MACP,YAAY;AAAA,IACd,CAAC,GACD;AACA,mBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,IACF;AAEA,UAAM,aAAa,MAAM,WAAW,UAAU,OAAO;AAErD,UAAM,gBAAgB,aAAa,IAAI;AAEvC,UAAM,eAAe,wBAAgC;AAAA,MACnD,MAAM;AAAA,MACN;AAAA,MACA;AAAA,MACA,YAAY,iBAAiB,UAAU;AAAA,MACvC;AAAA,IACF,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,SAAS,OACpB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,cAAc,SAAS,MAAM,MAAM,IAAI,IAAI;AACnD,QAAM,UAAU,IAAI;AAEpB,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc;AACjB,iBAAa,2BAA2B,KAAK,0BAA0B;AACvE;AAAA,EACF;AAEA,MAAI,CAAC,SAAS;AACZ,iBAAa,2BAA2B,KAAK,qBAAqB;AAClE;AAAA,EACF;AAEA,MAAI,CAAC,SAAS;AACZ,iBAAa,2BAA2B,KAAK,wBAAwB;AAAA,EACvE;AAEA,QAAM,MAAe;AAAA,IACnB,WAAW,KAAK;AAAA,IAChB,gBAAgB,aAAa;AAAA,IAC7B,WAAW,QAAQ;AAAA,IACnB,GAAG;AAAA,EACL;AAEA,MACE,CAAC;AAAA,IACC;AAAA,IACA;AAAA,EACF,EAAE;AAAA,IACA,GAAG,IAAI;AAAA,IACP,YAAY,CAAC,GAAU;AAAA,EACzB,CAAC,GACD;AACA,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,SAAS,MAAM,WAAW,UAAU,GAAG;AAE7C,UAAM,eAAe,YAAY,MAAM;AAEvC,UAAM,eAAe,eAAuB;AAAA,MAC1C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AASO,MAAM,YAAY,OACvB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,IAAI,IAAI;AACtB,QAAM,EAAE,cAAc,MAAM,MAAM,IAAI,IAAI;AAE1C,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc;AACjB,iBAAa,2BAA2B,KAAK,0BAA0B;AACvE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,MAAM;AAAA,MACV,KAAK;AAAA,MACL,MAAM,IAAI,KAAK;AAAA,MACf,KAAK,IAAI,KAAK;AAAA,MACd,aAAa,IAAI,KAAK;AAAA,MACtB,cAAc,IAAI,KAAK;AAAA,IACzB;AAEA,UAAM,cAAc,MAAM,WAAW,WAAW,KAAK;AAErD,QACE,CAAC;AAAA,MACC;AAAA,MACA;AAAA,IACF,EAAE;AAAA,MACA,GAAG,IAAI;AAAA,MACP,YAAY,CAAC,WAAW;AAAA,IAC1B,CAAC,GACD;AACA,mBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,IACF;AAEA,QAAI,OAAO,YAAY,cAAc,MAAM,OAAO,aAAa,EAAE,GAAG;AAClE,mBAAa,2BAA2B,KAAK,yBAAyB;AACtE;AAAA,IACF;AAEA,UAAM,aAAa,MAAM,WAAW,cAAc,IAAI,KAAK,GAAG;AAE9D,UAAM,eAAe,YAAY,UAAU;AAE3C,UAAM,eAAe,eAAuB;AAAA,MAC1C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAWO,MAAM,YAAY,OACvB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,cAAc,MAAM,IAAI,IAAI;AAC1C,QAAM,EAAE,MAAM,IAAI,IAAI;AAEtB,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,CAAC,cAAc;AACjB,iBAAa,2BAA2B,KAAK,0BAA0B;AACvE;AAAA,EACF;AAEA,MAAI,CAAC,OAAO;AACV,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI;AACF,UAAM,cAAc,MAAM,WAAW,WAAW,KAAK;AAErD,QACE,CAAC;AAAA,MACC;AAAA,MACA;AAAA,IACF,EAAE;AAAA,MACA,GAAG,IAAI;AAAA,MACP,YAAY,CAAC,WAAW;AAAA,IAC1B,CAAC,GACD;AACA,mBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,IACF;AAEA,QAAI,OAAO,YAAY,cAAc,MAAM,OAAO,aAAa,EAAE,GAAG;AAClE,mBAAa,2BAA2B,KAAK,yBAAyB;AACtE;AAAA,IACF;AAEA,UAAM,aAAa,MAAM,WAAW,cAAc,KAAK;AAEvD,QAAI,CAAC,YAAY;AACf,mBAAa,2BAA2B,KAAK,iBAAiB;AAAA,QAC5D;AAAA,MACF,CAAC;AAED;AAAA,IACF;AAEA,WAAO,KAAK,gBAAgB,OAAO,WAAW,EAAE,CAAC,EAAE;AAEnD,UAAM,eAAe,YAAY,UAAU;AAE3C,UAAM,eAAe,eAAuB;AAAA,MAC1C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;","names":[]}
package/dist/esm/controllers/user.controller.mjs CHANGED
@@ -59,7 +59,7 @@ const getUsers = async (req, res, _next) => {
59
59
  "user:read"
60
60
  )({
61
61
  ...res.locals,
62
- targetUserIds: users.map((user2) => user2.id)
62
+ targetUsers: users
63
63
  })) {
64
64
  ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
65
65
  return;
@@ -111,7 +111,7 @@ const getUserByEmail = async (req, res, _next) => {
111
111
  "user:read"
112
112
  )({
113
113
  ...res.locals,
114
- targetUserIds: [user.id]
114
+ targetUsers: [user]
115
115
  })) {
116
116
  ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
117
117
  return;
@@ -140,7 +140,7 @@ const updateUser = async (req, res, _next) => {
140
140
  "user:write"
141
141
  )({
142
142
  ...res.locals,
143
- targetUserIds: [user.id]
143
+ targetUsers: [userData]
144
144
  })) {
145
145
  ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
146
146
  return;
@@ -174,12 +174,23 @@ const updateUser = async (req, res, _next) => {
174
174
  const deleteUser = async (req, res, _next) => {
175
175
  const { userId } = req.params;
176
176
  const { roles } = res.locals;
177
- if (!hasPermission(roles, "user:admin")()) {
178
- ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
179
- return;
180
- }
181
177
  try {
182
- const user = await userService.deleteUser(userId);
178
+ const user = await userService.getUserById(userId);
179
+ if (!user) {
180
+ ErrorHandler.handleGenericErrorResponse(res, "USER_NOT_FOUND");
181
+ return;
182
+ }
183
+ if (!hasPermission(
184
+ roles,
185
+ "user:admin"
186
+ )({
187
+ ...res.locals,
188
+ targetUsers: [user]
189
+ })) {
190
+ ErrorHandler.handleGenericErrorResponse(res, "PERMISSION_DENIED");
191
+ return;
192
+ }
193
+ await userService.deleteUser(userId);
183
194
  const formattedUser = mapUserToAPI(user);
184
195
  const responseData = formatResponse({
185
196
  message: t({
package/dist/esm/controllers/user.controller.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/controllers/user.controller.ts"],"sourcesContent":["import type { User, UserAPI } from '@/types/user.types';\nimport { logger } from '@logger';\nimport { sendEmail } from '@services/email.service';\nimport * as userService from '@services/user.service';\nimport { type AppError, ErrorHandler } from '@utils/errors';\nimport type { FiltersAndPagination } from '@utils/filtersAndPagination/getFiltersAndPaginationFromBody';\nimport { getOrganizationFiltersAndPagination } from '@utils/filtersAndPagination/getOrganizationFiltersAndPagination';\nimport type { UserFiltersParam } from '@utils/filtersAndPagination/getUserFiltersAndPagination';\nimport { mapUsersToAPI, mapUserToAPI } from '@utils/mapper/user';\nimport { hasPermission } from '@utils/permissions';\nimport {\n formatPaginatedResponse,\n formatResponse,\n type PaginatedResponse,\n type ResponseData,\n} from '@utils/responseData';\nimport type { NextFunction, Request, Response } from 'express';\nimport { t } from 'express-intlayer';\n\nexport type CreateUserBody = { email: string; password?: string };\nexport type CreateUserResult = ResponseData<UserAPI>;\n\n/**\n * Creates a new user.\n */\nexport const createUser = async (\n req: Request<any, any, User>,\n res: Response<CreateUserResult>,\n _next: NextFunction\n): Promise<void> => {\n const user: User | undefined = req.body;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n try {\n const newUser = await userService.createUser(user);\n\n await sendEmail({\n type: 'welcome',\n to: newUser.email,\n username: newUser.name,\n loginLink: `${process.env.CLIENT_URL}/auth/login`,\n });\n\n const formattedUser = mapUserToAPI(newUser);\n\n const responseData = formatResponse<UserAPI>({\n message: t({\n en: 'User created',\n fr: 'Utilisateur créé',\n es: 'Usuario creado',\n }),\n description: t({\n en: 'User created successfully',\n fr: 'Utilisateur créé avec succès',\n es: 'Usuario creado con éxito',\n }),\n data: formattedUser,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type GetUsersParams = FiltersAndPagination<UserFiltersParam>;\nexport type GetUsersResult = PaginatedResponse<UserAPI>;\n\n/**\n * Retrieves a list of users based on filters and pagination.\n */\nexport const getUsers = async (\n req: Request<GetUsersParams>,\n res: Response<GetUsersResult>,\n _next: NextFunction\n): Promise<void> => {\n const { user, roles } = res.locals;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n const { filters, pageSize, skip, page, getNumberOfPages } =\n getOrganizationFiltersAndPagination(req);\n\n try {\n const users = await userService.findUsers(filters, skip, pageSize);\n\n if (\n !hasPermission(\n roles,\n 'user:read'\n )({\n ...res.locals,\n targetUserIds: users.map((user) => user.id),\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n const totalItems = await userService.countUsers(filters);\n\n const formattedUsers = mapUsersToAPI(users);\n\n const responseData = formatPaginatedResponse<UserAPI>({\n data: formattedUsers,\n page,\n pageSize,\n totalPages: getNumberOfPages(totalItems),\n totalItems,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type GetUserByIdParams = { userId: string };\nexport type GetUserByIdResult = ResponseData<UserAPI>;\n\nexport const getUserById = async (\n req: Request<GetUserByIdParams>,\n res: Response<GetUserByIdResult>,\n _next: NextFunction\n): Promise<void> => {\n const { userId } = req.params;\n\n try {\n const user = await userService.getUserById(userId);\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n const formattedUser = mapUserToAPI(user);\n const responseData = formatResponse<UserAPI>({ data: formattedUser });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type GetUserByEmailParams = { email: string };\nexport type GetUserByEmailResult = ResponseData<UserAPI>;\n\nexport const getUserByEmail = async (\n req: Request<GetUserByEmailParams>,\n res: Response<GetUserByEmailResult>,\n _next: NextFunction\n): Promise<void> => {\n const { email } = req.params;\n const { roles } = res.locals;\n\n try {\n const user = await userService.getUserByEmail(email);\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (\n !hasPermission(\n roles,\n 'user:read'\n )({\n ...res.locals,\n targetUserIds: [user.id],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n const formattedUser = mapUserToAPI(user);\n const responseData = formatResponse<UserAPI>({ data: formattedUser });\n\n res.json(responseData);\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type UpdateUserBody = Partial<User>;\nexport type UpdateUserResult = ResponseData<UserAPI>;\n\n/**\n * Updates user information (phone number, date of birth).\n */\nexport const updateUser = async (\n req: Request<any, any, UpdateUserBody | undefined>,\n res: Response<UpdateUserResult>,\n _next: NextFunction\n): Promise<void> => {\n const userData = req.body;\n const { user, roles } = res.locals;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (typeof userData !== 'object') {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_DATA_NOT_FOUND');\n return;\n }\n\n if (\n !hasPermission(\n roles,\n 'user:write'\n )({\n ...res.locals,\n targetUserIds: [user.id],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const updatedUser = await userService.updateUserById(user.id, userData);\n\n logger.info(\n `User updated: Name: ${updatedUser.name}, id: ${String(updatedUser.id)}`\n );\n\n const formattedUser = mapUserToAPI(updatedUser);\n const responseData = formatResponse<UserAPI>({\n message: t({\n en: 'User updated',\n fr: 'Utilisateur mis à jour',\n es: 'Usuario actualizado',\n }),\n description: t({\n en: 'User updated successfully',\n fr: 'Utilisateur mis à jour avec succès',\n es: 'Usuario actualizado con éxito',\n }),\n data: formattedUser,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type DeleteUserParams = { userId: string };\nexport type DeleteUserResult = ResponseData<UserAPI>;\n\n/**\n * Deletes a user based on the provided ID.\n */\nexport const deleteUser = async (\n req: Request<any, any, DeleteUserParams>,\n res: Response<DeleteUserResult>,\n _next: NextFunction\n): Promise<void> => {\n const { userId } = req.params;\n const { roles } = res.locals;\n\n if (!hasPermission(roles, 'user:admin')()) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const user = await userService.deleteUser(userId);\n\n const formattedUser = mapUserToAPI(user);\n const responseData = formatResponse<UserAPI>({\n message: t({\n en: 'User deleted',\n fr: 'Utilisateur supprimé',\n es: 'Usuario eliminado',\n }),\n description: t({\n en: 'User deleted successfully',\n fr: 'Utilisateur supprimé avec succès',\n es: 'Usuario eliminado con éxito',\n }),\n data: formattedUser,\n });\n\n res.json(responseData);\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nlet clients: Array<{ id: number; userId: string; res: Response }> = [];\n\nexport const sendVerificationUpdate = (user: User) => {\n const filteredClients = clients.filter(\n (client) => String(client.userId) === String(user.id)\n );\n\n for (const client of filteredClients) {\n if (user.emailVerified) {\n client.res.write(\n `data: ${JSON.stringify({ userId: user.id, status: 'verified' })}\\n\\n`\n );\n }\n }\n};\n\nexport type VerifyEmailStatusSSEParams = { userId: string };\n\n/**\n * SSE to check the email verification status\n */\nexport const verifyEmailStatusSSE = async (\n req: Request<VerifyEmailStatusSSEParams, any, any>,\n res: Response\n) => {\n // Set headers for SSE\n res.setHeader('Content-Type', 'text/event-stream;charset=utf-8');\n res.setHeader('Cache-Control', 'no-cache, no-transform');\n res.setHeader('Connection', 'keep-alive');\n res.setHeader('X-Accel-Buffering', 'no'); // For Nginx buffering\n\n // Send initial data to ensure the connection is open\n res.write(':\\n\\n'); // Comment to keep connection alive\n res.flushHeaders();\n\n const { userId } = req.params; // Get user ID from query parameters\n const clientId = Date.now();\n\n const user = await userService.getUserById(userId);\n\n if (!user) {\n logger.error(`User not found - User ID: ${userId}`);\n res.write(`data: ${JSON.stringify({ userId, status: 'error' })}\\n\\n`);\n res.end();\n return;\n }\n\n // Add client to the list\n const newClient = { id: clientId, userId, res };\n clients.push(newClient);\n\n sendVerificationUpdate(user);\n\n // Remove client on connection close\n req.on('close', () => {\n clients = clients.filter((client) => client.id !== clientId);\n });\n};\n"],"mappings":"AACA,SAAS,cAAc;AACvB,SAAS,iBAAiB;AAC1B,YAAY,iBAAiB;AAC7B,SAAwB,oBAAoB;AAE5C,SAAS,2CAA2C;AAEpD,SAAS,eAAe,oBAAoB;AAC5C,SAAS,qBAAqB;AAC9B;AAAA,EACE;AAAA,EACA;AAAA,OAGK;AAEP,SAAS,SAAS;AAQX,MAAM,aAAa,OACxB,KACA,KACA,UACkB;AAClB,QAAM,OAAyB,IAAI;AAEnC,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI;AACF,UAAM,UAAU,MAAM,YAAY,WAAW,IAAI;AAEjD,UAAM,UAAU;AAAA,MACd,MAAM;AAAA,MACN,IAAI,QAAQ;AAAA,MACZ,UAAU,QAAQ;AAAA,MAClB,WAAW,GAAG,QAAQ,IAAI,UAAU;AAAA,IACtC,CAAC;AAED,UAAM,gBAAgB,aAAa,OAAO;AAE1C,UAAM,eAAe,eAAwB;AAAA,MAC3C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,WAAW,OACtB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,MAAM,IAAI,IAAI;AAE5B,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,QAAM,EAAE,SAAS,UAAU,MAAM,MAAM,iBAAiB,IACtD,oCAAoC,GAAG;AAEzC,MAAI;AACF,UAAM,QAAQ,MAAM,YAAY,UAAU,SAAS,MAAM,QAAQ;AAEjE,QACE,CAAC;AAAA,MACC;AAAA,MACA;AAAA,IACF,EAAE;AAAA,MACA,GAAG,IAAI;AAAA,MACP,eAAe,MAAM,IAAI,CAACA,UAASA,MAAK,EAAE;AAAA,IAC5C,CAAC,GACD;AACA,mBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,IACF;AAEA,UAAM,aAAa,MAAM,YAAY,WAAW,OAAO;AAEvD,UAAM,iBAAiB,cAAc,KAAK;AAE1C,UAAM,eAAe,wBAAiC;AAAA,MACpD,MAAM;AAAA,MACN;AAAA,MACA;AAAA,MACA,YAAY,iBAAiB,UAAU;AAAA,MACvC;AAAA,IACF,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAKO,MAAM,cAAc,OACzB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,OAAO,IAAI,IAAI;AAEvB,MAAI;AACF,UAAM,OAAO,MAAM,YAAY,YAAY,MAAM;AAEjD,QAAI,CAAC,MAAM;AACT,mBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,IACF;AAEA,UAAM,gBAAgB,aAAa,IAAI;AACvC,UAAM,eAAe,eAAwB,EAAE,MAAM,cAAc,CAAC;AAEpE,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAKO,MAAM,iBAAiB,OAC5B,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,IAAI,IAAI;AACtB,QAAM,EAAE,MAAM,IAAI,IAAI;AAEtB,MAAI;AACF,UAAM,OAAO,MAAM,YAAY,eAAe,KAAK;AAEnD,QAAI,CAAC,MAAM;AACT,mBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,IACF;AAEA,QACE,CAAC;AAAA,MACC;AAAA,MACA;AAAA,IACF,EAAE;AAAA,MACA,GAAG,IAAI;AAAA,MACP,eAAe,CAAC,KAAK,EAAE;AAAA,IACzB,CAAC,GACD;AACA,mBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,IACF;AAEA,UAAM,gBAAgB,aAAa,IAAI;AACvC,UAAM,eAAe,eAAwB,EAAE,MAAM,cAAc,CAAC;AAEpE,QAAI,KAAK,YAAY;AAAA,EACvB,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,aAAa,OACxB,KACA,KACA,UACkB;AAClB,QAAM,WAAW,IAAI;AACrB,QAAM,EAAE,MAAM,MAAM,IAAI,IAAI;AAE5B,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,OAAO,aAAa,UAAU;AAChC,iBAAa,2BAA2B,KAAK,qBAAqB;AAClE;AAAA,EACF;AAEA,MACE,CAAC;AAAA,IACC;AAAA,IACA;AAAA,EACF,EAAE;AAAA,IACA,GAAG,IAAI;AAAA,IACP,eAAe,CAAC,KAAK,EAAE;AAAA,EACzB,CAAC,GACD;AACA,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,cAAc,MAAM,YAAY,eAAe,KAAK,IAAI,QAAQ;AAEtE,WAAO;AAAA,MACL,uBAAuB,YAAY,IAAI,SAAS,OAAO,YAAY,EAAE,CAAC;AAAA,IACxE;AAEA,UAAM,gBAAgB,aAAa,WAAW;AAC9C,UAAM,eAAe,eAAwB;AAAA,MAC3C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,aAAa,OACxB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,OAAO,IAAI,IAAI;AACvB,QAAM,EAAE,MAAM,IAAI,IAAI;AAEtB,MAAI,CAAC,cAAc,OAAO,YAAY,EAAE,GAAG;AACzC,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,OAAO,MAAM,YAAY,WAAW,MAAM;AAEhD,UAAM,gBAAgB,aAAa,IAAI;AACvC,UAAM,eAAe,eAAwB;AAAA,MAC3C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AAAA,EACvB,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAEA,IAAI,UAAgE,CAAC;AAE9D,MAAM,yBAAyB,CAAC,SAAe;AACpD,QAAM,kBAAkB,QAAQ;AAAA,IAC9B,CAAC,WAAW,OAAO,OAAO,MAAM,MAAM,OAAO,KAAK,EAAE;AAAA,EACtD;AAEA,aAAW,UAAU,iBAAiB;AACpC,QAAI,KAAK,eAAe;AACtB,aAAO,IAAI;AAAA,QACT,SAAS,KAAK,UAAU,EAAE,QAAQ,KAAK,IAAI,QAAQ,WAAW,CAAC,CAAC;AAAA;AAAA;AAAA,MAClE;AAAA,IACF;AAAA,EACF;AACF;AAOO,MAAM,uBAAuB,OAClC,KACA,QACG;AAEH,MAAI,UAAU,gBAAgB,iCAAiC;AAC/D,MAAI,UAAU,iBAAiB,wBAAwB;AACvD,MAAI,UAAU,cAAc,YAAY;AACxC,MAAI,UAAU,qBAAqB,IAAI;AAGvC,MAAI,MAAM,OAAO;AACjB,MAAI,aAAa;AAEjB,QAAM,EAAE,OAAO,IAAI,IAAI;AACvB,QAAM,WAAW,KAAK,IAAI;AAE1B,QAAM,OAAO,MAAM,YAAY,YAAY,MAAM;AAEjD,MAAI,CAAC,MAAM;AACT,WAAO,MAAM,6BAA6B,MAAM,EAAE;AAClD,QAAI,MAAM,SAAS,KAAK,UAAU,EAAE,QAAQ,QAAQ,QAAQ,CAAC,CAAC;AAAA;AAAA,CAAM;AACpE,QAAI,IAAI;AACR;AAAA,EACF;AAGA,QAAM,YAAY,EAAE,IAAI,UAAU,QAAQ,IAAI;AAC9C,UAAQ,KAAK,SAAS;AAEtB,yBAAuB,IAAI;AAG3B,MAAI,GAAG,SAAS,MAAM;AACpB,cAAU,QAAQ,OAAO,CAAC,WAAW,OAAO,OAAO,QAAQ;AAAA,EAC7D,CAAC;AACH;","names":["user"]}
1
+ {"version":3,"sources":["../../../src/controllers/user.controller.ts"],"sourcesContent":["import type { User, UserAPI } from '@/types/user.types';\nimport { logger } from '@logger';\nimport type { ResponseWithSession } from '@middlewares/sessionAuth.middleware';\nimport { sendEmail } from '@services/email.service';\nimport * as userService from '@services/user.service';\nimport { type AppError, ErrorHandler } from '@utils/errors';\nimport type { FiltersAndPagination } from '@utils/filtersAndPagination/getFiltersAndPaginationFromBody';\nimport { getOrganizationFiltersAndPagination } from '@utils/filtersAndPagination/getOrganizationFiltersAndPagination';\nimport type { UserFiltersParam } from '@utils/filtersAndPagination/getUserFiltersAndPagination';\nimport { mapUsersToAPI, mapUserToAPI } from '@utils/mapper/user';\nimport { hasPermission } from '@utils/permissions';\nimport {\n formatPaginatedResponse,\n formatResponse,\n type PaginatedResponse,\n type ResponseData,\n} from '@utils/responseData';\nimport type { NextFunction, Request } from 'express';\nimport { t } from 'express-intlayer';\n\nexport type CreateUserBody = { email: string; password?: string };\nexport type CreateUserResult = ResponseData<UserAPI>;\n\n/**\n * Creates a new user.\n */\nexport const createUser = async (\n req: Request<any, any, User>,\n res: ResponseWithSession<CreateUserResult>,\n _next: NextFunction\n): Promise<void> => {\n const user: User | undefined = req.body;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n try {\n const newUser = await userService.createUser(user);\n\n await sendEmail({\n type: 'welcome',\n to: newUser.email,\n username: newUser.name,\n loginLink: `${process.env.CLIENT_URL}/auth/login`,\n });\n\n const formattedUser = mapUserToAPI(newUser);\n\n const responseData = formatResponse<UserAPI>({\n message: t({\n en: 'User created',\n fr: 'Utilisateur créé',\n es: 'Usuario creado',\n }),\n description: t({\n en: 'User created successfully',\n fr: 'Utilisateur créé avec succès',\n es: 'Usuario creado con éxito',\n }),\n data: formattedUser,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type GetUsersParams = FiltersAndPagination<UserFiltersParam>;\nexport type GetUsersResult = PaginatedResponse<UserAPI>;\n\n/**\n * Retrieves a list of users based on filters and pagination.\n */\nexport const getUsers = async (\n req: Request<GetUsersParams>,\n res: ResponseWithSession<GetUsersResult>,\n _next: NextFunction\n): Promise<void> => {\n const { user, roles } = res.locals;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n const { filters, pageSize, skip, page, getNumberOfPages } =\n getOrganizationFiltersAndPagination(req);\n\n try {\n const users = await userService.findUsers(filters, skip, pageSize);\n\n if (\n !hasPermission(\n roles,\n 'user:read'\n )({\n ...res.locals,\n targetUsers: users,\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n const totalItems = await userService.countUsers(filters);\n\n const formattedUsers = mapUsersToAPI(users);\n\n const responseData = formatPaginatedResponse<UserAPI>({\n data: formattedUsers,\n page,\n pageSize,\n totalPages: getNumberOfPages(totalItems),\n totalItems,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type GetUserByIdParams = { userId: string };\nexport type GetUserByIdResult = ResponseData<UserAPI>;\n\nexport const getUserById = async (\n req: Request<GetUserByIdParams>,\n res: ResponseWithSession<GetUserByIdResult>,\n _next: NextFunction\n): Promise<void> => {\n const { userId } = req.params;\n\n try {\n const user = await userService.getUserById(userId);\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n const formattedUser = mapUserToAPI(user);\n const responseData = formatResponse<UserAPI>({ data: formattedUser });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type GetUserByEmailParams = { email: string };\nexport type GetUserByEmailResult = ResponseData<UserAPI>;\n\nexport const getUserByEmail = async (\n req: Request<GetUserByEmailParams>,\n res: ResponseWithSession<GetUserByEmailResult>,\n _next: NextFunction\n): Promise<void> => {\n const { email } = req.params;\n const { roles } = res.locals;\n\n try {\n const user = await userService.getUserByEmail(email);\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (\n !hasPermission(\n roles,\n 'user:read'\n )({\n ...res.locals,\n targetUsers: [user],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n const formattedUser = mapUserToAPI(user);\n const responseData = formatResponse<UserAPI>({ data: formattedUser });\n\n res.json(responseData);\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type UpdateUserBody = Partial<User>;\nexport type UpdateUserResult = ResponseData<UserAPI>;\n\n/**\n * Updates user information (phone number, date of birth).\n */\nexport const updateUser = async (\n req: Request<any, any, UpdateUserBody | undefined>,\n res: ResponseWithSession<UpdateUserResult>,\n _next: NextFunction\n): Promise<void> => {\n const userData = req.body;\n const { user, roles } = res.locals;\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_DEFINED');\n return;\n }\n\n if (typeof userData !== 'object') {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_DATA_NOT_FOUND');\n return;\n }\n\n if (\n !hasPermission(\n roles,\n 'user:write'\n )({\n ...res.locals,\n targetUsers: [userData as User],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n try {\n const updatedUser = await userService.updateUserById(user.id, userData);\n\n logger.info(\n `User updated: Name: ${updatedUser.name}, id: ${String(updatedUser.id)}`\n );\n\n const formattedUser = mapUserToAPI(updatedUser);\n const responseData = formatResponse<UserAPI>({\n message: t({\n en: 'User updated',\n fr: 'Utilisateur mis à jour',\n es: 'Usuario actualizado',\n }),\n description: t({\n en: 'User updated successfully',\n fr: 'Utilisateur mis à jour avec succès',\n es: 'Usuario actualizado con éxito',\n }),\n data: formattedUser,\n });\n\n res.json(responseData);\n return;\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nexport type DeleteUserParams = { userId: string };\nexport type DeleteUserResult = ResponseData<UserAPI>;\n\n/**\n * Deletes a user based on the provided ID.\n */\nexport const deleteUser = async (\n req: Request<DeleteUserParams>,\n res: ResponseWithSession<DeleteUserResult>,\n _next: NextFunction\n): Promise<void> => {\n const { userId } = req.params;\n const { roles } = res.locals;\n\n try {\n const user = await userService.getUserById(userId);\n\n if (!user) {\n ErrorHandler.handleGenericErrorResponse(res, 'USER_NOT_FOUND');\n return;\n }\n\n if (\n !hasPermission(\n roles,\n 'user:admin'\n )({\n ...res.locals,\n targetUsers: [user],\n })\n ) {\n ErrorHandler.handleGenericErrorResponse(res, 'PERMISSION_DENIED');\n return;\n }\n\n await userService.deleteUser(userId);\n\n const formattedUser = mapUserToAPI(user);\n const responseData = formatResponse<UserAPI>({\n message: t({\n en: 'User deleted',\n fr: 'Utilisateur supprimé',\n es: 'Usuario eliminado',\n }),\n description: t({\n en: 'User deleted successfully',\n fr: 'Utilisateur supprimé avec succès',\n es: 'Usuario eliminado con éxito',\n }),\n data: formattedUser,\n });\n\n res.json(responseData);\n } catch (error) {\n ErrorHandler.handleAppErrorResponse(res, error as AppError);\n return;\n }\n};\n\nlet clients: Array<{ id: number; userId: string; res: ResponseWithSession }> =\n [];\n\nexport const sendVerificationUpdate = (user: User) => {\n const filteredClients = clients.filter(\n (client) => String(client.userId) === String(user.id)\n );\n\n for (const client of filteredClients) {\n if (user.emailVerified) {\n client.res.write(\n `data: ${JSON.stringify({ userId: user.id, status: 'verified' })}\\n\\n`\n );\n }\n }\n};\n\nexport type VerifyEmailStatusSSEParams = { userId: string };\n\n/**\n * SSE to check the email verification status\n */\nexport const verifyEmailStatusSSE = async (\n req: Request<VerifyEmailStatusSSEParams, any, any>,\n res: ResponseWithSession\n) => {\n // Set headers for SSE\n res.setHeader('Content-Type', 'text/event-stream;charset=utf-8');\n res.setHeader('Cache-Control', 'no-cache, no-transform');\n res.setHeader('Connection', 'keep-alive');\n res.setHeader('X-Accel-Buffering', 'no'); // For Nginx buffering\n\n // Send initial data to ensure the connection is open\n res.write(':\\n\\n'); // Comment to keep connection alive\n res.flushHeaders();\n\n const { userId } = req.params; // Get user ID from query parameters\n const clientId = Date.now();\n\n const user = await userService.getUserById(userId);\n\n if (!user) {\n logger.error(`User not found - User ID: ${userId}`);\n res.write(`data: ${JSON.stringify({ userId, status: 'error' })}\\n\\n`);\n res.end();\n return;\n }\n\n // Add client to the list\n const newClient = { id: clientId, userId, res };\n clients.push(newClient);\n\n sendVerificationUpdate(user);\n\n // Remove client on connection close\n req.on('close', () => {\n clients = clients.filter((client) => client.id !== clientId);\n });\n};\n"],"mappings":"AACA,SAAS,cAAc;AAEvB,SAAS,iBAAiB;AAC1B,YAAY,iBAAiB;AAC7B,SAAwB,oBAAoB;AAE5C,SAAS,2CAA2C;AAEpD,SAAS,eAAe,oBAAoB;AAC5C,SAAS,qBAAqB;AAC9B;AAAA,EACE;AAAA,EACA;AAAA,OAGK;AAEP,SAAS,SAAS;AAQX,MAAM,aAAa,OACxB,KACA,KACA,UACkB;AAClB,QAAM,OAAyB,IAAI;AAEnC,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI;AACF,UAAM,UAAU,MAAM,YAAY,WAAW,IAAI;AAEjD,UAAM,UAAU;AAAA,MACd,MAAM;AAAA,MACN,IAAI,QAAQ;AAAA,MACZ,UAAU,QAAQ;AAAA,MAClB,WAAW,GAAG,QAAQ,IAAI,UAAU;AAAA,IACtC,CAAC;AAED,UAAM,gBAAgB,aAAa,OAAO;AAE1C,UAAM,eAAe,eAAwB;AAAA,MAC3C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,WAAW,OACtB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,MAAM,IAAI,IAAI;AAE5B,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,QAAM,EAAE,SAAS,UAAU,MAAM,MAAM,iBAAiB,IACtD,oCAAoC,GAAG;AAEzC,MAAI;AACF,UAAM,QAAQ,MAAM,YAAY,UAAU,SAAS,MAAM,QAAQ;AAEjE,QACE,CAAC;AAAA,MACC;AAAA,MACA;AAAA,IACF,EAAE;AAAA,MACA,GAAG,IAAI;AAAA,MACP,aAAa;AAAA,IACf,CAAC,GACD;AACA,mBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,IACF;AAEA,UAAM,aAAa,MAAM,YAAY,WAAW,OAAO;AAEvD,UAAM,iBAAiB,cAAc,KAAK;AAE1C,UAAM,eAAe,wBAAiC;AAAA,MACpD,MAAM;AAAA,MACN;AAAA,MACA;AAAA,MACA,YAAY,iBAAiB,UAAU;AAAA,MACvC;AAAA,IACF,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAKO,MAAM,cAAc,OACzB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,OAAO,IAAI,IAAI;AAEvB,MAAI;AACF,UAAM,OAAO,MAAM,YAAY,YAAY,MAAM;AAEjD,QAAI,CAAC,MAAM;AACT,mBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,IACF;AAEA,UAAM,gBAAgB,aAAa,IAAI;AACvC,UAAM,eAAe,eAAwB,EAAE,MAAM,cAAc,CAAC;AAEpE,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAKO,MAAM,iBAAiB,OAC5B,KACA,KACA,UACkB;AAClB,QAAM,EAAE,MAAM,IAAI,IAAI;AACtB,QAAM,EAAE,MAAM,IAAI,IAAI;AAEtB,MAAI;AACF,UAAM,OAAO,MAAM,YAAY,eAAe,KAAK;AAEnD,QAAI,CAAC,MAAM;AACT,mBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,IACF;AAEA,QACE,CAAC;AAAA,MACC;AAAA,MACA;AAAA,IACF,EAAE;AAAA,MACA,GAAG,IAAI;AAAA,MACP,aAAa,CAAC,IAAI;AAAA,IACpB,CAAC,GACD;AACA,mBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,IACF;AAEA,UAAM,gBAAgB,aAAa,IAAI;AACvC,UAAM,eAAe,eAAwB,EAAE,MAAM,cAAc,CAAC;AAEpE,QAAI,KAAK,YAAY;AAAA,EACvB,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,aAAa,OACxB,KACA,KACA,UACkB;AAClB,QAAM,WAAW,IAAI;AACrB,QAAM,EAAE,MAAM,MAAM,IAAI,IAAI;AAE5B,MAAI,CAAC,MAAM;AACT,iBAAa,2BAA2B,KAAK,kBAAkB;AAC/D;AAAA,EACF;AAEA,MAAI,OAAO,aAAa,UAAU;AAChC,iBAAa,2BAA2B,KAAK,qBAAqB;AAClE;AAAA,EACF;AAEA,MACE,CAAC;AAAA,IACC;AAAA,IACA;AAAA,EACF,EAAE;AAAA,IACA,GAAG,IAAI;AAAA,IACP,aAAa,CAAC,QAAgB;AAAA,EAChC,CAAC,GACD;AACA,iBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,EACF;AAEA,MAAI;AACF,UAAM,cAAc,MAAM,YAAY,eAAe,KAAK,IAAI,QAAQ;AAEtE,WAAO;AAAA,MACL,uBAAuB,YAAY,IAAI,SAAS,OAAO,YAAY,EAAE,CAAC;AAAA,IACxE;AAEA,UAAM,gBAAgB,aAAa,WAAW;AAC9C,UAAM,eAAe,eAAwB;AAAA,MAC3C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AACrB;AAAA,EACF,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAQO,MAAM,aAAa,OACxB,KACA,KACA,UACkB;AAClB,QAAM,EAAE,OAAO,IAAI,IAAI;AACvB,QAAM,EAAE,MAAM,IAAI,IAAI;AAEtB,MAAI;AACF,UAAM,OAAO,MAAM,YAAY,YAAY,MAAM;AAEjD,QAAI,CAAC,MAAM;AACT,mBAAa,2BAA2B,KAAK,gBAAgB;AAC7D;AAAA,IACF;AAEA,QACE,CAAC;AAAA,MACC;AAAA,MACA;AAAA,IACF,EAAE;AAAA,MACA,GAAG,IAAI;AAAA,MACP,aAAa,CAAC,IAAI;AAAA,IACpB,CAAC,GACD;AACA,mBAAa,2BAA2B,KAAK,mBAAmB;AAChE;AAAA,IACF;AAEA,UAAM,YAAY,WAAW,MAAM;AAEnC,UAAM,gBAAgB,aAAa,IAAI;AACvC,UAAM,eAAe,eAAwB;AAAA,MAC3C,SAAS,EAAE;AAAA,QACT,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,aAAa,EAAE;AAAA,QACb,IAAI;AAAA,QACJ,IAAI;AAAA,QACJ,IAAI;AAAA,MACN,CAAC;AAAA,MACD,MAAM;AAAA,IACR,CAAC;AAED,QAAI,KAAK,YAAY;AAAA,EACvB,SAAS,OAAO;AACd,iBAAa,uBAAuB,KAAK,KAAiB;AAC1D;AAAA,EACF;AACF;AAEA,IAAI,UACF,CAAC;AAEI,MAAM,yBAAyB,CAAC,SAAe;AACpD,QAAM,kBAAkB,QAAQ;AAAA,IAC9B,CAAC,WAAW,OAAO,OAAO,MAAM,MAAM,OAAO,KAAK,EAAE;AAAA,EACtD;AAEA,aAAW,UAAU,iBAAiB;AACpC,QAAI,KAAK,eAAe;AACtB,aAAO,IAAI;AAAA,QACT,SAAS,KAAK,UAAU,EAAE,QAAQ,KAAK,IAAI,QAAQ,WAAW,CAAC,CAAC;AAAA;AAAA;AAAA,MAClE;AAAA,IACF;AAAA,EACF;AACF;AAOO,MAAM,uBAAuB,OAClC,KACA,QACG;AAEH,MAAI,UAAU,gBAAgB,iCAAiC;AAC/D,MAAI,UAAU,iBAAiB,wBAAwB;AACvD,MAAI,UAAU,cAAc,YAAY;AACxC,MAAI,UAAU,qBAAqB,IAAI;AAGvC,MAAI,MAAM,OAAO;AACjB,MAAI,aAAa;AAEjB,QAAM,EAAE,OAAO,IAAI,IAAI;AACvB,QAAM,WAAW,KAAK,IAAI;AAE1B,QAAM,OAAO,MAAM,YAAY,YAAY,MAAM;AAEjD,MAAI,CAAC,MAAM;AACT,WAAO,MAAM,6BAA6B,MAAM,EAAE;AAClD,QAAI,MAAM,SAAS,KAAK,UAAU,EAAE,QAAQ,QAAQ,QAAQ,CAAC,CAAC;AAAA;AAAA,CAAM;AACpE,QAAI,IAAI;AACR;AAAA,EACF;AAGA,QAAM,YAAY,EAAE,IAAI,UAAU,QAAQ,IAAI;AAC9C,UAAQ,KAAK,SAAS;AAEtB,yBAAuB,IAAI;AAG3B,MAAI,GAAG,SAAS,MAAM;AACpB,cAAU,QAAQ,OAAO,CAAC,WAAW,OAAO,OAAO,QAAQ;AAAA,EAC7D,CAAC;AACH;","names":[]}
package/dist/esm/emails/OAuthTokenCreatedEmail.mjs CHANGED
@@ -22,7 +22,7 @@ const OAuthTokenCreatedEmailEN = ({
22
22
  securityLogUrl,
23
23
  supportUrl
24
24
  }) => {
25
- const previewText = `A third-party OAuth application has been added to your Intlayer account`;
25
+ const previewText = `A third-party OAuth access key has been added to your Intlayer account`;
26
26
  return /* @__PURE__ */ jsxs(Html, { children: [
27
27
  /* @__PURE__ */ jsx(Head, {}),
28
28
  /* @__PURE__ */ jsx(Preview, { children: previewText }),
@@ -37,19 +37,17 @@ const OAuthTokenCreatedEmailEN = ({
37
37
  className: "mx-auto my-0"
38
38
  }
39
39
  ) }),
40
- /* @__PURE__ */ jsx(Heading, { className: "mx-0 my-[30px] p-0 text-center text-[24px] font-normal text-black", children: "A third-party OAuth application has been added to your account" }),
40
+ /* @__PURE__ */ jsx(Heading, { className: "mx-0 my-[30px] p-0 text-center text-[24px] font-normal text-black", children: "A third-party OAuth access key has been added to your account" }),
41
41
  /* @__PURE__ */ jsxs(Text, { className: "text-[14px] leading-[24px] text-black", children: [
42
42
  "Hey ",
43
43
  username,
44
44
  "!"
45
45
  ] }),
46
46
  /* @__PURE__ */ jsxs(Text, { className: "text-[14px] leading-[24px] text-black", children: [
47
- "A third-party OAuth application (",
47
+ "A third-party OAuth access key (",
48
48
  /* @__PURE__ */ jsx("strong", { children: applicationName }),
49
- ") with ",
50
- scopes.join(", "),
51
- " ",
52
- "scopes was recently authorized to access your account."
49
+ ") with the following permissions was recently authorized to access your account:",
50
+ /* @__PURE__ */ jsx("ul", { children: scopes.map((scope) => /* @__PURE__ */ jsx("li", { children: scope }, scope)) })
53
51
  ] }),
54
52
  /* @__PURE__ */ jsx(Section, { className: "my-[32px] text-center", children: /* @__PURE__ */ jsx(
55
53
  Button,