From 01b40dd757c231d0d61c3854c1287b388992f906 Mon Sep 17 00:00:00 2001 From: Akhil Meka Date: Thu, 5 Jun 2025 10:24:00 +0530 Subject: [PATCH] filter users for clients --- src/user/user.controller.ts | 2 +- src/user/user.service.ts | 18 ++++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/src/user/user.controller.ts b/src/user/user.controller.ts index 3e5d401..c6b7e6e 100644 --- a/src/user/user.controller.ts +++ b/src/user/user.controller.ts @@ -84,7 +84,7 @@ export async function getUserHandler(req: FastifyRequest, res: FastifyReply) { export async function listUserHandler(req: FastifyRequest, res: FastifyReply) { try { - const users = await listUsers(req.user.tenantId); + const users = await listUsers(req.user); return res.code(200).send({ users: users }); } catch (err) { return err; diff --git a/src/user/user.service.ts b/src/user/user.service.ts index 80459c0..19d8bb8 100644 --- a/src/user/user.service.ts +++ b/src/user/user.service.ts @@ -120,9 +120,23 @@ export async function getUserByEmail(email: string) { return await userModel.findOne({ email: email }); } -export async function listUsers(tenantId: string) { +export async function listUsers(user: AuthenticatedUser) { + if (user.role === "client") { + return await userModel + .find({ + $and: [ + { tenantId: user.tenantId, orgId: user.orgId }, + { dev: { $ne: true } }, + ], + }) + .select( + "_id pid orgId firstName lastName name email role avatar status createdAt createdBy lastLogin" + ) + .populate({ path: "orgId", select: "_id pid name avatar" }); + } + return await userModel - .find({ $and: [{ tenantId: tenantId }, { dev: { $ne: true } }] }) + .find({ $and: [{ tenantId: user.tenantId }, { dev: { $ne: true } }] }) .select( "_id pid orgId firstName lastName name email role avatar status createdAt createdBy lastLogin" )