update user schema, limit rts to client users
This commit is contained in:
@@ -38,7 +38,7 @@ export async function listRtsHandler(req: FastifyRequest, res: FastifyReply) {
|
||||
const queryParams = req.query as PageQueryParams;
|
||||
|
||||
try {
|
||||
const rtsList = await listRts(queryParams, req.user.tenantId);
|
||||
const rtsList = await listRts(queryParams, req.user);
|
||||
return res.code(200).send(rtsList);
|
||||
} catch (err) {
|
||||
return err;
|
||||
|
||||
@@ -11,6 +11,7 @@ import { getFilterObject, getSortObject, PageQueryParams } from "../pagination";
|
||||
import { getUser } from "../user/user.service";
|
||||
import { orgModel } from "../organization/organization.schema";
|
||||
import { userModel } from "../user/user.schema";
|
||||
import mongoose from "mongoose";
|
||||
|
||||
export async function createRts(
|
||||
input: CreateRtsInput,
|
||||
@@ -18,36 +19,18 @@ export async function createRts(
|
||||
) {
|
||||
let defaultClient = null;
|
||||
const userInDb = await getUser(user.userId);
|
||||
if (userInDb && userInDb.defaultClient) {
|
||||
defaultClient = userInDb.defaultClient;
|
||||
if (userInDb && userInDb.orgId) {
|
||||
defaultClient = userInDb.orgId;
|
||||
}
|
||||
|
||||
if (!input.files) {
|
||||
return await rtsModel.create({
|
||||
...input,
|
||||
tenantId: user.tenantId,
|
||||
pid: generateId(),
|
||||
client: defaultClient,
|
||||
createdAt: new Date(),
|
||||
createdBy: user.userId ?? null,
|
||||
});
|
||||
} else {
|
||||
return await rtsModel.create({
|
||||
tenantId: user.tenantId,
|
||||
pid: generateId(),
|
||||
county: input.county,
|
||||
client: input.client,
|
||||
documents: [
|
||||
{
|
||||
files: input.files,
|
||||
createdAt: new Date(),
|
||||
createdBy: user.userId ?? null,
|
||||
},
|
||||
],
|
||||
createdAt: new Date(),
|
||||
createdBy: user.userId ?? null,
|
||||
});
|
||||
}
|
||||
return await rtsModel.create({
|
||||
...input,
|
||||
tenantId: user.tenantId,
|
||||
pid: generateId(),
|
||||
client: defaultClient,
|
||||
createdAt: new Date(),
|
||||
createdBy: user.userId ?? null,
|
||||
});
|
||||
}
|
||||
|
||||
export async function getRts(id: string, tenantId: string) {
|
||||
@@ -59,15 +42,22 @@ export async function getRts(id: string, tenantId: string) {
|
||||
.populate({ path: "assignedTo", select: "pid name avatar" });
|
||||
}
|
||||
|
||||
export async function listRts(params: PageQueryParams, tenantId: string) {
|
||||
export async function listRts(
|
||||
params: PageQueryParams,
|
||||
user: AuthenticatedUser
|
||||
) {
|
||||
const page = params.page || 1;
|
||||
const pageSize = params.pageSize || 10;
|
||||
const sortObj = getSortObject(params, rtsFields);
|
||||
const filterObj = getFilterObject(params) || [];
|
||||
|
||||
if (user.role === "client") {
|
||||
filterObj.push({ client: new mongoose.Types.ObjectId(user.orgId) });
|
||||
}
|
||||
|
||||
const rtsList = await rtsModel.aggregate([
|
||||
{
|
||||
$match: { $and: [{ tenantId: tenantId }, ...filterObj] },
|
||||
$match: { $and: [{ tenantId: user.tenantId }, ...filterObj] },
|
||||
},
|
||||
{
|
||||
$lookup: {
|
||||
|
||||
@@ -13,7 +13,7 @@ const userSchema = new mongoose.Schema({
|
||||
unique: true,
|
||||
required: true,
|
||||
},
|
||||
orgId: mongoose.Types.ObjectId,
|
||||
orgId: { type: mongoose.Types.ObjectId, ref: "organization" },
|
||||
firstName: String,
|
||||
lastName: String,
|
||||
name: String,
|
||||
@@ -28,10 +28,6 @@ const userSchema = new mongoose.Schema({
|
||||
type: String,
|
||||
required: true,
|
||||
},
|
||||
defaultClient: {
|
||||
type: mongoose.Types.ObjectId,
|
||||
ref: "organization",
|
||||
},
|
||||
passKeys: [new mongoose.Schema({}, { _id: false, strict: false })],
|
||||
challenge: new mongoose.Schema(
|
||||
{
|
||||
@@ -92,13 +88,19 @@ const updateUserInput = z.object({
|
||||
.optional(),
|
||||
avatar: z.string().url().optional(),
|
||||
role: z.enum(roles).optional(),
|
||||
defaultClient: z.string().optional(),
|
||||
orgId: z.string().optional(),
|
||||
});
|
||||
|
||||
const userResponse = z.object({
|
||||
_id: z.string(),
|
||||
pid: z.string(),
|
||||
orgId: z.string().optional(),
|
||||
orgId: z
|
||||
.object({
|
||||
_id: z.string(),
|
||||
pid: z.string(),
|
||||
name: z.string(),
|
||||
})
|
||||
.optional(),
|
||||
firstName: z.string().optional(),
|
||||
lastName: z.string().optional(),
|
||||
name: z.string().optional(),
|
||||
|
||||
@@ -54,12 +54,16 @@ export async function createUser(
|
||||
|
||||
export async function getUser(userId: string) {
|
||||
if (mongoose.Types.ObjectId.isValid(userId)) {
|
||||
return await userModel.findById(userId);
|
||||
return await userModel
|
||||
.findById(userId)
|
||||
.populate({ path: "orgId", select: "_id pid name" });
|
||||
}
|
||||
|
||||
return await userModel.findOne({
|
||||
$and: [{ pid: userId }],
|
||||
});
|
||||
return await userModel
|
||||
.findOne({
|
||||
$and: [{ pid: userId }],
|
||||
})
|
||||
.populate({ path: "orgId", select: "_id pid name" });
|
||||
}
|
||||
|
||||
export async function getUserByToken(token: string) {
|
||||
|
||||
Reference in New Issue
Block a user