add organization access to clients

2025-05-06 17:25:13 +05:30
parent 67c637d6da
commit d6d25004b9
6 changed files with 65 additions and 14 deletions
--- a/src/user/user.controller.ts
+++ b/src/user/user.controller.ts
@@ -80,7 +80,7 @@ export async function updateUserHandler(
  const { userId } = req.params as { userId: string };

  try {
-    const updatedUser = await updateUser(userId, input);
+    const updatedUser = await updateUser(userId, input, req.user);
    if (!updateUser) return res.code(404).send({ error: "resource not found" });

    return res.code(200).send(updatedUser);
--- a/src/user/user.service.ts
+++ b/src/user/user.service.ts
@@ -13,7 +13,10 @@ export async function createUser(
  input: CreateUserInput,
  user: AuthenticatedUser
 ) {
-  if (input.role == "admin" && user.role != "superAdmin") {
+  if (
+    input.role === "superAdmin" ||
+    (input.role == "admin" && user.role != "superAdmin")
+  ) {
    throw ErrOpNotValid;
  }

@@ -82,7 +85,30 @@ export async function listUsers(tenantId: string) {
    );
 }

-export async function updateUser(userId: string, input: UpdateUserInput) {
+export async function updateUser(
+  userId: string,
+  input: UpdateUserInput,
+  user: AuthenticatedUser
+) {
+  if (
+    input.role === "superAdmin" ||
+    (input.role == "admin" && user.role != "superAdmin")
+  ) {
+    throw ErrOpNotValid;
+  }
+  return await userModel
+    .findOneAndUpdate({ pid: userId }, input, {
+      new: true,
+    })
+    .select(
+      "_id pid orgId firstName lastName name email role avatar status createdAt createdBy lastLogin"
+    );
+}
+
+export async function updateUserInternal(
+  userId: string,
+  input: UpdateUserInput
+) {
  return await userModel
    .findOneAndUpdate({ pid: userId }, input, {
      new: true,