Adding the users' crud endpoints

apps/backend/prisma/migrations/20240811135842_dev/migration.sql

@@ -0,0 +1,90 @@
+-- CreateEnum
+CREATE TYPE "Role" AS ENUM ('BODY_ADMIN', 'BODY_MEMBER', 'USER');
+
+-- CreateEnum
+CREATE TYPE "ApplicationStatus" AS ENUM ('SUBMITTED', 'ACCEPTED', 'REJECTED', 'NEEDS_REVIEW', 'FINISHED');
+
+-- CreateTable
+CREATE TABLE "User" (
+    "authSchId" TEXT NOT NULL,
+    "fullName" TEXT NOT NULL,
+    "nickName" TEXT NOT NULL,
+    "role" "Role" NOT NULL DEFAULT 'USER',
+    "neptun" TEXT,
+    "email" TEXT,
+    "isSchResident" BOOLEAN NOT NULL,
+    "isActiveVikStudent" BOOLEAN NOT NULL,
+    "roomNumber" INTEGER,
+    "profileImage" BYTEA,
+    "canHelpNoobs" BOOLEAN NOT NULL DEFAULT false,
+    "publicDesc" TEXT,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+    "profileSeenAt" TIMESTAMP(3),
+
+    CONSTRAINT "User_pkey" PRIMARY KEY ("authSchId")
+);
+
+-- CreateTable
+CREATE TABLE "ApplicationPeriod" (
+    "id" SERIAL NOT NULL,
+    "name" TEXT NOT NULL,
+    "applicationPeriodStartAt" TIMESTAMP(3) NOT NULL,
+    "applicationPeriodEndAt" TIMESTAMP(3) NOT NULL,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+    "ticketsAreValid" BOOLEAN NOT NULL DEFAULT false,
+    "authorId" TEXT NOT NULL,
+
+    CONSTRAINT "ApplicationPeriod_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "Application" (
+    "id" SERIAL NOT NULL,
+    "userId" TEXT NOT NULL,
+    "applicationPeriodId" INTEGER NOT NULL,
+    "status" "ApplicationStatus" NOT NULL DEFAULT 'SUBMITTED',
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "Application_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "Post" (
+    "id" SERIAL NOT NULL,
+    "title" TEXT NOT NULL,
+    "content" TEXT NOT NULL,
+    "preview" TEXT NOT NULL,
+    "visible" BOOLEAN NOT NULL DEFAULT true,
+    "authorId" TEXT NOT NULL,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "Post_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_neptun_key" ON "User"("neptun");
+
+-- CreateIndex
+CREATE INDEX "ApplicationPeriod_authorId_idx" ON "ApplicationPeriod"("authorId");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Application_userId_applicationPeriodId_key" ON "Application"("userId", "applicationPeriodId");
+
+-- CreateIndex
+CREATE INDEX "Post_authorId_idx" ON "Post"("authorId");
+
+-- AddForeignKey
+ALTER TABLE "ApplicationPeriod" ADD CONSTRAINT "ApplicationPeriod_authorId_fkey" FOREIGN KEY ("authorId") REFERENCES "User"("authSchId") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "Application" ADD CONSTRAINT "Application_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User"("authSchId") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "Application" ADD CONSTRAINT "Application_applicationPeriodId_fkey" FOREIGN KEY ("applicationPeriodId") REFERENCES "ApplicationPeriod"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "Post" ADD CONSTRAINT "Post_authorId_fkey" FOREIGN KEY ("authorId") REFERENCES "User"("authSchId") ON DELETE RESTRICT ON UPDATE CASCADE;

apps/backend/src/main.ts

@@ -6,6 +6,12 @@ import { AppModule } from './app.module';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
+  app.useGlobalPipes(
+    new ValidationPipe({
+      whitelist: true,
+      forbidNonWhitelisted: true,
+    })
+  );
   app.enableCors({
     origin: [process.env.FRONTEND_URL, 'http://localhost:3000'],
     methods: ['GET', 'POST', 'PATCH', 'DELETE', 'PUT'],

apps/backend/src/user/dto/update-user-admin.dto.ts

@@ -0,0 +1,27 @@
+import { IsBoolean, IsEmail, IsNumber, IsOptional, IsString } from 'class-validator';
+
+export class UpdateUserAdminDto {
+  @IsString()
+  @IsOptional()
+  nickName: string;
+
+  @IsBoolean()
+  @IsOptional()
+  isSchResident: boolean;
+
+  @IsNumber()
+  @IsOptional()
+  roomNumber: number;
+
+  @IsEmail()
+  @IsOptional()
+  email: string;
+
+  @IsBoolean()
+  @IsOptional()
+  canHelpNoobs: boolean;
+
+  @IsString()
+  @IsOptional()
+  publicDesc: string;
+}

apps/backend/src/user/dto/update-user.dto.ts

@@ -0,0 +1,19 @@
+import { IsBoolean, IsEmail, IsNumber, IsOptional, IsString } from 'class-validator';
+
+export class UpdateUserDto {
+  @IsString()
+  @IsOptional()
+  nickName: string;
+
+  @IsBoolean()
+  @IsOptional()
+  isSchResident: boolean;
+
+  @IsNumber()
+  @IsOptional()
+  roomNumber: number;
+
+  @IsEmail()
+  @IsOptional()
+  email: string;
+}

apps/backend/src/user/user.controller.ts

@@ -1,8 +1,49 @@
-import { Controller } from '@nestjs/common';
+import { CurrentUser } from '@kir-dev/passport-authsch';
+import { Body, Controller, Get, Param, ParseIntPipe, Patch, Query, UseGuards } from '@nestjs/common';
+import { AuthGuard } from '@nestjs/passport';
+import { Role } from '@prisma/client';
 
+import { Roles } from '../auth/decorators/Roles.decorator';
+import { RolesGuard } from '../auth/roles.guard';
+import { UpdateUserDto } from './dto/update-user.dto';
+import { UserEntity } from './entities/user.entity';
 import { UserService } from './user.service';
 
-@Controller('user')
+@Controller('users')
 export class UserController {
   constructor(private readonly userService: UserService) {}
+
+  @Get()
+  @UseGuards(AuthGuard('jwt'), RolesGuard)
+  @Roles(Role.BODY_ADMIN, Role.BODY_MEMBER)
+  async findAll(@Query('page', ParseIntPipe) page: number = 1, @Query('pageSize', ParseIntPipe) pageSize: number = 10) {
+    return this.userService.findMany(page, pageSize);
+  }
+
+  @Get('me')
+  @UseGuards(AuthGuard('jwt'))
+  async getCurrentUser(@CurrentUser() user: UserEntity) {
+    return user;
+  }
+
+  @Patch('me')
+  @UseGuards(AuthGuard('jwt'))
+  @Roles(Role.BODY_ADMIN, Role.BODY_MEMBER, Role.USER)
+  async updateCurrentUser(@Body() updateUserDto: UpdateUserDto, @CurrentUser() user: UserEntity) {
+    return this.userService.update(user.authSchId, updateUserDto);
+  }
+
+  @Get(':id')
+  @UseGuards(AuthGuard('jwt'), RolesGuard)
+  @Roles(Role.BODY_ADMIN, Role.BODY_MEMBER)
+  async findOne(@Param('id') id: string) {
+    return this.userService.findOne(id);
+  }
+
+  @Patch(':id')
+  @UseGuards(AuthGuard('jwt'), RolesGuard)
+  @Roles(Role.BODY_ADMIN, Role.BODY_MEMBER)
+  async update(@Param('id') id: string, @Body() updateUserDto: UpdateUserDto) {
+    return this.userService.update(id, updateUserDto);
+  }
 }

apps/backend/src/user/user.service.ts

@@ -1,4 +1,63 @@
-import { Injectable } from '@nestjs/common';
+import { BadRequestException, Injectable, NotFoundException } from '@nestjs/common';
+import { PrismaService } from 'nestjs-prisma';
+
+import { UpdateUserDto } from './dto/update-user.dto';
+import { UserEntity } from './entities/user.entity';
 
 @Injectable()
-export class UserService {}
+export class UserService {
+  constructor(private readonly prisma: PrismaService) {}
+
+  async findOne(id: string): Promise<UserEntity> {
+    const user = this.prisma.user.findUnique({
+      where: { authSchId: id },
+    });
+
+    if (user === null) {
+      throw new NotFoundException(`User with id ${id} not found`);
+    }
+
+    return user;
+  }
+
+  async findMany(
+    page: number,
+    pageSize: number
+  ): Promise<{ users: UserEntity[]; pageNumber: number; totalUsers: number }> {
+    const [totalUsers, users] = await Promise.all([
+      this.prisma.user.count(),
+      this.prisma.user.findMany({
+        orderBy: { fullName: 'asc' },
+        skip: (page - 1) * pageSize,
+        take: pageSize,
+      }),
+    ]);
+
+    return {
+      users,
+      pageNumber: page,
+      totalUsers,
+    };
+  }
+
+  async update(id: string, updateUserDto: UpdateUserDto): Promise<UserEntity> {
+    const user = await this.prisma.user.findUnique({ where: { authSchId: id } });
+
+    if (user === null) {
+      throw new NotFoundException(`User with id ${id} not found`);
+    } else if (user.isSchResident === false && updateUserDto.roomNumber) {
+      throw new BadRequestException('Non-resident users cannot have a room number');
+    }
+
+    return this.prisma.user.update({ where: { authSchId: id }, data: updateUserDto });
+  }
+
+  // TODO maybe remove it? currently not used (could be useful later)
+  async delete(id: string): Promise<UserEntity> {
+    try {
+      return this.prisma.user.delete({ where: { authSchId: id } });
+    } catch (error) {
+      throw new NotFoundException(`User with id ${id} not found`);
+    }
+  }
+}

yarn.lock

@@ -5516,7 +5516,7 @@ streamsearch@^1.1.0:
   resolved "https://registry.yarnpkg.com/streamsearch/-/streamsearch-1.1.0.tgz#404dd1e2247ca94af554e841a8ef0eaa238da764"
   integrity sha512-Mcc5wHehp9aXz1ax6bZUyY5afg9u2rv5cqQI3mRrYkGC8rW2hM02jWuwjtL++LS5qinSyhj2QfLyNsuc+VsExg==
 
-"string-width-cjs@npm:string-width@^4.2.0":
+"string-width-cjs@npm:string-width@^4.2.0", string-width@^4.2.0, string-width@^4.2.3:
   version "4.2.3"
   resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010"
   integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==
@@ -5534,15 +5534,6 @@ string-width@^4.1.0:
     is-fullwidth-code-point "^3.0.0"
     strip-ansi "^5.2.0"
 
-string-width@^4.2.0, string-width@^4.2.3:
-  version "4.2.3"
-  resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010"
-  integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==
-  dependencies:
-    emoji-regex "^8.0.0"
-    is-fullwidth-code-point "^3.0.0"
-    strip-ansi "^6.0.1"
-
 string-width@^5.0.1, string-width@^5.1.2:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/string-width/-/string-width-5.1.2.tgz#14f8daec6d81e7221d2a357e668cab73bdbca794"
@@ -5628,7 +5619,7 @@ string_decoder@~1.1.1:
   dependencies:
     safe-buffer "~5.1.0"
 
-"strip-ansi-cjs@npm:strip-ansi@^6.0.1":
+"strip-ansi-cjs@npm:strip-ansi@^6.0.1", strip-ansi@^6.0.0, strip-ansi@^6.0.1:
   version "6.0.1"
   resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9"
   integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==
@@ -5642,13 +5633,6 @@ strip-ansi@^5.2.0:
   dependencies:
     ansi-regex "^4.1.0"
 
-strip-ansi@^6.0.0, strip-ansi@^6.0.1:
-  version "6.0.1"
-  resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9"
-  integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==
-  dependencies:
-    ansi-regex "^5.0.1"
-
 strip-ansi@^7.0.1:
   version "7.1.0"
   resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-7.1.0.tgz#d5b6568ca689d8561370b0707685d22434faff45"