Skip to content

Commit

Permalink
Implement PUT user endpoint
Browse files Browse the repository at this point in the history
  • Loading branch information
sthuray committed Oct 3, 2024
1 parent 1a9b9ee commit 450976e
Show file tree
Hide file tree
Showing 3 changed files with 75 additions and 20 deletions.
24 changes: 20 additions & 4 deletions backend/typescript/middlewares/validators/userValidators.ts
Original file line number Diff line number Diff line change
Expand Up @@ -63,16 +63,32 @@ export const updateUserDtoValidator = async (
res: Response,
next: NextFunction,
) => {
if (!validatePrimitive(req.body.firstName, "string")) {
if (
req.body.firstName !== undefined &&
req.body.firstName !== null &&
!validatePrimitive(req.body.firstName, "string")
) {
return res.status(400).send(getApiValidationError("firstName", "string"));
}
if (!validatePrimitive(req.body.lastName, "string")) {
if (
req.body.lastName !== undefined &&
req.body.lastName !== null &&
!validatePrimitive(req.body.lastName, "string")
) {
return res.status(400).send(getApiValidationError("lastName", "string"));
}
if (!validatePrimitive(req.body.email, "string")) {
if (
req.body.email !== undefined &&
req.body.email !== null &&
!validatePrimitive(req.body.email, "string")
) {
return res.status(400).send(getApiValidationError("email", "string"));
}
if (!validatePrimitive(req.body.role, "string")) {
if (
req.body.role !== undefined &&
req.body.role !== null &&
!validatePrimitive(req.body.role, "string")
) {
return res.status(400).send(getApiValidationError("role", "string"));
}
if (
Expand Down
69 changes: 54 additions & 15 deletions backend/typescript/rest/userRoutes.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { Router } from "express";

import { isAuthorizedByRole } from "../middlewares/auth";
import { getAccessToken, isAuthorizedByRole } from "../middlewares/auth";
import {
createUserDtoValidator,
updateUserDtoValidator,
Expand Down Expand Up @@ -107,7 +107,7 @@ userRouter.post("/", createUserDtoValidator, async (req, res) => {
lastName: req.body.lastName,
email: req.body.email,
role: req.body.role ?? Role.VOLUNTEER,
status: req.body.status ?? UserStatus.ACTIVE, // TODO: make this default to inactive once user registration flow is done
status: UserStatus.INVITED, // TODO: make this default to inactive once user registration flow is done
skillLevel: req.body.skillLevel ?? null,
canSeeAllLogs: req.body.canSeeAllLogs ?? null,
canAssignUsersToTasks: req.body.canSeeAllUsers ?? null,
Expand All @@ -125,26 +125,65 @@ userRouter.post("/", createUserDtoValidator, async (req, res) => {

/* Update the user with the specified userId */
userRouter.put("/:userId", updateUserDtoValidator, async (req, res) => {
const userId = Number(req.params.userId);
if (Number.isNaN(userId)) {
res.status(400).json({ error: "Invalid user ID" });
return;
}

const accessToken = getAccessToken(req);
if (!accessToken) {
res.status(404).json({ error: "Access token not found" });
return;
}

try {
const userId = Number(req.params.userId);
if (Number.isNaN(userId)) {
res.status(400).json({ error: "Invalid user ID" });
const isBehaviourist = await authService.isAuthorizedByRole(
accessToken,
new Set([Role.ANIMAL_BEHAVIOURIST]),
);
const behaviouristUpdatableSet = new Set(["skillLevel"]);
if (isBehaviourist) {
const deniedFieldSet = Object.keys(req.body).filter((field) => {
return !behaviouristUpdatableSet.has(field);
});
if (deniedFieldSet.length > 0) {
const deniedFieldsString = "Not authorized to update field(s): ".concat(
deniedFieldSet.join(", "),
);
res.status(403).json({ error: deniedFieldsString });
return;
}
}
} catch (error: unknown) {
if (error instanceof NotFoundError) {
res.status(400).json({ error: getErrorMessage(error) });
} else {
res.status(500).json({ error: getErrorMessage(error) });
}
}

try {
const user: UserDTO = await userService.getUserById(String(userId));
const updatedUser = await userService.updateUserById(userId, {
firstName: req.body.firstName,
lastName: req.body.lastName,
email: req.body.email,
role: req.body.role,
status: req.body.status,
skillLevel: req.body.skillLevel ?? null,
canSeeAllLogs: req.body.canSeeAllLogs ?? null,
canAssignUsersToTasks: req.body.canSeeAllUsers ?? null,
phoneNumber: req.body.phoneNumber ?? null,
firstName: req.body.firstName ?? user.firstName,
lastName: req.body.lastName ?? user.lastName,
email: req.body.email ?? user.email,
role: req.body.role ?? user.role,
status: req.body.status ?? user.status,
skillLevel: req.body.skillLevel ?? user.skillLevel,
canSeeAllLogs: req.body.canSeeAllLogs ?? user.canSeeAllLogs,
canAssignUsersToTasks:
req.body.canAssignUsersToTasks ?? user.canAssignUsersToTasks,
phoneNumber: req.body.phoneNumber ?? user.phoneNumber,
});
res.status(200).json(updatedUser);
} catch (error: unknown) {
res.status(500).json({ error: getErrorMessage(error) });
if (error instanceof NotFoundError) {
res.status(400).json({ error: getErrorMessage(error) });
} else {
res.status(500).json({ error: getErrorMessage(error) });
}
}
});

Expand Down
2 changes: 1 addition & 1 deletion backend/typescript/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ export type UserDTO = {

export type CreateUserDTO = Omit<UserDTO, "id"> & { password: string };

export type UpdateUserDTO = Omit<UserDTO, "id">;
export type UpdateUserDTO = Partial<Omit<UserDTO, "id">>;

export type RegisterUserDTO = Omit<CreateUserDTO, "role">;

Expand Down

0 comments on commit 450976e

Please sign in to comment.