117 lines
3.9 KiB
TypeScript
117 lines
3.9 KiB
TypeScript
import { ForbiddenException, Injectable, NotFoundException } from "@nestjs/common";
|
|
import { InjectRepository } from "@nestjs/typeorm";
|
|
import { RoleType, Users } from "src/entities/users.entity";
|
|
import { Repository } from "typeorm";
|
|
import { CreateUserDto } from "./dto/create_user.dto";
|
|
import { UpdateUserDto } from "./dto/update_user.dto";
|
|
import * as bcrypt from 'bcrypt';
|
|
|
|
@Injectable()
|
|
export class UserService {
|
|
constructor(
|
|
@InjectRepository(Users)
|
|
private readonly usersRepository: Repository<Users>
|
|
) { }
|
|
|
|
// Création utilisateur
|
|
async createUser(dto: CreateUserDto, currentUser?: Users): Promise<Users> {
|
|
// Sécuriser le rôle
|
|
if (!currentUser || currentUser.role !== RoleType.SUPER_ADMIN) {
|
|
dto.role = RoleType.PARENT;
|
|
}
|
|
|
|
// Nettoyage / validation consentement photo
|
|
let consentDate: Date | undefined;
|
|
if (dto.consent_photo && dto.consent_photo_at) {
|
|
const parsed = new Date(dto.consent_photo_at);
|
|
if (!isNaN(parsed.getTime())) {
|
|
consentDate = parsed;
|
|
}
|
|
}
|
|
|
|
// Hash mot de passe
|
|
const salt = await bcrypt.genSalt();
|
|
const password_hash = await bcrypt.hash(dto.password, salt);
|
|
|
|
const entity = this.usersRepository.create({
|
|
email: dto.email,
|
|
password_hash,
|
|
first_name: dto.first_name,
|
|
last_name: dto.last_name,
|
|
role: dto.role,
|
|
status: dto.status,
|
|
gender: dto.gender,
|
|
phone: dto.phone,
|
|
address: dto.address,
|
|
photo_url: dto.photo_url,
|
|
consent_photo: dto.consent_photo ?? false,
|
|
consent_photo_at: consentDate,
|
|
must_change_password: dto.must_change_password ?? false
|
|
});
|
|
|
|
const saved = await this.usersRepository.save(entity);
|
|
return this.findOne(saved.id);
|
|
}
|
|
|
|
//Trouver tous les utilisateurs
|
|
async findAll(): Promise<Users[]> {
|
|
return this.usersRepository.find();
|
|
}
|
|
|
|
|
|
// Trouver utilisateur par condition
|
|
async findOneBy(where: Partial<Users>): Promise<Users | null> {
|
|
return this.usersRepository.findOne({ where });
|
|
}
|
|
|
|
// Trouver utilisateur par ID
|
|
async findOne(id: string): Promise<Users> {
|
|
const user = await this.usersRepository.findOne({ where: { id } });
|
|
if (!user) {
|
|
throw new NotFoundException('Utilisateur introuvable');
|
|
}
|
|
return user;
|
|
}
|
|
|
|
// Trouver utilisateur par email
|
|
async findByEmailOrNull(email: string): Promise<Users | null> {
|
|
return this.usersRepository.findOne({ where: { email } });
|
|
}
|
|
|
|
// Mettre à jour un utilisateur
|
|
async updateUser(id: string, dto: UpdateUserDto, currentUser: Users): Promise<Users> {
|
|
const user = await this.findOne(id);
|
|
|
|
// Interdire changement de rôle si pas super admin
|
|
if (dto.role && currentUser.role !== RoleType.SUPER_ADMIN) {
|
|
throw new ForbiddenException('Accès réservé aux super admins');
|
|
}
|
|
|
|
// Gestion du mot de passe
|
|
if (dto.password) {
|
|
const salt = await bcrypt.genSalt();
|
|
user.password_hash = await bcrypt.hash(dto.password, salt);
|
|
delete (dto as any).password;
|
|
}
|
|
|
|
// Conversion de la date de consentement
|
|
if (dto.consent_photo_at !== undefined) {
|
|
user.consent_photo_at = dto.consent_photo_at
|
|
? new Date(dto.consent_photo_at)
|
|
: undefined;
|
|
delete (dto as any).consent_photo_at;
|
|
}
|
|
|
|
Object.assign(user, dto);
|
|
return this.usersRepository.save(user);
|
|
}
|
|
|
|
// Supprimer un utilisateur
|
|
async remove(id: string): Promise<void> {
|
|
const result = await this.usersRepository.delete(id);
|
|
if (result.affected === 0) {
|
|
throw new NotFoundException('Utilisateur introuvable');
|
|
}
|
|
}
|
|
}
|