From 8b83702bd21ea061667fb4b75b268cd9ec81942f Mon Sep 17 00:00:00 2001
From: Julien Martin <julien.martin@ptits-pas.fr>
Date: Thu, 26 Feb 2026 10:37:22 +0100
Subject: [PATCH] feat(#25): API GET /users/pending - liste comptes en attente
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- UserController: endpoint GET /users/pending (rôles SUPER_ADMIN, ADMINISTRATEUR, GESTIONNAIRE)
- UserService: findPendingUsers(role?) avec filtre statut EN_ATTENTE
- GestionnairesService: retrait date_consentement_photo (non présent dans DTO)

Made-with: Cursor
---
 .../user/gestionnaires/gestionnaires.service.ts      |  8 +-------
 backend/src/routes/user/user.controller.ts           | 12 +++++++++++-
 backend/src/routes/user/user.service.ts              |  8 ++++++++
 3 files changed, 20 insertions(+), 8 deletions(-)

diff --git a/backend/src/routes/user/gestionnaires/gestionnaires.service.ts b/backend/src/routes/user/gestionnaires/gestionnaires.service.ts
index 45ccaf0..efa795d 100644
--- a/backend/src/routes/user/gestionnaires/gestionnaires.service.ts
+++ b/backend/src/routes/user/gestionnaires/gestionnaires.service.ts
@@ -91,13 +91,7 @@ export class GestionnairesService {
       gestionnaire.password = await bcrypt.hash(dto.password, salt);
     }
 
-    if (dto.date_consentement_photo !== undefined) {
-      gestionnaire.date_consentement_photo = dto.date_consentement_photo
-        ? new Date(dto.date_consentement_photo)
-        : undefined;
-    }
-
-    const { password, date_consentement_photo, ...rest } = dto;
+    const { password, ...rest } = dto;
     Object.entries(rest).forEach(([key, value]) => {
       if (value !== undefined) {
         (gestionnaire as any)[key] = value;
diff --git a/backend/src/routes/user/user.controller.ts b/backend/src/routes/user/user.controller.ts
index f5fc93f..84682bc 100644
--- a/backend/src/routes/user/user.controller.ts
+++ b/backend/src/routes/user/user.controller.ts
@@ -1,4 +1,4 @@
-import { Body, Controller, Delete, Get, Param, Patch, Post, UseGuards } from '@nestjs/common';
+import { Body, Controller, Delete, Get, Param, Patch, Post, Query, UseGuards } from '@nestjs/common';
 import { ApiBearerAuth, ApiOperation, ApiParam, ApiResponse, ApiTags } from '@nestjs/swagger';
 import { AuthGuard } from 'src/common/guards/auth.guard';
 import { Roles } from 'src/common/decorators/roles.decorator';
@@ -38,6 +38,16 @@ export class UserController {
     return this.userService.createUser(dto, currentUser);
   }
 
+  // Lister les utilisateurs en attente de validation
+  @Get('pending')
+  @Roles(RoleType.SUPER_ADMIN, RoleType.ADMINISTRATEUR, RoleType.GESTIONNAIRE)
+  @ApiOperation({ summary: 'Lister les utilisateurs en attente de validation' })
+  findPendingUsers(
+    @Query('role') role?: RoleType
+  ) {
+    return this.userService.findPendingUsers(role);
+  }
+
   // Lister tous les utilisateurs (super_admin uniquement)
   @Get()
   @Roles(RoleType.SUPER_ADMIN, RoleType.ADMINISTRATEUR)
diff --git a/backend/src/routes/user/user.service.ts b/backend/src/routes/user/user.service.ts
index b8a88e0..69ccaac 100644
--- a/backend/src/routes/user/user.service.ts
+++ b/backend/src/routes/user/user.service.ts
@@ -132,6 +132,14 @@ export class UserService {
         return this.usersRepository.save(entity);
     }
 
+    async findPendingUsers(role?: RoleType): Promise<Users[]> {
+        const where: any = { statut: StatutUtilisateurType.EN_ATTENTE };
+        if (role) {
+            where.role = role;
+        }
+        return this.usersRepository.find({ where });
+    }
+
     async findAll(): Promise<Users[]> {
         return this.usersRepository.find();
     }