move api/server to api/edge/bff
This commit is contained in:
Stephan D
83
api/edge/bff/internal/server/accountapiimp/empupdate.go
Normal file
83
api/edge/bff/internal/server/accountapiimp/empupdate.go
Normal file
@@ -0,0 +1,83 @@
|
||||
package accountapiimp
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"net/http"
|
||||
|
||||
"github.com/tech/sendico/pkg/api/http/response"
|
||||
"github.com/tech/sendico/pkg/merrors"
|
||||
"github.com/tech/sendico/pkg/model"
|
||||
"github.com/tech/sendico/pkg/mservice"
|
||||
"github.com/tech/sendico/pkg/mutil/mzap"
|
||||
"github.com/tech/sendico/server/interface/api/sresponse"
|
||||
"go.uber.org/zap"
|
||||
)
|
||||
|
||||
func (a *AccountAPI) updateEmployee(r *http.Request, account *model.Account, token *sresponse.TokenData) http.HandlerFunc {
|
||||
orgRef, err := a.getCurrentOrganizationRef(r)
|
||||
if err != nil {
|
||||
a.logger.Warn("Failed to get current organization", zap.Error(err), mzap.StorableRef(account))
|
||||
return response.BadRequest(a.logger, a.Name(), "invalid_organization_context", "Invalid organization context")
|
||||
}
|
||||
|
||||
// Validate user input
|
||||
var u model.AccountPublic
|
||||
if err := json.NewDecoder(r.Body).Decode(&u); err != nil {
|
||||
a.logger.Warn("Failed to decide profile update", zap.Error(err))
|
||||
return response.Internal(a.logger, a.Name(), err)
|
||||
}
|
||||
|
||||
ctx := r.Context()
|
||||
res, err := a.enf.Enforce(ctx, a.accountsPermissionRef, account.ID, orgRef, u.ID, model.ActionUpdate)
|
||||
if err != nil {
|
||||
a.logger.Warn("Failed to check employee update permission", zap.Error(err), mzap.StorableRef(account), mzap.ObjRef("employee_ref", u.ID))
|
||||
return response.Auto(a.logger, a.Name(), err)
|
||||
}
|
||||
if !res {
|
||||
a.logger.Debug("Permission deined for employee update", mzap.StorableRef(account), mzap.ObjRef("employee_ref", u.ID))
|
||||
return response.Auto(a.logger, a.Name(), merrors.AccessDenied(mservice.Accounts, string(model.ActionUpdate), u.ID))
|
||||
}
|
||||
|
||||
if u.Login == "" {
|
||||
a.logger.Debug("No email in request")
|
||||
return a.reportEmailMissing()
|
||||
}
|
||||
if u.Name == "" {
|
||||
a.logger.Debug("No name in request")
|
||||
return response.BadRequest(a.logger, a.Name(), "name_missing", "name is required")
|
||||
}
|
||||
|
||||
var acc model.Account
|
||||
if err := a.db.Get(ctx, u.ID, &acc); err != nil {
|
||||
a.logger.Warn("Failed to fetch employee account", zap.Error(err), mzap.ObjRef("employee_ref", u.ID))
|
||||
return response.Auto(a.logger, a.Name(), err)
|
||||
}
|
||||
if acc.Login != u.Login {
|
||||
// Change email address
|
||||
verificationToken, err := a.accService.UpdateLogin(ctx, &acc, u.Login)
|
||||
if err != nil {
|
||||
if errors.Is(err, merrors.ErrDataConflict) {
|
||||
a.logger.Debug("Duplicate login, denying change...", zap.Error(err), mzap.ObjRef("employee_ref", u.ID))
|
||||
return a.reportDuplicateEmail()
|
||||
}
|
||||
a.logger.Warn("Error while updating login", zap.Error(err), mzap.ObjRef("employee_ref", u.ID))
|
||||
return response.Internal(a.logger, a.Name(), err)
|
||||
}
|
||||
|
||||
// Send verification email
|
||||
if err = a.sendWelcomeEmail(&acc, verificationToken); err != nil {
|
||||
a.logger.Warn("Failed to send verification email", zap.Error(err), mzap.StorableRef(&acc))
|
||||
return response.Internal(a.logger, a.Name(), err)
|
||||
}
|
||||
} else {
|
||||
// Save the user
|
||||
acc.AccountPublic = u
|
||||
if err = a.db.Update(ctx, &acc); err != nil {
|
||||
a.logger.Warn("Failed to save account", zap.Error(err), mzap.StorableRef(&acc))
|
||||
return response.Internal(a.logger, a.Name(), err)
|
||||
}
|
||||
}
|
||||
|
||||
return sresponse.Account(a.logger, &acc, token)
|
||||
}
|
||||
Reference in New Issue
Block a user