diff --git a/apps/backend/src/app/app.module.ts b/apps/backend/src/app/app.module.ts index 77876a4..4b83f9c 100644 --- a/apps/backend/src/app/app.module.ts +++ b/apps/backend/src/app/app.module.ts @@ -10,7 +10,7 @@ import { PluralNamingStrategy } from '../strategies/plural-naming.strategy'; imports: [ TypeOrmModule.forRoot({ type: 'mongodb', - host: 'localhost', + host: '127.0.0.1', port: 27017, database: 'c4cOpsTest', // username: 'root', diff --git a/apps/backend/src/users/user.entity.ts b/apps/backend/src/users/user.entity.ts index 37de38a..170da0d 100644 --- a/apps/backend/src/users/user.entity.ts +++ b/apps/backend/src/users/user.entity.ts @@ -1,5 +1,6 @@ +import { IsEmail, IsUrl } from 'class-validator'; import { Entity, Column } from 'typeorm'; -import { Status, Role, Team } from './types'; +import { Role, Status, Team } from './types'; @Entity() export class User { @@ -16,12 +17,14 @@ export class User { lastName: string; @Column() + @IsEmail() email: string; @Column() profilePicture: string | null; @Column() + @IsUrl() linkedin: string | null; @Column() diff --git a/apps/backend/src/users/users.controller.ts b/apps/backend/src/users/users.controller.ts index b2af31d..f0fa88f 100644 --- a/apps/backend/src/users/users.controller.ts +++ b/apps/backend/src/users/users.controller.ts @@ -1,13 +1,13 @@ import { DefaultValuePipe, ParseBoolPipe, + ParseIntPipe, Query, Body, Controller, Get, Param, Patch, - ParseIntPipe, } from '@nestjs/common'; import { UpdateUserDTO } from './update-user.dto'; import { UsersService } from './users.service'; @@ -25,6 +25,11 @@ export class UsersController { return this.usersService.findAll(getAllMembers); } + @Get('/:userId') + getUser(@Param('userId', ParseIntPipe) userId: number) { + return this.usersService.findOne(userId); + } + @Patch(':userId') async updateUser( @Body() updateUserDTO: UpdateUserDTO, diff --git a/apps/backend/src/users/users.service.ts b/apps/backend/src/users/users.service.ts index fda60fb..4af72a5 100644 --- a/apps/backend/src/users/users.service.ts +++ b/apps/backend/src/users/users.service.ts @@ -1,6 +1,6 @@ import { - Injectable, BadRequestException, + Injectable, UnauthorizedException, } from '@nestjs/common'; import { InjectRepository } from '@nestjs/typeorm'; @@ -35,6 +35,39 @@ export class UsersService { return users; } + async findOne(userId: number) { + const user = await this.usersRepository.findOneBy({ userId }); + + if (!user) { + throw new BadRequestException('User not found'); + } + + const currentUser = getCurrentUser(); + + const currentStatus = currentUser.status; + const targetStatus = user.status; + switch (currentStatus) { + //admin can access all users + case Status.ADMIN: + break; + //recruiter can access applicant, and themselves + case Status.RECRUITER: + if (targetStatus == Status.APPLICANT) { + break; + } else if (currentUser.userId !== user.userId) { + throw new BadRequestException('User not found'); + } + break; + //everyone else can only access themselves + default: + if (currentUser.userId !== user.userId) { + throw new BadRequestException('User not found'); + } + } + + return user; + } + async updateUser( updateUserDTO: UpdateUserDTO, userId: number, diff --git a/apps/backend/src/users/utils.ts b/apps/backend/src/users/utils.ts index 81af708..05edd0f 100644 --- a/apps/backend/src/users/utils.ts +++ b/apps/backend/src/users/utils.ts @@ -2,7 +2,7 @@ import { Status } from './types'; import { User } from './user.entity'; export const getCurrentUser = (): User => ({ - userId: 999, + userId: 1, status: Status.ADMIN, firstName: 'jimmy', lastName: 'jimmy2',