Feature/1511 1414 fix user profile bugs (#219)

fcv-iteratorIt · web-flow · commit b90293309748 · 2023-09-28T07:59:08.000+02:00
* (IOT-1511) Fix userprofiles not showing on details * (IOT-1502) Include permission type when fetching user * (IOT-1502) Updated max values and error text for service profile data rate (#220)
diff --git a/src/controllers/user-management/new-kombit-creation.controller.ts b/src/controllers/user-management/new-kombit-creation.controller.ts
@@ -165,11 +165,7 @@ export class NewKombitCreationController {
         try {
             // Don't leak the passwordHash
             // eslint-disable-next-line @typescript-eslint/no-unused-vars
-            const { passwordHash, ...user } = await this.userService.findOne(
-                id,
-                getExtendedInfo,
-                getExtendedInfo
-            );
+            const { passwordHash, ...user } = await this.userService.findOne(id, getExtendedInfo);
 
             return user;
         } catch (err) {
diff --git a/src/controllers/user-management/user.controller.ts b/src/controllers/user-management/user.controller.ts
@@ -33,7 +33,11 @@ import { CreateUserDto } from "@dto/user-management/create-user.dto";
 import { UpdateUserDto } from "@dto/user-management/update-user.dto";
 import { UserResponseDto } from "@dto/user-response.dto";
 import { ErrorCodes } from "@entities/enum/error-codes.enum";
-import { checkIfUserIsGlobalAdmin, checkIfUserHasAccessToOrganization, OrganizationAccessScope } from "@helpers/security-helper";
+import {
+    checkIfUserIsGlobalAdmin,
+    checkIfUserHasAccessToOrganization,
+    OrganizationAccessScope,
+} from "@helpers/security-helper";
 import { UserService } from "@services/user-management/user.service";
 import { ListAllUsersResponseDto } from "@dto/list-all-users-response.dto";
 import { ListAllUsersMinimalResponseDto } from "@dto/list-all-users-minimal-response.dto";
@@ -56,7 +60,7 @@ export class UserController {
     constructor(
         private userService: UserService,
         private organizationService: OrganizationService
-    ) { }
+    ) {}
 
     private readonly logger = new Logger(UserController.name);
 
@@ -111,7 +115,11 @@ export class UserController {
         @Req() req: AuthenticatedRequest,
         @Body() body: RejectUserDto
     ): Promise<Organization> {
-        checkIfUserHasAccessToOrganization(req, body.orgId, OrganizationAccessScope.UserAdministrationWrite);
+        checkIfUserHasAccessToOrganization(
+            req,
+            body.orgId,
+            OrganizationAccessScope.UserAdministrationWrite
+        );
 
         const user = await this.userService.findOne(body.userIdToReject);
         const organization = await this.organizationService.findByIdWithUsers(body.orgId);
@@ -130,17 +138,22 @@ export class UserController {
             // Verify that we have admin access to the user and that the user is on an organization
             const dbUser = await this.userService.findOneWithOrganizations(id);
 
-            // Requesting user has to be admin for at least one organization containing the user 
+            // Requesting user has to be admin for at least one organization containing the user
             // _OR_ be global admin
-            if (!req.user.permissions.isGlobalAdmin && !dbUser.permissions.some(perm => req.user.permissions.hasUserAdminOnOrganization(perm.organization.id))) {
+            if (
+                !req.user.permissions.isGlobalAdmin &&
+                !dbUser.permissions.some(perm =>
+                    req.user.permissions.hasUserAdminOnOrganization(perm.organization.id)
+                )
+            ) {
                 throw new ForbiddenException();
-            }                      
-            
+            }
+
             // Only a global admin can modify a global admin user
             if (dto.globalAdmin) {
                 checkIfUserIsGlobalAdmin(req);
             }
-            
+
             // Don't leak the passwordHash
             const { passwordHash: _, ...user } = await this.userService.updateUser(
                 id,
@@ -176,7 +189,7 @@ export class UserController {
             req.user.username
         );
 
-        return wasOk
+        return wasOk;
     }
 
     @Get("/awaitingUsers")
@@ -232,7 +245,6 @@ export class UserController {
             // Don't leak the passwordHash
             const { passwordHash: _, ...user } = await this.userService.findOne(
                 id,
-                getExtendedInfo,
                 getExtendedInfo
             );
 
@@ -243,7 +255,10 @@ export class UserController {
     }
 
     @Get("organizationUsers/:organizationId")
-    @ApiOperation({ summary: "Get all users for an organization. Requires UserAdmin priviledges for the specified organization" })
+    @ApiOperation({
+        summary:
+            "Get all users for an organization. Requires UserAdmin priviledges for the specified organization",
+    })
     async findByOrganizationId(
         @Req() req: AuthenticatedRequest,
         @Param("organizationId", new ParseIntPipe()) organizationId: number,
@@ -252,7 +267,9 @@ export class UserController {
         try {
             // Check if user has access to organization
             if (!req.user.permissions.hasUserAdminOnOrganization(organizationId)) {
-                throw new ForbiddenException("User does not have org admin permissions for this organization");
+                throw new ForbiddenException(
+                    "User does not have org admin permissions for this organization"
+                );
             }
 
             // Get user objects
diff --git a/src/entities/dto/chirpstack/service-profile.dto.ts b/src/entities/dto/chirpstack/service-profile.dto.ts
@@ -32,14 +32,14 @@ export class ServiceProfileDto {
 
     @ApiProperty({ required: false })
     @IsInt()
-    @Min(0)
-    @Max(5)
+    @Min(0, { message: "Max data rate må ikke være negativ" })
+    @Max(7, { message: "Max data rate må ikke være større end 7" })
     drMax?: number;
 
     @ApiProperty({ required: true })
     @IsInt()
-    @Min(0)
-    @Max(5)
+    @Min(0, { message: "Min data rate må ikke være negativ" })
+    @Max(7, { message: "Min data rate må ikke være større end 7" })
     drMin?: number;
 
     @ApiProperty({ required: false })
diff --git a/src/entities/dto/list-all-permissions.dto.ts b/src/entities/dto/list-all-permissions.dto.ts
@@ -3,7 +3,7 @@ import { ListAllEntitiesDto } from "./list-all-entities.dto";
 
 export class ListAllPermissionsDto extends ListAllEntitiesDto {
     @ApiProperty({ type: String, required: false })
-    organisationId?: number;
+    organisationId?: string;
 
     @ApiProperty({ type: String, required: false })
     userId?: string;
diff --git a/src/services/user-management/permission.service.ts b/src/services/user-management/permission.service.ts
@@ -280,7 +280,10 @@ export class PermissionService {
         }
         if (orgs) {
             qb = qb.andWhere({ organization: In(orgs) });
-        } else if (query?.organisationId) {
+        } else if (
+            query?.organisationId !== undefined &&
+            query.organisationId !== "undefined"
+        ) {
             qb = qb.andWhere("org.id = :orgId", { orgId: +query.organisationId });
         }
 
diff --git a/src/services/user-management/user.service.ts b/src/services/user-management/user.service.ts
@@ -39,7 +39,7 @@ export class UserService {
         @Inject(forwardRef(() => PermissionService))
         private permissionService: PermissionService,
         private configService: ConfigService,
-        private oS2IoTMail: OS2IoTMail,
+        private oS2IoTMail: OS2IoTMail
     ) {}
 
     private readonly logger = new Logger(UserService.name, { timestamp: true });
@@ -90,17 +90,13 @@ export class UserService {
         });
     }
 
-    async findOne(
-        id: number,
-        getPermissionOrganisationInfo = false,
-        getPermissionUsersInfo = false
-    ): Promise<User> {
+    async findOne(id: number, getExtendedInformation: boolean = false): Promise<User> {
         const relations = ["permissions", "requestedOrganizations"];
-        if (getPermissionOrganisationInfo) {
+
+        if (getExtendedInformation) {
             relations.push("permissions.organization");
-        }
-        if (getPermissionUsersInfo) {
             relations.push("permissions.users");
+            relations.push("permissions.type");
         }
 
         return await this.userRepository.findOne({
@@ -221,7 +217,7 @@ export class UserService {
         if (user.nameId != null) {
             if (dto.name && user.name != dto.name) {
                 throw new BadRequestException(ErrorCodes.CannotModifyOnKombitUser);
-            }            
+            }
             if (dto.password) {
                 throw new BadRequestException(ErrorCodes.CannotModifyOnKombitUser);
             }
@@ -352,11 +348,13 @@ export class UserService {
         }
         const order: "DESC" | "ASC" =
             query?.sort?.toLocaleUpperCase() == "DESC" ? "DESC" : "ASC";
-        
+
         const [data, count] = await this.userRepository
             .createQueryBuilder("user")
             .innerJoin("user.permissions", "p")
-            .where('"p"."organizationId" = :organizationId', { organizationId: organizationId })
+            .where('"p"."organizationId" = :organizationId', {
+                organizationId: organizationId,
+            })
             .take(+query.limit)
             .skip(+query.offset)
             .orderBy(orderBy, order)

Original file line number	Diff line number	Diff line change
`@@ -280,7 +280,10 @@ export class PermissionService {`
`280`	`280`	`}`
`281`	`281`	`if (orgs) {`
`282`	`282`	`qb = qb.andWhere({ organization: In(orgs) });`
`283`		`- } else if (query?.organisationId) {`
	`283`	`+ } else if (`
	`284`	`+ query?.organisationId !== undefined &&`
	`285`	`+ query.organisationId !== "undefined"`
	`286`	`+ ) {`
`284`	`287`	`qb = qb.andWhere("org.id = :orgId", { orgId: +query.organisationId });`
`285`	`288`	`}`
`286`	`289`