users.controller.ts

import { Body, Controller, Delete, Get, Param, Post, Query, Req, Request, UseGuards } from '@nestjs/common';
import { ApiBearerAuth, ApiOperation, ApiParam, ApiResponse } from '@nestjs/swagger';
import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
import { PasswordChangeDto } from './dto/change-password.dto';
import { EmailChangeDto } from './dto/change-email.dto';
import { CreateUserDto } from './dto/create-user.dto';
import { PasswordResetApplyDto } from './dto/reset-password-apply.dto';
import { PasswordResetDto } from './dto/reset-password.dto';
import { UsersService } from './users.service';
import { StructuresService } from '../structures/services/structures.service';
import { TempUserService } from '../temp-user/temp-user.service';
import { RolesGuard } from './guards/roles.guard';
import { Roles } from './decorators/roles.decorator';

@Controller('users')
export class UsersController {
  constructor(
    private usersService: UsersService,
    private structureService: StructuresService,
    private tempUserService: TempUserService
  ) {}

  @UseGuards(JwtAuthGuard)
  @ApiBearerAuth('JWT')
  @ApiOperation({ description: 'Get user profile' })
  @ApiResponse({ status: 200, description: 'Return user profil' })
  @ApiResponse({ status: 401, description: 'User does not have sufficient rights' })
  @Get('profile')
  public getProfile(@Request() req) {
    return req.user;
  }

  @Post()
  @ApiResponse({ status: 201, description: 'User created' })
  public async create(@Body() createUserDto: CreateUserDto) {
    // remove structureId for creation and add structure after
    let structureId = null;
    if (createUserDto.pendingStructuresLink.length > 0) {
      structureId = createUserDto.pendingStructuresLink[0];
      delete createUserDto.pendingStructuresLink;
    }
    const user = await this.usersService.create(createUserDto);
    if (structureId) {
      this.usersService.updateStructureLinkedClaim(createUserDto.email, structureId);
    }
    // Remove temp user if exist
    const tempUser = await this.tempUserService.findOne(createUserDto.email);
    if (tempUser) {
      this.tempUserService.delete(createUserDto.email);
    }
    return user;
  }

  @Post('verify/:id')
  @ApiParam({ name: 'id', type: String, required: true })
  @ApiResponse({ status: 201, description: 'User verified' })
  @ApiResponse({ status: 401, description: "This token does'nt exist or is not associate to this user." })
  public async validateUser(@Param() params, @Query('token') token: string) {
    return this.usersService.validateUser(params.id, token);
  }

  @UseGuards(JwtAuthGuard)
  @Post('change-password')
  @ApiResponse({ status: 201, description: 'Password changed' })
  @ApiResponse({ status: 401, description: 'Invalid password' })
  @ApiResponse({ status: 422, description: 'Weak password' })
  public async changePassword(@Request() req, @Body() passwordChangeDto: PasswordChangeDto) {
    return this.usersService.changeUserPassword(
      req.user._id,
      passwordChangeDto.oldPassword,
      passwordChangeDto.newPassword
    );
  }

  @UseGuards(JwtAuthGuard)
  @Post('change-email')
  @ApiResponse({ status: 201, description: 'Email confirmation send' })
  @ApiResponse({ status: 401, description: 'Invalid Email' })
  public async changeEmail(@Request() req, @Body() emailChangeDto: EmailChangeDto) {
    return this.usersService.changeUserEmail(emailChangeDto);
  }

  @UseGuards(JwtAuthGuard)
  @Post('verify-change-email')
  @ApiResponse({ status: 201, description: 'Email changed' })
  @ApiResponse({ status: 401, description: 'Invalid Token' })
  public async verifyAndUpdateEmail(@Request() req, @Query('token') token: string) {
    return this.usersService.verifyAndUpdateUserEmail(token);
  }

  @Post('reset-password')
  @ApiResponse({ status: 200, description: 'Email sent if account exist' })
  public async resetPassword(@Body() passwordReset: PasswordResetDto) {
    return this.usersService.sendResetPasswordEmail(passwordReset.email);
  }

  @Post('reset-password/apply')
  @ApiResponse({ status: 200, description: 'Email sent if account exist' })
  public async resetPasswordApply(@Body() passwordResetApplyDto: PasswordResetApplyDto) {
    return this.usersService.validatePasswordResetToken(passwordResetApplyDto.password, passwordResetApplyDto.token);
  }

  @Post('verify-exist-user')
  public async verifyUserExist(@Request() req, @Body() email: { newMail: string }) {
    return this.usersService.verifyUserExist(email.newMail);
  }

  @Delete()
  @UseGuards(JwtAuthGuard)
  public async delete(@Req() req) {
    const user = await this.usersService.deleteOne(req.user.email);
    user.structuresLink.forEach((structureId) => {
      this.usersService.isStructureClaimed(structureId.toString()).then((userFound) => {
        if (!userFound) {
          this.structureService.deleteOne(structureId.toString());
        }
      });
    });
    return user;
  }
}