yogiedigital/cod-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: crud user

Browse Source
This commit is contained in:
Antony Kurniawan
2025-10-11 02:26:17 +07:00
parent 751cd0911e
commit e581f5b5bb
5 changed files with 154 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
controllers/users.controller.js
View File

@@ -1,6 +1,6 @@
const UserService = require('../services/user.service'); const UserService = require("../services/user.service");
const { setResponse, setResponsePaging, checkValidate } = require('../helpers/utils'); const { setResponse, setResponsePaging, checkValidate } = require("../helpers/utils");
const { userSchema, newPasswordSchema } = require('../validate/user.schema'); const { userSchema, updateUserSchema, newPasswordSchema } = require("../validate/user.schema");
class UserController { class UserController {
// Get all users // Get all users
@@ -8,7 +8,7 @@ class UserController {
const queryParams = req.query; const queryParams = req.query;
const results = await UserService.getAllUsers(queryParams); const results = await UserService.getAllUsers(queryParams);
const response = await setResponsePaging(queryParams, results, 'Users retrieved successfully'); const response = await setResponsePaging(queryParams, results, 'Users found');
res.status(response.statusCode).json(response); res.status(response.statusCode).json(response);
} }
@@ -18,7 +18,7 @@ class UserController {
const { id } = req.params; const { id } = req.params;
const results = await UserService.getUserById(id); const results = await UserService.getUserById(id);
const response = await setResponse(results, 'User retrieved successfully'); const response = await setResponse(results, 'User found');
res.status(response.statusCode).json(response); res.status(response.statusCode).json(response);
} }
@@ -42,13 +42,14 @@ class UserController {
// Update user // Update user
static async update(req, res) { static async update(req, res) {
const { id } = req.params; const { id } = req.params;
const { error, value } = await checkValidate(userSchema, req);
const { error, value } = await checkValidate(updateUserSchema, req);
if (error) { if (error) {
return res.status(400).json(setResponse(error, 'Validation failed', 400)); return res.status(400).json(setResponse(error, 'Validation failed', 400));
} }
value.updated_by = req.user.user_id; value.userId = req.user.user_id;
const results = await UserService.updateUser(id, value); const results = await UserService.updateUser(id, value);
const response = await setResponse(results, 'User updated successfully'); const response = await setResponse(results, 'User updated successfully');
@@ -56,6 +57,17 @@ class UserController {
res.status(response.statusCode).json(response); res.status(response.statusCode).json(response);
} }
// Approve user
static async approve(req, res) {
const { id } = req.params;
const approverId = req.user.user_id;
const updatedUser = await UserService.approveUser(id, approverId);
const response = await setResponse(updatedUser, 'User approved successfully');
return res.status(response.statusCode).json(response);
}
// Soft delete user // Soft delete user
static async delete(req, res) { static async delete(req, res) {
const { id } = req.params; const { id } = req.params;
@@ -66,7 +78,7 @@ class UserController {
res.status(response.statusCode).json(response); res.status(response.statusCode).json(response);
} }
// Change user password // Change password
static async changePassword(req, res) { static async changePassword(req, res) {
const { id } = req.params; const { id } = req.params;
const { error, value } = await checkValidate(newPasswordSchema, req); const { error, value } = await checkValidate(newPasswordSchema, req);
@@ -80,25 +92,6 @@ class UserController {
res.status(response.statusCode).json(response); res.status(response.statusCode).json(response);
} }
// Get all status users
static async getAllStatus(req, res) {
const results = await UserService.getAllStatusUsers();
const response = await setResponse(results, 'Status list retrieved successfully');
res.status(response.statusCode).json(response);
}
// Approve user
static async approve(req, res) {
const { id } = req.params;
const approverId = req.user?.user_id || null;
const results = await UserService.approveUser(id, approverId);
const response = await setResponse(results, 'User approved successfully');
res.status(response.statusCode).json(response);
}
} }
module.exports = UserController; module.exports = UserController;

17
db/user.db.js
View File

@@ -132,6 +132,22 @@ const updateUserDb = async (userId, data) => {
return getUserByIdDb(userId); return getUserByIdDb(userId);
}; };
const approveUserDb = async (userId, approverId) => {
const queryText = `
UPDATE m_users
SET
is_approve = 1,
approved_by = $1,
approved_at = CURRENT_TIMESTAMP,
updated_by = $1,
updated_at = CURRENT_TIMESTAMP
WHERE user_id = $2 AND deleted_at IS NULL
`;
await pool.query(queryText, [approverId, userId]);
return true; // simple, cuma tanda berhasil
};
// Change user password // Change user password
const changeUserPasswordDb = async (userId, newPassword) => { const changeUserPasswordDb = async (userId, newPassword) => {
const queryText = ` const queryText = `
@@ -165,6 +181,7 @@ module.exports = {
getUserByUsernameDb, getUserByUsernameDb,
createUserDb, createUserDb,
updateUserDb, updateUserDb,
approveUserDb,
changeUserPasswordDb, changeUserPasswordDb,
deleteUserDb, deleteUserDb,
}; };

3
routes/users.route.js
View File

@@ -20,7 +20,4 @@ router.route('/change-password/:id')
router.route('/:id/approve') router.route('/:id/approve')
.put(verifyToken.verifyAccessToken, verifyAccess(), UserController.approve); .put(verifyToken.verifyAccessToken, verifyAccess(), UserController.approve);
router.route('/status/all')
.get(verifyToken.verifyAccessToken, UserController.getAllStatus);
module.exports = router; module.exports = router;

225
services/user.service.js
View File

@@ -1,174 +1,151 @@
const { const {
createUserDb,
getUserByIdDb,
getAllUsersDb, getAllUsersDb,
getUserByIdDb,
getUserByUserEmailDb,
getUserByUsernameDb, getUserByUsernameDb,
createUserDb,
updateUserDb, updateUserDb,
approveUserDb,
deleteUserDb, deleteUserDb,
changeUserPasswordDb changeUserPasswordDb
} = require('../db/user.db'); } = require('../db/user.db');
const { hashPassword } = require('../helpers/hashPassword'); const { hashPassword } = require('../helpers/hashPassword');
const { ErrorHandler } = require('../helpers/error'); const { ErrorHandler } = require('../helpers/error');
const statusName = [
{ status: true, status_name: "Aktif" },
{ status: false, status_name: "NonAktif" }
];
class UserService { class UserService {
// Get all status users
getAllStatusUsers = async () => {
try {
return statusName;
} catch (error) {
throw new ErrorHandler(error.statusCode || 500, error.message);
}
};
// Get all users // Get all users
getAllUsers = async () => { static async getAllUsers(param) {
try { try {
const results = await getAllUsersDb(); const results = await getAllUsersDb(param);
results.forEach(user => {
user.is_active = user.is_active == 1;
user.is_active_name = statusName.find(s => s.status === user.is_active)?.status_name;
delete user.user_password; // remove password
});
return results; return results;
} catch (error) { } catch (error) {
throw new ErrorHandler(error.statusCode || 500, error.message); throw new ErrorHandler(error.statusCode, error.message);
}
} }
};
// Get user by ID // Get user by ID
getUserById = async (id) => { static async getUserById(id) {
try { try {
const user = await getUserByIdDb(id); const result = await getUserByIdDb(id);
if (!user) throw new ErrorHandler(404, "User not found");
user.is_active = user.is_active == 1; if (!result) throw new ErrorHandler(404, 'User not found');
user.is_active_name = statusName.find(s => s.status === user.is_active)?.status_name;
delete user.user_password; return result;
return user; } catch (error) {
throw new ErrorHandler(error.statusCode, error.message);
}
}
// Create user
static async createUser(data) {
try {
if (!data || typeof data !== 'object') data = {};
const creatorId = data.userId;
const existingEmail = await getUserByUserEmailDb(data.user_email);
const existingUsername = await getUserByUsernameDb(data.user_name);
if (existingUsername) {
throw new ErrorHandler(400, 'Username is already taken');
}
if (existingEmail) {
throw new ErrorHandler(400, 'Email is already taken');
}
if (data.user_password) {
data.user_password = await hashPassword(data.user_password);
}
data.is_approve = 1;
data.approved_by = creatorId;
data.created_by = creatorId;
data.updated_by = creatorId;
data.is_sa = 0;
data.is_active = 1;
delete data.userId;
const result = await createUserDb(data);
return result;
} catch (error) { } catch (error) {
throw new ErrorHandler(error.statusCode || 500, error.message); throw new ErrorHandler(error.statusCode || 500, error.message);
} }
};
// Create users
createUser = async ({ fullname, name, email, phone, password, role_id = null, is_sa = 0, is_active = 1, approved_by }) => {
try {
const existingUser = await getUserByUsernameDb(name);
if (existingUser) throw new ErrorHandler(400, "Username already taken");
const hashedPassword = await hashPassword(password);
const userId = await createUserDb({
user_fullname: fullname,
user_name: name,
user_email: email,
user_phone: phone,
user_password: hashedPassword,
role_id,
is_sa,
is_active,
is_approve: 1,
approved_by,
approved_at: new Date()
});
return {
user_id: userId,
user_fullname: fullname,
user_name: name,
user_email: email,
user_phone: phone,
role_id,
is_sa,
is_active,
is_approve: 1,
approved_by
};
} catch (error) {
throw new ErrorHandler(error.statusCode || 500, error.message);
} }
};
// Update user // Update user
updateUser = async ({ user_id, fullname, name, email, phone, role_id, is_sa, is_active, is_approve, updatedById }) => { static async updateUser(id, data) {
try { try {
const user = await getUserByIdDb(user_id); if (!data || typeof data !== 'object') data = {};
if (!user) throw new ErrorHandler(404, "User not found");
// Cek username const existingEmail = await getUserByUserEmailDb(data.user_email);
if (name && user.user_name.toLowerCase() !== name.toLowerCase()) { const existingUsername = await getUserByUsernameDb(data.user_name);
const userByName = await getUserByUsernameDb(name);
if (userByName) throw new ErrorHandler(400, "Username already taken"); if (existingUsername) {
throw new ErrorHandler(400, 'Username is already taken');
}
if (existingEmail) {
throw new ErrorHandler(400, 'Email is already taken')
} }
const updateData = { const userExist = await getUserByIdDb(id);
...(fullname && { user_fullname: fullname }), if (!userExist) throw new ErrorHandler(404, 'User not found');
...(name && { user_name: name }),
...(email && { user_email: email }),
...(phone && { user_phone: phone }),
...(role_id !== undefined && { role_id }),
...(updatedById !== undefined && { updated_by: updatedById })
};
await updateUserDb(user_id, updateData); const result = await updateUserDb(id, data);
return result;
const updatedUser = await getUserByIdDb(user_id);
delete updatedUser.user_password;
updatedUser.is_active = updatedUser.is_active == 1;
updatedUser.is_active_name = statusName.find(s => s.status === updatedUser.is_active)?.status_name;
return updatedUser;
} catch (error) { } catch (error) {
throw new ErrorHandler(error.statusCode || 500, error.message); throw new ErrorHandler(error.statusCode, error.message);
}
} }
};
// Approve user // Approve user
approveUser = async (userId, approverId) => { static async approveUser(userId, approverId) {
try { try {
const updateData = { if (!userId) {
is_approve: 1, throw new ErrorHandler(400, 'User ID is required');
approved_by: approverId, }
approved_at: new Date()
};
await updateUserDb(userId, updateData);
const updatedUser = await getUserByIdDb(userId); const existingUser = await getUserByIdDb(userId);
delete updatedUser.user_password; if (!existingUser) {
throw new ErrorHandler(404, 'User not found');
}
if (existingUser.is_approve) {
throw new ErrorHandler(400, 'User is already approved');
}
const updatedUser = await approveUserDb(userId, approverId);
return updatedUser; return updatedUser;
} catch (error) { } catch (error) {
throw new ErrorHandler(error.statusCode || 500, error.message); throw new ErrorHandler(error.statusCode || 500, error.message);
} }
};
// Delete user (soft delete)
deleteUser = async (userId, deletedBy) => {
try {
await deleteUserDb(userId, deletedBy);
return { message: "User deleted successfully" };
} catch (error) {
throw new ErrorHandler(error.statusCode || 500, error.message);
} }
};
// Soft delete user
static async deleteUser(id, userId) {
try {
const userExist = await getUserByIdDb(id);
if (!userExist) throw new ErrorHandler(404, 'User not found');
const result = await deleteUserDb(id, userId);
return result;
} catch (error) {
throw new ErrorHandler(error.statusCode, error.message);
}
}
// Change password // Change password
changeUserPassword = async (user_Id, new_Password) => { static async changeUserPassword(id, newPassword) {
try { try {
const hashedPassword = await hashPassword(new_Password); const userExist = await getUserByIdDb(id);
await changeUserPasswordDb(user_Id, hashedPassword); if (!userExist) throw new ErrorHandler(404, 'User not found');
return { message: "Password updated successfully" };
const result = await changeUserPasswordDb(id, newPassword);
return result;
} catch (error) { } catch (error) {
throw new ErrorHandler(error.statusCode || 500, error.message); throw new ErrorHandler(error.statusCode, error.message);
}
} }
};
} }
module.exports = new UserService(); module.exports = UserService;

24
validate/user.schema.js
View File

@@ -4,17 +4,17 @@ const Joi = require("joi");
// Users Validation // Users Validation
// ======================== // ========================
const userSchema = Joi.object({ const userSchema = Joi.object({
fullname: Joi.string().min(3).max(100).required(), user_fullname: Joi.string().min(3).max(100).required(),
name: Joi.string().alphanum().min(3).max(50).required(), user_name: Joi.string().alphanum().min(3).max(50).required(),
email: Joi.string().email().required(), user_email: Joi.string().email().required(),
phone: Joi.string() user_phone: Joi.string()
.pattern(/^(?:\+62|0)8\d{7,10}$/) .pattern(/^(?:\+62|0)8\d{7,10}$/)
.required() .required()
.messages({ .messages({
'string.pattern.base': 'string.pattern.base':
'Phone number must be a valid Indonesian number in format +628XXXXXXXXX' 'Phone number must be a valid Indonesian number in format +628XXXXXXXXX'
}), }),
password: Joi.string() user_password: Joi.string()
.min(8) .min(8)
.pattern(/[A-Z]/, 'uppercase letter') .pattern(/[A-Z]/, 'uppercase letter')
.pattern(/[a-z]/, 'lowercase letter') .pattern(/[a-z]/, 'lowercase letter')
@@ -28,6 +28,19 @@ const userSchema = Joi.object({
role_id: Joi.number().integer().min(1) role_id: Joi.number().integer().min(1)
}); });
const updateUserSchema = Joi.object({
user_fullname: Joi.string().min(3).max(100),
user_name: Joi.string().alphanum().min(3).max(50),
user_email: Joi.string().email(),
user_phone: Joi.string()
.pattern(/^(?:\+62|0)8\d{7,10}$/)
.messages({
'string.pattern.base':
'Phone number must be a valid Indonesian number in format +628XXXXXXXXX'
}),
role_id: Joi.number().integer().min(1)
}).min(1);
const newPasswordSchema = Joi.object({ const newPasswordSchema = Joi.object({
new_password: Joi.string() new_password: Joi.string()
.min(8) .min(8)
@@ -45,4 +58,5 @@ const newPasswordSchema = Joi.object({
module.exports = { module.exports = {
userSchema, userSchema,
newPasswordSchema, newPasswordSchema,
updateUserSchema
}; };