yogiedigital/cod-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update crud user

Browse Source
This commit is contained in:
Antony Kurniawan
2025-10-10 19:49:48 +07:00
parent c51c686cce
commit ee30308112
3 changed files with 141 additions and 199 deletions
Download Patch File Download Diff File Expand all files Collapse all files

198
controllers/users.controller.js
View File

@@ -1,169 +1,103 @@
const userService = require("../services/user.service"); const UserService = require('../services/user.service');
const { ErrorHandler } = require("../helpers/error"); const { setResponse, setResponsePaging, checkValidate } = require('../helpers/utils');
const { setResponse } = require("../helpers/utils"); const { userSchema, newPasswordSchema } = require('../validate/user.schema');
const { userSchema, newPasswordSchema } = require("../validate/user.schema");
class UserController { class UserController {
// Get all users // Get all users
static async getAllUsers(req, res) { static async getAll(req, res) {
try { const queryParams = req.query;
const users = await userService.getAllUsers();
return res.status(200).json(setResponse(users, "Users retrieved successfully", 200)); const results = await UserService.getAllUsers(queryParams);
} catch (error) { const response = await setResponsePaging(queryParams, results, 'Users retrieved successfully');
return res
.status(error.statusCode || 500) res.status(response.statusCode).json(response);
.json(setResponse(null, error.message, error.statusCode || 500));
}
} }
// Get user by ID // Get user by ID
static async getUserById(req, res) { static async getById(req, res) {
try { const { id } = req.params;
const { id } = req.params;
const user = await userService.getUserById(id); const results = await UserService.getUserById(id);
return res.status(200).json(setResponse(user, "User retrieved successfully", 200)); const response = await setResponse(results, 'User retrieved successfully');
} catch (error) {
return res res.status(response.statusCode).json(response);
.status(error.statusCode || 500)
.json(setResponse(null, error.message, error.statusCode || 500));
}
} }
// Create new user // Create user
static async createUser(req, res) { static async create(req, res) {
try { const { error, value } = await checkValidate(userSchema, req);
const { error, value } = userSchema.validate(req.body, { abortEarly: false });
if (error) { if (error) {
const validationErrors = error.details.map((err) => err.message); return res.status(400).json(setResponse(error, 'Validation failed', 400));
throw new ErrorHandler(400, validationErrors);
}
// Kirim approved_by dari user yang bikin
const result = await userService.createUser({
...value,
approved_by: req.user.user_id
});
return res.status(201).json(setResponse(result, "User created successfully", 201));
} catch (error) {
return res
.status(error.statusCode || 500)
.json(setResponse(null, error.message, error.statusCode || 500));
} }
value.approved_by = req.user.user_id;
const results = await UserService.createUser(value);
const response = await setResponse(results, 'User created successfully');
res.status(response.statusCode).json(response);
} }
// Update user // Update user
static async updateUser(req, res) { static async update(req, res) {
try { const { id } = req.params;
const { id } = req.params; const { error, value } = await checkValidate(userSchema, req);
const {
fullname,
name,
email,
phone,
role_id,
is_sa,
is_active,
is_approve
} = req.body;
const updatedById = req.user?.user_id;
const result = await userService.updateUser({ if (error) {
user_id: parseInt(id, 10), return res.status(400).json(setResponse(error, 'Validation failed', 400));
fullname,
name,
email,
phone,
role_id,
is_sa,
is_active,
is_approve,
updatedById
});
console.log("PARAM ID:", req.params);
console.log("BODY:", req.body);
return res.status(200).json(setResponse(result, "User updated successfully", 200));
} catch (error) {
return res
.status(error.statusCode || 500)
.json(setResponse(null, error.message, error.statusCode || 500));
} }
value.updated_by = req.user.user_id;
const results = await UserService.updateUser(id, value);
const response = await setResponse(results, 'User updated successfully');
res.status(response.statusCode).json(response);
} }
// Delete user // Soft delete user
static async deleteUser(req, res) { static async delete(req, res) {
try { const { id } = req.params;
const { id } = req.params;
const deletedBy = req.user?.user_id;
const result = await userService.deleteUser(id, deletedBy); const results = await UserService.deleteUser(id, req.user.user_id);
return res.status(200).json(setResponse(result, "User deleted successfully", 200)); const response = await setResponse(results, 'User deleted successfully');
} catch (error) {
return res res.status(response.statusCode).json(response);
.status(error.statusCode || 500)
.json(setResponse(null, error.message, error.statusCode || 500));
}
} }
// Change user password // Change user password
static async changePassword(req, res) { static async changePassword(req, res) {
try {
const { new_password } = req.body;
const { id } = req.params; const { id } = req.params;
const { error, value } = await checkValidate(newPasswordSchema, req);
if (!id || !new_password) { if (error) {
throw new ErrorHandler(400, "user_id and new_password are required"); return res.status(400).json(setResponse(error, 'Validation failed', 400));
} }
const { error } = newPasswordSchema.validate({ new_password }); const results = await UserService.changeUserPassword(id, value.new_password);
const response = await setResponse(results, 'Password changed successfully');
if (error) { res.status(response.statusCode).json(response);
const errors = error.details.reduce((acc, cur) => {
const field = Array.isArray(cur.path) ? cur.path.join('.') : String(cur.path);
if (!acc[field]) acc[field] = [];
acc[field].push(cur.message);
return acc;
}, {});
return res.status(400).json(setResponse(errors, 'Validation failed', 400));
}
const result = await userService.changeUserPassword(id, new_password);
return res.status(200).json(setResponse(result, "Password changed successfully", 200));
} catch (error) {
return res
.status(error.statusCode || 500)
.json(setResponse(null, error.message, error.statusCode || 500));
}
} }
// Get all status users // Get all status users
static async getAllStatusUsers(req, res) { static async getAllStatus(req, res) {
try { const results = await UserService.getAllStatusUsers();
const result = await userService.getAllStatusUsers(); const response = await setResponse(results, 'Status list retrieved successfully');
return res.status(200).json(setResponse(result, "Status list retrieved successfully", 200));
} catch (error) { res.status(response.statusCode).json(response);
return res
.status(error.statusCode || 500)
.json(setResponse(null, error.message, error.statusCode || 500));
}
} }
// Approve user // Approve user
static async approveUser(req, res) { static async approve(req, res) {
try { const { id } = req.params;
const { id } = req.params; const approverId = req.user?.user_id || null;
const approverId = req.user?.user_id || null;
const result = await userService.approveUser(id, approverId); const results = await UserService.approveUser(id, approverId);
return res.status(200).json(setResponse(result, "User approved successfully", 200)); const response = await setResponse(results, 'User approved successfully');
} catch (error) {
return res res.status(response.statusCode).json(response);
.status(error.statusCode || 500)
.json(setResponse(null, error.message, error.statusCode || 500));
}
} }
} }

113
db/user.db.js
View File

@@ -1,20 +1,45 @@
const { query, buildFilterQuery, buildDynamicUpdate } = require("../config"); const pool = require("../config");
// Get all users // Get all users
const getAllUsersDb = async (searchParams = {}) => { const getAllUsersDb = async (searchParams = {}) => {
const { whereConditions, queryParams } = buildFilterQuery([ let queryParams = [];
{ column: "u.user_fullname", param: searchParams.fullname, type: "string" },
{ column: "u.user_name", param: searchParams.username, type: "string" },
{ column: "u.user_email", param: searchParams.email, type: "string" },
{ column: "r.role_name", param: searchParams.role, type: "string" },
]);
const whereClause = whereConditions.length // Pagination
? `AND ${whereConditions.join(" AND ")}` if (searchParams.limit) {
: ""; const page = Number(searchParams.page ?? 1) - 1;
queryParams = [Number(searchParams.limit ?? 10), page];
}
// Search
const { whereOrConditions, whereParamOr } = pool.buildStringOrIlike(
[
"u.user_fullname",
"u.user_name",
"u.user_email",
"r.role_name"
],
searchParams.criteria,
queryParams
);
queryParams = whereParamOr ? whereParamOr : queryParams;
// Filter
const { whereConditions, whereParamAnd } = pool.buildFilterQuery(
[
{ column: "u.user_fullname", param: searchParams.fullname, type: "string" },
{ column: "u.user_name", param: searchParams.username, type: "string" },
{ column: "u.user_email", param: searchParams.email, type: "string" },
{ column: "r.role_name", param: searchParams.role, type: "string" },
],
queryParams
);
queryParams = whereParamAnd ? whereParamAnd : queryParams;
const queryText = ` const queryText = `
SELECT SELECT
COUNT(*) OVER() AS total_data,
u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone, u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
u.is_active, u.is_sa, u.is_approve, u.approved_by, u.is_active, u.is_sa, u.is_approve, u.approved_by,
approver.user_fullname AS approved_by_name, approver.user_fullname AS approved_by_name,
@@ -24,11 +49,21 @@ const getAllUsersDb = async (searchParams = {}) => {
FROM m_users u FROM m_users u
LEFT JOIN m_roles r ON u.role_id = r.role_id LEFT JOIN m_roles r ON u.role_id = r.role_id
LEFT JOIN m_users approver ON u.approved_by = approver.user_id LEFT JOIN m_users approver ON u.approved_by = approver.user_id
WHERE u.deleted_at IS NULL ${whereClause} WHERE u.deleted_at IS NULL
${whereConditions.length > 0 ? ` AND ${whereConditions.join(' AND ')}` : ''}
${whereOrConditions ? whereOrConditions : ''}
ORDER BY u.user_id ASC ORDER BY u.user_id ASC
${searchParams.limit ? `OFFSET $2 ROWS FETCH NEXT $1 ROWS ONLY` : ''};
`; `;
const result = await query(queryText, queryParams);
return result.recordset; const result = await pool.query(queryText, queryParams);
const total =
result?.recordset.length > 0
? parseInt(result.recordset[0].total_data, 10)
: 0;
return { data: result.recordset, total };
}; };
// Get user by ID // Get user by ID
@@ -46,7 +81,7 @@ const getUserByIdDb = async (id) => {
LEFT JOIN m_users approver ON u.approved_by = approver.user_id LEFT JOIN m_users approver ON u.approved_by = approver.user_id
WHERE u.user_id = $1 AND u.deleted_at IS NULL WHERE u.user_id = $1 AND u.deleted_at IS NULL
`; `;
const result = await query(queryText, [id]); const result = await pool.query(queryText, [id]);
return result.recordset[0]; return result.recordset[0];
}; };
@@ -61,7 +96,7 @@ const getUserByUserEmailDb = async (email) => {
LEFT JOIN m_roles r ON u.role_id = r.role_id LEFT JOIN m_roles r ON u.role_id = r.role_id
WHERE u.user_email = $1 AND u.deleted_at IS NULL WHERE u.user_email = $1 AND u.deleted_at IS NULL
`; `;
const result = await query(queryText, [email]); const result = await pool.query(queryText, [email]);
return result.recordset[0]; return result.recordset[0];
}; };
@@ -76,54 +111,35 @@ const getUserByUsernameDb = async (username) => {
LEFT JOIN m_roles r ON u.role_id = r.role_id LEFT JOIN m_roles r ON u.role_id = r.role_id
WHERE u.user_name = $1 AND u.deleted_at IS NULL WHERE u.user_name = $1 AND u.deleted_at IS NULL
`; `;
const result = await query(queryText, [username]); const result = await pool.query(queryText, [username]);
return result.recordset[0]; return result.recordset[0];
}; };
// Create user // Create user
const createUserDb = async (data) => { const createUserDb = async (data) => {
const queryText = ` const { query: queryText, values } = pool.buildDynamicInsert("m_users", data);
INSERT INTO m_users const result = await pool.query(queryText, values);
(user_fullname, user_name, user_email, user_phone, user_password, role_id, is_sa, is_active, is_approve, approved_by, approved_at) const insertedId = result.recordset[0]?.inserted_id;
VALUES return insertedId ? await getUserByIdDb(insertedId) : null;
($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11);
SELECT SCOPE_IDENTITY() as user_id;
`;
const values = [
data.user_fullname,
data.user_name,
data.user_email,
data.user_phone,
data.user_password,
data.role_id || null,
data.is_sa || 0,
data.is_active || 1,
data.is_approve || 0,
data.approved_by || null,
data.approved_at || null
];
const result = await query(queryText, values);
return result.recordset[0]?.user_id || null;
}; };
// Update user // Update user
const updateUserDb = async (userId, data) => { const updateUserDb = async (userId, data) => {
const { query: queryText, values } = buildDynamicUpdate("m_users", data, { user_id: userId }); const { query: queryText, values } = pool.buildDynamicUpdate("m_users", data, {
const finalQuery = queryText.replace("WHERE", "WHERE deleted_at IS NULL AND"); user_id: userId,
await query(finalQuery, values); });
return true; await pool.query(`${queryText} AND deleted_at IS NULL`, values);
return getUserByIdDb(userId);
}; };
// Change user password // Change user password
const changeUserPasswordDb = async (userId, newPassword) => { const changeUserPasswordDb = async (userId, newPassword) => {
const queryText = ` const queryText = `
UPDATE m_users UPDATE m_users
SET user_password = $1, updated_at = GETDATE() SET user_password = $1, updated_at = CURRENT_TIMESTAMP
WHERE user_id = $2 AND deleted_at IS NULL WHERE user_id = $2 AND deleted_at IS NULL
`; `;
await query(queryText, [newPassword, userId]); await pool.query(queryText, [newPassword, userId]);
return true; return true;
}; };
@@ -132,14 +148,13 @@ const deleteUserDb = async (userId, deletedBy) => {
const queryText = ` const queryText = `
UPDATE m_users UPDATE m_users
SET SET
deleted_at = GETDATE(), deleted_at = CURRENT_TIMESTAMP,
deleted_by = $1, deleted_by = $1,
is_active = 0 is_active = 0
WHERE user_id = $2 WHERE user_id = $2
AND deleted_at IS NULL AND deleted_at IS NULL
`; `;
await pool.query(queryText, [deletedBy, userId]);
await query(queryText, [deletedBy, userId]);
return true; return true;
}; };

29
routes/users.route.js
View File

@@ -5,26 +5,19 @@ const verifyAccess = require('../middleware/verifyAccess');
const router = express.Router(); const router = express.Router();
// Get all users router.route('/')
router.get('/', verifyToken.verifyAccessToken, UserController.getAllUsers); .get(verifyToken.verifyAccessToken, UserController.getAllUsers)
.post(verifyToken.verifyAccessToken, verifyAccess(), UserController.createUser);
// Get user by ID router.route('/:id')
router.get('/:id', verifyToken.verifyAccessToken, UserController.getUserById); .get(verifyToken.verifyAccessToken, UserController.getUserById)
.put(verifyToken.verifyAccessToken, verifyAccess(), UserController.updateUser)
.delete(verifyToken.verifyAccessToken, verifyAccess(), UserController.deleteUser);
// Create new user router.route('/change-password/:id')
router.post('/', verifyToken.verifyAccessToken, verifyAccess(), UserController.createUser); .put(verifyToken.verifyAccessToken, verifyAccess(), UserController.changePassword);
// Update user
router.put('/:id', verifyToken.verifyAccessToken, verifyAccess(), UserController.updateUser);
// Delete user
router.delete('/:id', verifyToken.verifyAccessToken, verifyAccess(), UserController.deleteUser);
// Change user password
router.put('/change-password/:id', verifyToken.verifyAccessToken, verifyAccess(), UserController.changePassword);
// Approve user
router.put('/:id/approve', verifyToken.verifyAccessToken, verifyAccess(), UserController.approveUser);
router.route('/:id/approve')
.put(verifyToken.verifyAccessToken, verifyAccess(), UserController.approveUser);
module.exports = router; module.exports = router;