feat(backend): add new role

.talismanrc

@@ -14,7 +14,7 @@ fileignoreconfig:
 - filename: packages/backend/package.json
   checksum: 2f5813dbc35cdc3659516beabf9f93e2978eb62d1b5403cfbb2907f22bb25355
 - filename: packages/backend/src/_migrations/1757532174131-auto-migration.ts
-  checksum: 22a788509a5f08a8dbccbab49ed7b835df73ab56444b5c2a0e327fe51de2f748
+  checksum: e2d06e63d58935b349f2591b0a3c407c254be26c4e833456829e7c605fc7411b
 - filename: packages/backend/src/_migrations/_init-db/domifa_test_schema.sql
   checksum: 8b421c413bab4f2419972dec548a5399879f497a8c75c9b240bbf8c123cfab06
 - filename: packages/portail-admins/src/app/modules/admin-structures/components/admin-structures-list/admin-structures-list.component.spec.ts

packages/backend/src/_common/model/users/user-structure/index.ts

@@ -1,4 +1,3 @@
 // @index('./*', f => `export * from '${f.path}'`)
-export * from "./constants";
 export * from "./UserStructureAuthenticated.type";
 export * from "./UserStructurePublic.type";

packages/backend/src/_migrations/1757532174131-auto-migration.ts

@@ -10,12 +10,16 @@ export class AutoMigration1757532174131 implements MigrationInterface {
       domifaConfig().envId === "preprod" ||
       domifaConfig().envId === "local"
     ) {
-      await queryRunner.query(
-        `ALTER TABLE "user_usager" DROP COLUMN "isTemporaryPassword"`
-      );
-      await queryRunner.query(
-        `CREATE INDEX "IDX_b2ad525cbadf911e833bf61597" ON "open_data_places" ("cityCode") `
-      );
+      try {
+        await queryRunner.query(
+          `ALTER TABLE "user_usager" DROP COLUMN "isTemporaryPassword"`
+        );
+        await queryRunner.query(
+          `CREATE INDEX "IDX_b2ad525cbadf911e833bf61597" ON "open_data_places" ("cityCode") `
+        );
+      } catch (e) {
+        console.log(e);
+      }
     }
   }
 

packages/backend/src/auth/guards/usager-doc-access.guard.ts

@@ -30,7 +30,7 @@ export class UsagerDocAccessGuard implements CanActivate {
       throw new HttpException("USAGER_DOC_NOT_FOUND", HttpStatus.BAD_REQUEST);
     }
 
-    if (user?.role === "facteur") {
+    if (user?.role === "facteur" || user?.role === "agent") {
       throw new HttpException("CANNOT_GET_DOC", HttpStatus.UNAUTHORIZED);
     }
 

packages/backend/src/auth/structures-auth.controller.security-tests.ts

@@ -1,9 +1,10 @@
 import { AppTestContext, AppTestHttpClient } from "../util/test";
-import { USER_STRUCTURE_ROLE_ALL } from "../_common/model";
+
 import {
   AppTestHttpClientSecurityTestDef,
   expectedResponseStatusBuilder,
 } from "../_tests";
+import { ALL_USER_STRUCTURE_ROLES } from "@domifa/common";
 
 ////////////////// IMPORTANT //////////////////
 //
@@ -25,7 +26,7 @@ export const StructuresAuthControllerSecurityTests: AppTestHttpClientSecurityTes
           expectedStatus: expectedResponseStatusBuilder.allowStructureOnly(
             context.user,
             {
-              roles: USER_STRUCTURE_ROLE_ALL,
+              roles: ALL_USER_STRUCTURE_ROLES,
             }
           ),
         };

packages/backend/src/auth/structures-auth.controller.ts

@@ -15,11 +15,7 @@ import { Response } from "express";
 
 import { StructureLoginDto } from "../modules/users/dto";
 import { ExpressRequest, ExpressResponse } from "../util/express";
-import {
-  USER_STRUCTURE_ROLE_ALL,
-  UserProfile,
-  UserStructureAuthenticated,
-} from "../_common/model";
+import { UserProfile, UserStructureAuthenticated } from "../_common/model";
 import { AllowUserProfiles } from "./decorators/AllowUserProfiles.decorator";
 import { CurrentUser } from "./decorators/current-user.decorator";
 import { AppUserGuard } from "./guards/AppUserGuard.guard";
@@ -28,7 +24,8 @@ import { ExpiredTokenTable, expiredTokenRepositiory } from "../database";
 import { domifaConfig } from "../config";
 import { userSecurityPasswordChecker } from "../modules/users/services";
 import { AllowUserStructureRoles } from "./decorators";
-import { UserStructure } from "@domifa/common";
+import { ALL_USER_STRUCTURE_ROLES, UserStructure } from "@domifa/common";
+import { appLogger } from "../util";
 
 const userProfile: UserProfile = "structure";
 
@@ -55,6 +52,7 @@ export class StructuresAuthController {
 
       return res.status(HttpStatus.OK).json(accessToken);
     } catch (err) {
+      appLogger.error(err);
       return res
         .status(HttpStatus.UNAUTHORIZED)
         .json({ message: "LOGIN_FAILED" });
@@ -64,7 +62,7 @@ export class StructuresAuthController {
   @ApiBearerAuth()
   @UseGuards(AuthGuard("jwt"), AppUserGuard)
   @AllowUserProfiles("structure")
-  @AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
+  @AllowUserStructureRoles(...ALL_USER_STRUCTURE_ROLES)
   @ApiOperation({ summary: "Déconnexion" })
   @Get("logout")
   public async logout(
@@ -84,7 +82,7 @@ export class StructuresAuthController {
   @ApiBearerAuth()
   @UseGuards(AuthGuard("jwt"), AppUserGuard)
   @AllowUserProfiles("structure")
-  @AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
+  @AllowUserStructureRoles(...ALL_USER_STRUCTURE_ROLES)
   @Get("me")
   public me(
     @Res() res: Response,

packages/backend/src/modules/interactions/interactions.controller.security-tests.ts

@@ -1,9 +1,10 @@
 import { AppTestContext, AppTestHttpClient } from "../../util/test";
-import { USER_STRUCTURE_ROLE_ALL } from "../../_common/model";
+
 import {
   AppTestHttpClientSecurityTestDef,
   expectedResponseStatusBuilder,
 } from "../../_tests";
+import { ALL_USER_STRUCTURE_ROLES } from "@domifa/common";
 
 ////////////////// IMPORTANT //////////////////
 //
@@ -30,7 +31,7 @@ export const InteractionsControllerSecurityTests: AppTestHttpClientSecurityTestD
           expectedStatus: expectedResponseStatusBuilder.allowStructureOnly(
             context.user,
             {
-              roles: USER_STRUCTURE_ROLE_ALL,
+              roles: ALL_USER_STRUCTURE_ROLES,
               validExpectedResponseStatus: 400, // car on utilise un faux id
             }
           ),

packages/backend/src/modules/interactions/interactions.controller.ts

@@ -24,10 +24,7 @@ import {
   InteractionsGuard,
 } from "../../auth/guards";
 import { userUsagerLoginRepository } from "../../database";
-import {
-  USER_STRUCTURE_ROLE_ALL,
-  UserStructureAuthenticated,
-} from "../../_common/model";
+import { UserStructureAuthenticated } from "../../_common/model";
 import { InteractionDto } from "./dto";
 import {
   InteractionsDeletor,
@@ -40,13 +37,14 @@ import {
   Usager,
   PageMeta,
   PageResults,
+  ALL_USER_STRUCTURE_ROLES,
 } from "@domifa/common";
 import { MessageSmsService } from "../sms/services/message-sms.service";
 
 @UseGuards(AuthGuard("jwt"), AppUserGuard)
 @ApiTags("interactions")
 @AllowUserProfiles("structure")
-@AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
+@AllowUserStructureRoles(...ALL_USER_STRUCTURE_ROLES)
 @Controller("interactions")
 export class InteractionsController {
   constructor(

packages/backend/src/modules/portail-admin/dto/register-user-structure-admin.dto.ts

@@ -11,7 +11,11 @@ import {
 } from "class-validator";
 import { Transform, TransformFnParams } from "class-transformer";
 import { LowerCaseTransform } from "../../../_common/decorators";
-import { UserStructureRole, UserFonction } from "@domifa/common";
+import {
+  UserStructureRole,
+  UserFonction,
+  ALL_USER_STRUCTURE_ROLES,
+} from "@domifa/common";
 
 export class RegisterUserStructureAdminDto {
   @ApiProperty({
@@ -78,10 +82,10 @@ export class RegisterUserStructureAdminDto {
   @ApiProperty({
     type: String,
     required: true,
-    enum: ["admin", "simple", "facteur", "responsable"],
+    enum: ALL_USER_STRUCTURE_ROLES,
   })
   @IsNotEmpty()
-  @IsIn(["admin", "simple", "facteur", "responsable"])
+  @IsIn(ALL_USER_STRUCTURE_ROLES)
   public readonly role!: UserStructureRole;
 
   @IsNotEmpty()

packages/backend/src/modules/portail-usagers/controllers/portail-usagers-manager/portail-usagers-manager.controller.ts

@@ -5,6 +5,7 @@ import {
   UserUsagerWithUsagerInfo,
   PageMeta,
   PageResults,
+  ALL_USER_STRUCTURE_ROLES,
 } from "@domifa/common";
 import {
   Body,
@@ -18,10 +19,7 @@ import {
   Res,
   UseGuards,
 } from "@nestjs/common";
-import {
-  USER_STRUCTURE_ROLE_ALL,
-  UserStructureAuthenticated,
-} from "../../../../_common/model";
+import { UserStructureAuthenticated } from "../../../../_common/model";
 import {
   AllowUserProfiles,
   AllowUserStructureRoles,
@@ -53,7 +51,7 @@ import * as XLSX from "xlsx";
 @ApiTags("portail-usagers-manager")
 @UseGuards(AuthGuard("jwt"), AppUserGuard)
 @AllowUserProfiles("structure")
-@AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
+@AllowUserStructureRoles("responsable", "admin")
 @ApiBearerAuth()
 export class PortailUsagersManagerController {
   constructor(private readonly appLogsService: AppLogsService) {}
@@ -114,15 +112,13 @@ export class PortailUsagersManagerController {
     }
   }
 
-  @AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
   @Get("stats")
   public async getUserUsagerStats(
     @CurrentUser() currentUser: UserStructureAuthenticated
   ): Promise<UsagersCountByStatus> {
     return usagerRepository.countUsagersByStatus(currentUser.structureId, true);
   }
 
-  @AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
   @Get("export/all-accounts")
   public async exportAccountsToExcel(
     @Res() res: Response,
@@ -197,7 +193,6 @@ export class PortailUsagersManagerController {
     res.send(excelBuffer);
   }
 
-  @AllowUserStructureRoles("admin", "responsable")
   @Get("generate-all-accounts")
   public async generateAllAccounts(
     @Res() res: Response,
@@ -272,9 +267,9 @@ export class PortailUsagersManagerController {
   }
 
   @UseGuards(UsagerAccessGuard)
-  @AllowUserStructureRoles("simple", "responsable", "admin")
+  @AllowUserStructureRoles("simple", "responsable", "admin", "agent")
   @Post("enable-access/:usagerRef")
-  public async editPreupdatePortailUsagerOptionsference(
+  public async enablePortailForUsager(
     @Res() res: Response,
     @Body() dto: UpdatePortailUsagerOptionsDto,
     @CurrentUsager() usager: Usager,
@@ -333,7 +328,6 @@ export class PortailUsagersManagerController {
     }
   }
 
-  @AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
   @Post("all-accounts")
   public async getAllAccounts(
     @Body() pageOptionsDto: PageOptionsDto,
@@ -354,7 +348,7 @@ export class PortailUsagersManagerController {
   }
 
   @UseGuards(UsagerAccessGuard)
-  @AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
+  @AllowUserStructureRoles(...ALL_USER_STRUCTURE_ROLES)
   @Get("profile/:usagerRef")
   public async findOne(
     @Param("usagerRef", new ParseIntPipe()) _usagerRef: number,

packages/backend/src/modules/sms/sms.controller.security-tests.ts

@@ -1,11 +1,10 @@
 import { HttpStatus } from "@nestjs/common";
-import { USER_STRUCTURE_ROLE_ALL } from "../../_common/model";
 import {
   AppTestHttpClientSecurityTestDef,
   expectedResponseStatusBuilder,
 } from "../../_tests";
 import { AppTestContext, AppTestHttpClient } from "../../util/test";
-import { PageOptions } from "@domifa/common";
+import { ALL_USER_STRUCTURE_ROLES, PageOptions } from "@domifa/common";
 
 ////////////////// IMPORTANT //////////////////
 //
@@ -27,7 +26,7 @@ export const SmsControllerSecurityTests: AppTestHttpClientSecurityTestDef[] = [
         expectedStatus: expectedResponseStatusBuilder.allowStructureOnly(
           context.user,
           {
-            roles: USER_STRUCTURE_ROLE_ALL,
+            roles: ALL_USER_STRUCTURE_ROLES,
             validExpectedResponseStatus: HttpStatus.BAD_REQUEST,
             invalidStructureIdExpectedResponseStatus: HttpStatus.BAD_REQUEST,
           }

packages/backend/src/modules/sms/sms.controller.ts

@@ -1,8 +1,12 @@
-import { PageMeta, PageResults, Usager } from "@domifa/common";
+import {
+  ALL_USER_STRUCTURE_ROLES,
+  PageMeta,
+  PageResults,
+  Usager,
+} from "@domifa/common";
 import { Controller, UseGuards, Post, Body } from "@nestjs/common";
 import { AuthGuard } from "@nestjs/passport";
 import { ApiTags, ApiBearerAuth } from "@nestjs/swagger";
-import { USER_STRUCTURE_ROLE_ALL } from "../../_common/model";
 import {
   AllowUserProfiles,
   AllowUserStructureRoles,
@@ -15,7 +19,7 @@ import { PageOptionsDto } from "../../usagers/dto";
 @Controller("sms")
 @UseGuards(AuthGuard("jwt"), AppUserGuard)
 @AllowUserProfiles("structure")
-@AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
+@AllowUserStructureRoles(...ALL_USER_STRUCTURE_ROLES)
 @ApiTags("sms")
 export class SmsController {
   @ApiBearerAuth()

packages/backend/src/modules/stats/controllers/stats.private.controller.security-tests.ts

@@ -11,7 +11,7 @@ import {
   expectedResponseStatusBuilder,
 } from "../../../_tests";
 import { AppTestContext, AppTestHttpClient } from "../../../util/test";
-import { USER_STRUCTURE_ROLE_ALL } from "../../../_common/model";
+import { ALL_USER_STRUCTURE_ROLES } from "@domifa/common";
 
 const CONTROLLER = "StatsPrivateController";
 
@@ -33,7 +33,7 @@ export const StatsPrivateControllerSecurityTests: AppTestHttpClientSecurityTestD
           expectedStatus: expectedResponseStatusBuilder.allowStructureOnly(
             context.user,
             {
-              roles: USER_STRUCTURE_ROLE_ALL,
+              roles: ALL_USER_STRUCTURE_ROLES,
               validExpectedResponseStatus: HttpStatus.CREATED,
             }
           ),
@@ -56,7 +56,7 @@ export const StatsPrivateControllerSecurityTests: AppTestHttpClientSecurityTestD
           expectedStatus: expectedResponseStatusBuilder.allowStructureOnly(
             context.user,
             {
-              roles: USER_STRUCTURE_ROLE_ALL,
+              roles: ALL_USER_STRUCTURE_ROLES,
               validExpectedResponseStatus: HttpStatus.OK,
             }
           ),

packages/backend/src/modules/stats/controllers/stats.private.controller.ts

@@ -1,4 +1,7 @@
-import { StructureStatsReportingQuestions } from "@domifa/common";
+import {
+  ALL_USER_STRUCTURE_ROLES,
+  StructureStatsReportingQuestions,
+} from "@domifa/common";
 import {
   Body,
   Controller,
@@ -12,10 +15,7 @@ import { AuthGuard } from "@nestjs/passport";
 import { ApiTags } from "@nestjs/swagger";
 import { Response } from "express";
 import { format } from "date-fns";
-import {
-  USER_STRUCTURE_ROLE_ALL,
-  UserStructureAuthenticated,
-} from "../../../_common/model";
+import { UserStructureAuthenticated } from "../../../_common/model";
 import {
   AllowUserProfiles,
   AllowUserStructureRoles,
@@ -35,7 +35,7 @@ import { structureStatsInPeriodGenerator } from "../services";
 @Controller("stats")
 @ApiTags("stats")
 @AllowUserProfiles("structure")
-@AllowUserStructureRoles(...USER_STRUCTURE_ROLE_ALL)
+@AllowUserStructureRoles(...ALL_USER_STRUCTURE_ROLES)
 @UseGuards(AuthGuard("jwt"), AppUserGuard)
 export class StatsPrivateController {
   constructor(private readonly appLogsService: AppLogsService) {}