boha_admin/app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 26 Wiki Activity

refactor: extract users business logic into users.service.ts

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
BOHA
2026-03-23 09:03:31 +01:00
parent d26bbd8e7c
commit dbf8749b37
2 changed files with 211 additions and 143 deletions
Download Patch File Download Diff File Expand all files Collapse all files

168
src/routes/admin/users.ts
View File

@@ -1,53 +1,22 @@
import { FastifyInstance } from 'fastify';
import prisma from '../../config/database';
import { requirePermission } from '../../middleware/auth';
import { logAudit } from '../../services/audit';
import { success, error, parseId } from '../../utils/response';
import { parsePagination, buildPaginationMeta } from '../../utils/pagination';
import bcrypt from 'bcryptjs';
import { config } from '../../config/env';
import { parseBody } from '../../schemas/common';
import { CreateUserSchema, UpdateUserSchema } from '../../schemas/users.schema';
const ALLOWED_SORT_FIELDS = ['id', 'username', 'email', 'first_name', 'last_name', 'created_at'];
import { listUsers, getUser, createUser, updateUser, deleteUser } from '../../services/users.service';
export default async function usersRoutes(fastify: FastifyInstance): Promise<void> {
// GET /api/admin/users
fastify.get('/', { preHandler: requirePermission('users.view') }, async (request, reply) => {
const { page, limit, skip, sort, order, search } = parsePagination(request.query as Record<string, unknown>);
const sortField = ALLOWED_SORT_FIELDS.includes(sort) ? sort : 'id';
const where = search
? {
OR: [
{ username: { contains: search } },
{ email: { contains: search } },
{ first_name: { contains: search } },
{ last_name: { contains: search } },
],
}
: {};
const [users, total] = await Promise.all([
prisma.users.findMany({
where,
skip,
take: limit,
orderBy: { [sortField]: order },
select: {
id: true, username: true, email: true, first_name: true, last_name: true,
role_id: true, is_active: true, last_login: true, totp_enabled: true,
created_at: true, updated_at: true,
roles: { select: { id: true, name: true, display_name: true } },
},
}),
prisma.users.count({ where }),
]);
const params = parsePagination(request.query as Record<string, unknown>);
const result = await listUsers(params);
return reply.send({
success: true,
data: users,
pagination: buildPaginationMeta(total, page, limit),
data: result.users,
pagination: buildPaginationMeta(result.total, result.page, result.limit),
});
});
@@ -55,16 +24,8 @@ export default async function usersRoutes(fastify: FastifyInstance): Promise<voi
fastify.get<{ Params: { id: string } }>('/:id', { preHandler: requirePermission('users.view') }, async (request, reply) => {
const id = parseId(request.params.id, reply);
if (id === null) return;
const user = await prisma.users.findUnique({
where: { id },
select: {
id: true, username: true, email: true, first_name: true, last_name: true,
role_id: true, is_active: true, last_login: true, totp_enabled: true,
created_at: true, updated_at: true,
roles: { select: { id: true, name: true, display_name: true } },
},
});
const user = await getUser(id);
if (!user) return error(reply, 'Uživatel nenalezen', 404);
return success(reply, user);
});
@@ -75,54 +36,28 @@ export default async function usersRoutes(fastify: FastifyInstance): Promise<voi
if ('error' in parsed) return error(reply, parsed.error, 400);
const body = parsed.data;
const username = body.username.trim();
const email = body.email.trim();
const password = body.password;
const firstName = body.first_name.trim();
const lastName = body.last_name.trim();
const roleId = body.role_id;
// Email format
if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) {
return error(reply, 'Neplatný formát e-mailu', 400);
}
// Username uniqueness
const existingUsername = await prisma.users.findFirst({ where: { username } });
if (existingUsername) {
return error(reply, 'Uživatelské jméno již existuje', 409);
}
// Email uniqueness
const existingEmail = await prisma.users.findFirst({ where: { email } });
if (existingEmail) {
return error(reply, 'E-mail již existuje', 409);
}
const passwordHash = await bcrypt.hash(password, config.security.bcryptCost);
const user = await prisma.users.create({
data: {
username,
email,
password_hash: passwordHash,
first_name: firstName,
last_name: lastName,
role_id: roleId ? Number(roleId) : null,
is_active: body.is_active !== false,
},
const result = await createUser({
username: body.username,
email: body.email,
password: body.password,
first_name: body.first_name,
last_name: body.last_name,
role_id: body.role_id,
is_active: body.is_active,
});
if ('error' in result) return error(reply, result.error, result.status);
await logAudit({
request,
authData: request.authData,
action: 'create',
entityType: 'user',
entityId: user.id,
description: `Vytvořen uživatel ${user.username}`,
entityId: result.user.id,
description: `Vytvořen uživatel ${result.user.username}`,
});
return success(reply, { id: user.id }, 201, 'Uživatel byl vytvořen');
return success(reply, { id: result.user.id }, 201, 'Uživatel byl vytvořen');
});
// PUT /api/admin/users/:id
@@ -131,54 +66,9 @@ export default async function usersRoutes(fastify: FastifyInstance): Promise<voi
if (id === null) return;
const parsed = parseBody(UpdateUserSchema, request.body);
if ('error' in parsed) return error(reply, parsed.error, 400);
const body = parsed.data;
const existing = await prisma.users.findUnique({ where: { id } });
if (!existing) return error(reply, 'Uživatel nenalezen', 404);
const data: Record<string, unknown> = {};
// Username validation and uniqueness
if (body.username !== undefined) {
const newUsername = String(body.username).trim();
if (newUsername !== existing.username) {
const existingUsername = await prisma.users.findFirst({ where: { username: newUsername } });
if (existingUsername) {
return error(reply, 'Uživatelské jméno již existuje', 409);
}
}
data.username = newUsername;
}
// Email validation and uniqueness
if (body.email !== undefined) {
const newEmail = String(body.email).trim();
if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(newEmail)) {
return error(reply, 'Neplatný formát e-mailu', 400);
}
const existingEmail = await prisma.users.findFirst({
where: { email: newEmail, id: { not: id } },
});
if (existingEmail) {
return error(reply, 'E-mail již existuje', 409);
}
data.email = newEmail;
}
if (body.first_name !== undefined) data.first_name = String(body.first_name);
if (body.last_name !== undefined) data.last_name = String(body.last_name);
if (body.role_id !== undefined) data.role_id = body.role_id ? Number(body.role_id) : null;
if (body.is_active !== undefined) data.is_active = body.is_active === true || body.is_active === 1 || body.is_active === '1';
if (body.password) {
const newPassword = String(body.password);
if (newPassword.length < 8) {
return error(reply, 'Heslo musí mít alespoň 8 znaků', 400);
}
data.password_hash = await bcrypt.hash(newPassword, config.security.bcryptCost);
data.password_changed_at = new Date();
}
await prisma.users.update({ where: { id }, data });
const result = await updateUser(id, parsed.data);
if ('error' in result) return error(reply, result.error, result.status);
await logAudit({
request,
@@ -186,7 +76,7 @@ export default async function usersRoutes(fastify: FastifyInstance): Promise<voi
action: 'update',
entityType: 'user',
entityId: id,
description: `Upraven uživatel ${existing.username}`,
description: `Upraven uživatel ${result.username}`,
});
return success(reply, { id }, 200, 'Uživatel byl uložen');
@@ -197,16 +87,8 @@ export default async function usersRoutes(fastify: FastifyInstance): Promise<voi
const id = parseId(request.params.id, reply);
if (id === null) return;
const authData = request.authData;
if (id === authData?.userId) {
return error(reply, 'Nelze smazat vlastní účet', 400);
}
const existing = await prisma.users.findUnique({ where: { id } });
if (!existing) return error(reply, 'Uživatel nenalezen', 404);
await prisma.refresh_tokens.deleteMany({ where: { user_id: id } });
await prisma.users.delete({ where: { id } });
const result = await deleteUser(id, request.authData?.userId);
if ('error' in result) return error(reply, result.error, result.status);
await logAudit({
request,
@@ -214,7 +96,7 @@ export default async function usersRoutes(fastify: FastifyInstance): Promise<voi
action: 'delete',
entityType: 'user',
entityId: id,
description: `Smazán uživatel ${existing.username}`,
description: `Smazán uživatel ${result.username}`,
});
return success(reply, null, 200, 'Uživatel smazán');

186
src/services/users.service.ts Normal file
View File

@@ -0,0 +1,186 @@
import prisma from '../config/database';
import bcrypt from 'bcryptjs';
import { config } from '../config/env';
const ALLOWED_SORT_FIELDS = ['id', 'username', 'email', 'first_name', 'last_name', 'created_at'];
const USER_SELECT = {
id: true, username: true, email: true, first_name: true, last_name: true,
role_id: true, is_active: true, last_login: true, totp_enabled: true,
created_at: true, updated_at: true,
roles: { select: { id: true, name: true, display_name: true } },
} as const;
export interface ListUsersParams {
page: number;
limit: number;
skip: number;
sort: string;
order: 'asc' | 'desc';
search: string;
}
export interface CreateUserData {
username: string;
email: string;
password: string;
first_name: string;
last_name: string;
role_id?: number | null;
is_active?: boolean;
}
export interface UpdateUserData {
username?: string;
email?: string;
password?: string;
first_name?: string;
last_name?: string;
role_id?: number | null;
is_active?: boolean | number | string;
}
export async function listUsers(params: ListUsersParams) {
const { page, limit, skip, sort, order, search } = params;
const sortField = ALLOWED_SORT_FIELDS.includes(sort) ? sort : 'id';
const where = search
? {
OR: [
{ username: { contains: search } },
{ email: { contains: search } },
{ first_name: { contains: search } },
{ last_name: { contains: search } },
],
}
: {};
const [users, total] = await Promise.all([
prisma.users.findMany({
where,
skip,
take: limit,
orderBy: { [sortField]: order },
select: USER_SELECT,
}),
prisma.users.count({ where }),
]);
return { users, total, page, limit };
}
export async function getUser(id: number) {
return prisma.users.findUnique({
where: { id },
select: USER_SELECT,
});
}
export async function createUser(data: CreateUserData) {
const username = data.username.trim();
const email = data.email.trim();
const firstName = data.first_name.trim();
const lastName = data.last_name.trim();
// Email format
if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) {
return { error: 'Neplatný formát e-mailu', status: 400 } as const;
}
// Username uniqueness
const existingUsername = await prisma.users.findFirst({ where: { username } });
if (existingUsername) {
return { error: 'Uživatelské jméno již existuje', status: 409 } as const;
}
// Email uniqueness
const existingEmail = await prisma.users.findFirst({ where: { email } });
if (existingEmail) {
return { error: 'E-mail již existuje', status: 409 } as const;
}
const passwordHash = await bcrypt.hash(data.password, config.security.bcryptCost);
const user = await prisma.users.create({
data: {
username,
email,
password_hash: passwordHash,
first_name: firstName,
last_name: lastName,
role_id: data.role_id ? Number(data.role_id) : null,
is_active: data.is_active !== false,
},
});
return { user } as const;
}
export async function updateUser(id: number, body: UpdateUserData) {
const existing = await prisma.users.findUnique({ where: { id } });
if (!existing) {
return { error: 'Uživatel nenalezen', status: 404 } as const;
}
const data: Record<string, unknown> = {};
// Username validation and uniqueness
if (body.username !== undefined) {
const newUsername = String(body.username).trim();
if (newUsername !== existing.username) {
const existingUsername = await prisma.users.findFirst({ where: { username: newUsername } });
if (existingUsername) {
return { error: 'Uživatelské jméno již existuje', status: 409 } as const;
}
}
data.username = newUsername;
}
// Email validation and uniqueness
if (body.email !== undefined) {
const newEmail = String(body.email).trim();
if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(newEmail)) {
return { error: 'Neplatný formát e-mailu', status: 400 } as const;
}
const existingEmail = await prisma.users.findFirst({
where: { email: newEmail, id: { not: id } },
});
if (existingEmail) {
return { error: 'E-mail již existuje', status: 409 } as const;
}
data.email = newEmail;
}
if (body.first_name !== undefined) data.first_name = String(body.first_name);
if (body.last_name !== undefined) data.last_name = String(body.last_name);
if (body.role_id !== undefined) data.role_id = body.role_id ? Number(body.role_id) : null;
if (body.is_active !== undefined) data.is_active = body.is_active === true || body.is_active === 1 || body.is_active === '1';
if (body.password) {
const newPassword = String(body.password);
if (newPassword.length < 8) {
return { error: 'Heslo musí mít alespoň 8 znaků', status: 400 } as const;
}
data.password_hash = await bcrypt.hash(newPassword, config.security.bcryptCost);
data.password_changed_at = new Date();
}
await prisma.users.update({ where: { id }, data });
return { id, username: existing.username } as const;
}
export async function deleteUser(id: number, currentUserId?: number) {
if (id === currentUserId) {
return { error: 'Nelze smazat vlastní účet', status: 400 } as const;
}
const existing = await prisma.users.findUnique({ where: { id } });
if (!existing) {
return { error: 'Uživatel nenalezen', status: 404 } as const;
}
await prisma.refresh_tokens.deleteMany({ where: { user_id: id } });
await prisma.users.delete({ where: { id } });
return { id, username: existing.username } as const;
}