Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 | 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 2x 2x 2x 2x 2x 2x 2x 1x 1x 1x 1x 1x 1x 1x 1x 1x 2x 2x 2x 2x 2x 2x 2x 2x 1x 1x 1x 1x 1x 1x | import { Controller, ForbiddenException, Get, Param, UseGuards } from '@nestjs/common';
import { ApiBearerAuth, ApiTags } from '@nestjs/swagger';
import { Company } from '@amalia/core/models';
import { PaymentAmountsByCategory, type PaymentCategory, type PaymentContract } from '@amalia/core/types';
import { UuidPipe } from '@amalia/kernel/api';
import {
AmaliaAuthGuard,
CheckPolicies,
CurrentAuthenticatedContext,
CurrentUserCompany,
PoliciesGuard,
} from '@amalia/kernel/auth/core';
import { canViewStatements, canViewThisStatement, defineAbilityFor } from '@amalia/kernel/auth/shared';
import { type AuthenticatedContext } from '@amalia/kernel/auth/types';
import { StatementsService } from '../statements/statements.service';
import { StatementPaymentsService } from './statementPayments.service';
@UseGuards(AmaliaAuthGuard, PoliciesGuard)
@ApiBearerAuth()
@ApiTags('statements')
@Controller('statements/:id')
export class StatementPaymentsController {
public constructor(
private readonly statementsService: StatementsService,
private readonly statementPaymentsService: StatementPaymentsService,
) {}
@Get('hold-and-release-payments')
@CheckPolicies((ability) => canViewStatements(ability))
public async findStatementHoldAndReleasePayments(
@CurrentUserCompany() company: Company,
@CurrentAuthenticatedContext() authenticatedContext: AuthenticatedContext,
@Param('id', new UuidPipe()) statementId: string,
): Promise<PaymentContract[]> {
const statement = await this.statementsService.findById(company, statementId, true);
if (!canViewThisStatement(defineAbilityFor(authenticatedContext), statement)) {
throw new ForbiddenException("You don't have access to this statement");
}
return this.statementPaymentsService.findStatementHoldAndReleasePayments(company.id, statement);
}
@Get('paymentsPerCategory')
@CheckPolicies((ability) => canViewStatements(ability))
public async findAllForStatement(
@CurrentUserCompany() company: Company,
@CurrentAuthenticatedContext() authenticatedContext: AuthenticatedContext,
@Param('id', new UuidPipe()) statementId: string,
): Promise<Record<PaymentCategory, Partial<PaymentContract>[]>> {
const statement = await this.statementsService.findById(company, statementId);
if (!canViewThisStatement(defineAbilityFor(authenticatedContext), statement)) {
throw new ForbiddenException("You don't have access to this statement");
}
return this.statementPaymentsService.findAllForStatement(company.id, statement);
}
@Get('amounts')
@CheckPolicies((ability) => canViewStatements(ability))
public async computeAmounts(
@CurrentUserCompany() company: Company,
@CurrentAuthenticatedContext() authenticatedContext: AuthenticatedContext,
@Param('id', new UuidPipe()) statementId: string,
): Promise<PaymentAmountsByCategory> {
const statement = await this.statementsService.findById(company, statementId);
const ability = defineAbilityFor(authenticatedContext);
if (!canViewThisStatement(ability, statement)) {
throw new ForbiddenException("You don't have access to this statement");
}
return this.statementPaymentsService.computeSumForStatement(company.id, statement);
}
}
|