All files / libs/reporting/dashboards/core/src/lib dashboards.controller.ts

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
7x
7x
7x
7x
7x
7x
7x
7x
7x
7x
7x
7x
7x
7x
7x
7x
7x
7x
2x
2x
5x
7x
 
 
5x
5x
5x
5x
5x
5x
5x
5x
5x
5x
5x
1x
 
import { Controller, ForbiddenException, Get, Query, UseGuards } from '@nestjs/common';
import { ApiBearerAuth, ApiTags } from '@nestjs/swagger';
 
import { Company as CompanyEntity } from '@amalia/core/models';
import {
  DatePipe,
  EnumPipe,
  FeatureFlagGuard,
  NumberPipe,
  StringPipe,
  UuidOrKeywordPipe,
  UuidPipe,
} from '@amalia/kernel/api';
import {
  AmaliaAuthGuard,
  CheckPolicies,
  CurrentAuthenticatedContext,
  CurrentUserCompany,
  PoliciesGuard,
} from '@amalia/kernel/auth/core';
import {
  canViewHiddenPlans,
  canViewPresetReports,
  canViewThisPresetReport,
  defineAbilityFor,
} from '@amalia/kernel/auth/shared';
import { type AuthenticatedContext } from '@amalia/kernel/auth/types';
import { PlanIsHiddenQueryChoices } from '@amalia/payout-definition/plans/types';
import { customReportsPresetKeywords, CustomReportsPresetsEnum } from '@amalia/reporting/custom-reports/shared';
import { Statistics } from '@amalia/reporting/dashboards/types';
 
import { DashboardsService } from './dashboards.service';
 
@UseGuards(AmaliaAuthGuard, PoliciesGuard, FeatureFlagGuard)
@ApiBearerAuth()
@ApiTags('dashboards')
@Controller('dashboards')
export class DashboardsController {
  public constructor(private readonly dashboardsService: DashboardsService) {}
 
  @Get('widget')
  @CheckPolicies((ability) => canViewPresetReports(ability))
  public async getWidget(
    @CurrentAuthenticatedContext() authenticatedContext: AuthenticatedContext,
    @CurrentUserCompany() company: CompanyEntity,
    @Query('reportId', new UuidOrKeywordPipe({ keywords: customReportsPresetKeywords }))
    reportId: CustomReportsPresetsEnum,
    // Do not use UuidPipe as period can be keywork such as LAST_12_MONTH
    @Query('periodIds', new StringPipe({ multiple: true, optional: true })) periodIds: string[],
    // Selected period date with YYYY-MM-DD expected format
    @Query('referenceDate', new DatePipe({ optional: true })) referenceDate: Date,
    @Query('planIds', new UuidPipe({ optional: true, multiple: true })) planIds: string[],
    @Query('teamIds', new UuidPipe({ optional: true, multiple: true })) teamIds: string[],
    @Query('userIds', new UuidPipe({ optional: true, multiple: true })) userIds: string[],
    @Query('limit', new NumberPipe({ optional: true })) limit?: number,
    @Query('planHiddenStatus', new EnumPipe({ enum: PlanIsHiddenQueryChoices, optional: true }))
    planHiddenStatus: PlanIsHiddenQueryChoices = PlanIsHiddenQueryChoices.LIVE,
  ): Promise<Statistics> {
    const ability = defineAbilityFor(authenticatedContext);
 
    if (!canViewThisPresetReport(ability, { presetReportId: reportId })) {
      throw new ForbiddenException();
    }
 
    if (planHiddenStatus !== PlanIsHiddenQueryChoices.LIVE && !canViewHiddenPlans(ability)) {
      throw new ForbiddenException('This user cannot query hidden plans.');
    }
 
    return this.dashboardsService.getWidget(company, authenticatedContext, reportId, {
      periodIds,
      referenceDate,
      planIds,
      teamIds,
      userIds,
      limit,
      planHiddenStatus,
    });
  }
}