perbaikan batas akses pengelola rumah ibadab sesuai dengan yang dipilih
This commit is contained in:
+53
-10
@@ -1,5 +1,5 @@
|
|||||||
import { z } from "zod";
|
import { z } from "zod";
|
||||||
import { createRouter, publicQuery } from "./middleware";
|
import { createRouter, authedQuery } from "./middleware";
|
||||||
import {
|
import {
|
||||||
findAllDistributions,
|
findAllDistributions,
|
||||||
findDistributionById,
|
findDistributionById,
|
||||||
@@ -8,6 +8,8 @@ import {
|
|||||||
} from "./queries/distributions";
|
} from "./queries/distributions";
|
||||||
import { findRecipientById } from "./queries/recipients";
|
import { findRecipientById } from "./queries/recipients";
|
||||||
import { createActivityLog } from "./queries/activityLogs";
|
import { createActivityLog } from "./queries/activityLogs";
|
||||||
|
import { findPlaceIdsByManagerId } from "./queries/placesOfWorship";
|
||||||
|
import { TRPCError } from "@trpc/server";
|
||||||
|
|
||||||
async function logActivitySafe(payload: Parameters<typeof createActivityLog>[0]) {
|
async function logActivitySafe(payload: Parameters<typeof createActivityLog>[0]) {
|
||||||
try {
|
try {
|
||||||
@@ -18,18 +20,35 @@ async function logActivitySafe(payload: Parameters<typeof createActivityLog>[0])
|
|||||||
}
|
}
|
||||||
|
|
||||||
export const distributionRouter = createRouter({
|
export const distributionRouter = createRouter({
|
||||||
list: publicQuery
|
list: authedQuery
|
||||||
.input(
|
.input(
|
||||||
z.object({
|
z.object({
|
||||||
placeOfWorshipId: z.number().optional(),
|
placeOfWorshipId: z.number().optional(),
|
||||||
recipientId: z.number().optional(),
|
recipientId: z.number().optional(),
|
||||||
}).optional()
|
}).optional()
|
||||||
)
|
)
|
||||||
.query(async ({ input }) => {
|
.query(async ({ input, ctx }) => {
|
||||||
return findAllDistributions(input?.placeOfWorshipId, input?.recipientId);
|
if (ctx.user.role === "manager") {
|
||||||
|
const placeIds = await findPlaceIdsByManagerId(ctx.user.id);
|
||||||
|
if (placeIds.length === 0) return [];
|
||||||
|
if (input?.placeOfWorshipId) {
|
||||||
|
if (!placeIds.includes(input.placeOfWorshipId)) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Anda tidak berwenang mengakses data distribusi ini.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
return findAllDistributions([input.placeOfWorshipId], input?.recipientId);
|
||||||
|
}
|
||||||
|
return findAllDistributions(placeIds, input?.recipientId);
|
||||||
|
}
|
||||||
|
return findAllDistributions(
|
||||||
|
input?.placeOfWorshipId ? [input.placeOfWorshipId] : undefined,
|
||||||
|
input?.recipientId
|
||||||
|
);
|
||||||
}),
|
}),
|
||||||
|
|
||||||
create: publicQuery
|
create: authedQuery
|
||||||
.input(
|
.input(
|
||||||
z.object({
|
z.object({
|
||||||
placeOfWorshipId: z.number().min(1),
|
placeOfWorshipId: z.number().min(1),
|
||||||
@@ -42,7 +61,17 @@ export const distributionRouter = createRouter({
|
|||||||
notes: z.string().optional(),
|
notes: z.string().optional(),
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
.mutation(async ({ input }) => {
|
.mutation(async ({ input, ctx }) => {
|
||||||
|
if (ctx.user.role === "manager") {
|
||||||
|
const placeIds = await findPlaceIdsByManagerId(ctx.user.id);
|
||||||
|
if (!placeIds.includes(input.placeOfWorshipId)) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Anda hanya berwenang mencatat distribusi bantuan untuk rumah ibadah yang Anda kelola.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const created = await createDistribution({
|
const created = await createDistribution({
|
||||||
...input,
|
...input,
|
||||||
amount: input.amount.toString(),
|
amount: input.amount.toString(),
|
||||||
@@ -53,7 +82,7 @@ export const distributionRouter = createRouter({
|
|||||||
if (created) {
|
if (created) {
|
||||||
const recipient = await findRecipientById(created.recipientId);
|
const recipient = await findRecipientById(created.recipientId);
|
||||||
await logActivitySafe({
|
await logActivitySafe({
|
||||||
userId: input.distributedBy ?? null,
|
userId: ctx.user.id,
|
||||||
action: "CREATE",
|
action: "CREATE",
|
||||||
entityType: "distribution",
|
entityType: "distribution",
|
||||||
entityId: created.id,
|
entityId: created.id,
|
||||||
@@ -66,15 +95,29 @@ export const distributionRouter = createRouter({
|
|||||||
return created;
|
return created;
|
||||||
}),
|
}),
|
||||||
|
|
||||||
delete: publicQuery
|
delete: authedQuery
|
||||||
.input(z.object({ id: z.number() }))
|
.input(z.object({ id: z.number() }))
|
||||||
.mutation(async ({ input }) => {
|
.mutation(async ({ input, ctx }) => {
|
||||||
const target = await findDistributionById(input.id);
|
const target = await findDistributionById(input.id);
|
||||||
|
if (!target) {
|
||||||
|
throw new TRPCError({ code: "NOT_FOUND", message: "Data tidak ditemukan." });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ctx.user.role === "manager") {
|
||||||
|
const placeIds = await findPlaceIdsByManagerId(ctx.user.id);
|
||||||
|
if (!placeIds.includes(target.placeOfWorshipId)) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Anda tidak berwenang menghapus data distribusi ini.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
await deleteDistribution(input.id);
|
await deleteDistribution(input.id);
|
||||||
|
|
||||||
if (target) {
|
if (target) {
|
||||||
await logActivitySafe({
|
await logActivitySafe({
|
||||||
userId: target.distributedBy ?? null,
|
userId: ctx.user.id,
|
||||||
action: "DELETE",
|
action: "DELETE",
|
||||||
entityType: "distribution",
|
entityType: "distribution",
|
||||||
entityId: target.id,
|
entityId: target.id,
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
import { z } from "zod";
|
import { z } from "zod";
|
||||||
import { createRouter, publicQuery } from "./middleware";
|
import { createRouter, publicQuery, adminQuery } from "./middleware";
|
||||||
import {
|
import {
|
||||||
findAllPlaces,
|
findAllPlaces,
|
||||||
findPlaceById,
|
findPlaceById,
|
||||||
@@ -26,8 +26,9 @@ export const placeOfWorshipRouter = createRouter({
|
|||||||
active: z.string().optional(),
|
active: z.string().optional(),
|
||||||
}).optional()
|
}).optional()
|
||||||
)
|
)
|
||||||
.query(async ({ input }) => {
|
.query(async ({ input, ctx }) => {
|
||||||
return findAllPlaces(input?.search, input?.type, input?.active);
|
const managerId = ctx.user?.role === "manager" ? ctx.user.id : undefined;
|
||||||
|
return findAllPlaces(input?.search, input?.type, input?.active, managerId);
|
||||||
}),
|
}),
|
||||||
|
|
||||||
byId: publicQuery
|
byId: publicQuery
|
||||||
@@ -36,7 +37,7 @@ export const placeOfWorshipRouter = createRouter({
|
|||||||
return findPlaceById(input.id);
|
return findPlaceById(input.id);
|
||||||
}),
|
}),
|
||||||
|
|
||||||
create: publicQuery
|
create: adminQuery
|
||||||
.input(
|
.input(
|
||||||
z.object({
|
z.object({
|
||||||
name: z.string().min(1),
|
name: z.string().min(1),
|
||||||
@@ -72,7 +73,7 @@ export const placeOfWorshipRouter = createRouter({
|
|||||||
return created;
|
return created;
|
||||||
}),
|
}),
|
||||||
|
|
||||||
update: publicQuery
|
update: adminQuery
|
||||||
.input(
|
.input(
|
||||||
z.object({
|
z.object({
|
||||||
id: z.number(),
|
id: z.number(),
|
||||||
@@ -111,7 +112,7 @@ export const placeOfWorshipRouter = createRouter({
|
|||||||
return updated;
|
return updated;
|
||||||
}),
|
}),
|
||||||
|
|
||||||
delete: publicQuery
|
delete: adminQuery
|
||||||
.input(z.object({ id: z.number() }))
|
.input(z.object({ id: z.number() }))
|
||||||
.mutation(async ({ input }) => {
|
.mutation(async ({ input }) => {
|
||||||
const target = await findPlaceById(input.id);
|
const target = await findPlaceById(input.id);
|
||||||
|
|||||||
@@ -1,12 +1,22 @@
|
|||||||
import { eq, and, desc, count, sql } from "drizzle-orm";
|
import { eq, and, desc, count, sql, inArray } from "drizzle-orm";
|
||||||
import { getDb } from "./connection";
|
import { getDb } from "./connection";
|
||||||
import { distributions } from "@db/schema";
|
import { distributions } from "@db/schema";
|
||||||
import type { InsertDistribution } from "@db/schema";
|
import type { InsertDistribution } from "@db/schema";
|
||||||
|
|
||||||
export async function findAllDistributions(placeOfWorshipId?: number, recipientId?: number) {
|
export async function findAllDistributions(placeOfWorshipIds?: number | number[], recipientId?: number) {
|
||||||
const db = getDb();
|
const db = getDb();
|
||||||
const conditions = [];
|
const conditions = [];
|
||||||
if (placeOfWorshipId) conditions.push(eq(distributions.placeOfWorshipId, placeOfWorshipId));
|
if (placeOfWorshipIds !== undefined) {
|
||||||
|
if (Array.isArray(placeOfWorshipIds)) {
|
||||||
|
if (placeOfWorshipIds.length > 0) {
|
||||||
|
conditions.push(inArray(distributions.placeOfWorshipId, placeOfWorshipIds));
|
||||||
|
} else {
|
||||||
|
conditions.push(sql`1 = 0`);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
conditions.push(eq(distributions.placeOfWorshipId, placeOfWorshipIds));
|
||||||
|
}
|
||||||
|
}
|
||||||
if (recipientId) conditions.push(eq(distributions.recipientId, recipientId));
|
if (recipientId) conditions.push(eq(distributions.recipientId, recipientId));
|
||||||
const where = conditions.length > 0 ? and(...conditions) : undefined;
|
const where = conditions.length > 0 ? and(...conditions) : undefined;
|
||||||
return db.select().from(distributions).where(where).orderBy(desc(distributions.distributionDate));
|
return db.select().from(distributions).where(where).orderBy(desc(distributions.distributionDate));
|
||||||
|
|||||||
@@ -3,7 +3,7 @@ import { getDb } from "./connection";
|
|||||||
import { placesOfWorship } from "@db/schema";
|
import { placesOfWorship } from "@db/schema";
|
||||||
import type { InsertPlaceOfWorship } from "@db/schema";
|
import type { InsertPlaceOfWorship } from "@db/schema";
|
||||||
|
|
||||||
export async function findAllPlaces(search?: string, type?: string, active?: string) {
|
export async function findAllPlaces(search?: string, type?: string, active?: string, managerId?: number) {
|
||||||
const db = getDb();
|
const db = getDb();
|
||||||
const conditions = [];
|
const conditions = [];
|
||||||
if (search) {
|
if (search) {
|
||||||
@@ -15,6 +15,9 @@ export async function findAllPlaces(search?: string, type?: string, active?: str
|
|||||||
if (active && active !== "all") {
|
if (active && active !== "all") {
|
||||||
conditions.push(eq(placesOfWorship.isActive, active as "yes" | "no"));
|
conditions.push(eq(placesOfWorship.isActive, active as "yes" | "no"));
|
||||||
}
|
}
|
||||||
|
if (managerId !== undefined) {
|
||||||
|
conditions.push(eq(placesOfWorship.managerId, managerId));
|
||||||
|
}
|
||||||
const where = conditions.length > 0 ? and(...conditions) : undefined;
|
const where = conditions.length > 0 ? and(...conditions) : undefined;
|
||||||
return db.select().from(placesOfWorship).where(where).orderBy(desc(placesOfWorship.createdAt));
|
return db.select().from(placesOfWorship).where(where).orderBy(desc(placesOfWorship.createdAt));
|
||||||
}
|
}
|
||||||
@@ -25,6 +28,21 @@ export async function findPlaceById(id: number) {
|
|||||||
return rows.at(0) ?? null;
|
return rows.at(0) ?? null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export async function findPlaceByManagerId(managerId: number) {
|
||||||
|
const db = getDb();
|
||||||
|
const rows = await db.select().from(placesOfWorship).where(eq(placesOfWorship.managerId, managerId)).limit(1);
|
||||||
|
return rows.at(0) ?? null;
|
||||||
|
}
|
||||||
|
|
||||||
|
export async function findPlaceIdsByManagerId(managerId: number) {
|
||||||
|
const db = getDb();
|
||||||
|
const rows = await db
|
||||||
|
.select({ id: placesOfWorship.id })
|
||||||
|
.from(placesOfWorship)
|
||||||
|
.where(eq(placesOfWorship.managerId, managerId));
|
||||||
|
return rows.map((r) => r.id);
|
||||||
|
}
|
||||||
|
|
||||||
export async function createPlace(data: InsertPlaceOfWorship) {
|
export async function createPlace(data: InsertPlaceOfWorship) {
|
||||||
const db = getDb();
|
const db = getDb();
|
||||||
const [{ id }] = await db.insert(placesOfWorship).values(data).$returningId();
|
const [{ id }] = await db.insert(placesOfWorship).values(data).$returningId();
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
import { eq, like, and, count, desc } from "drizzle-orm";
|
import { eq, like, and, count, desc, inArray, sql } from "drizzle-orm";
|
||||||
import { getDb } from "./connection";
|
import { getDb } from "./connection";
|
||||||
import { recipients } from "@db/schema";
|
import { recipients } from "@db/schema";
|
||||||
import type { InsertRecipient } from "@db/schema";
|
import type { InsertRecipient } from "@db/schema";
|
||||||
@@ -6,7 +6,7 @@ import type { InsertRecipient } from "@db/schema";
|
|||||||
export async function findAllRecipients(
|
export async function findAllRecipients(
|
||||||
search?: string,
|
search?: string,
|
||||||
status?: string,
|
status?: string,
|
||||||
placeOfWorshipId?: number
|
placeOfWorshipIds?: number | number[]
|
||||||
) {
|
) {
|
||||||
const db = getDb();
|
const db = getDb();
|
||||||
const conditions = [];
|
const conditions = [];
|
||||||
@@ -16,8 +16,16 @@ export async function findAllRecipients(
|
|||||||
if (status && status !== "all") {
|
if (status && status !== "all") {
|
||||||
conditions.push(eq(recipients.status, status as "pending" | "active" | "rejected" | "suspended"));
|
conditions.push(eq(recipients.status, status as "pending" | "active" | "rejected" | "suspended"));
|
||||||
}
|
}
|
||||||
if (placeOfWorshipId) {
|
if (placeOfWorshipIds !== undefined) {
|
||||||
conditions.push(eq(recipients.placeOfWorshipId, placeOfWorshipId));
|
if (Array.isArray(placeOfWorshipIds)) {
|
||||||
|
if (placeOfWorshipIds.length > 0) {
|
||||||
|
conditions.push(inArray(recipients.placeOfWorshipId, placeOfWorshipIds));
|
||||||
|
} else {
|
||||||
|
conditions.push(sql`1 = 0`);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
conditions.push(eq(recipients.placeOfWorshipId, placeOfWorshipIds));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
const where = conditions.length > 0 ? and(...conditions) : undefined;
|
const where = conditions.length > 0 ? and(...conditions) : undefined;
|
||||||
return db.select().from(recipients).where(where).orderBy(desc(recipients.createdAt));
|
return db.select().from(recipients).where(where).orderBy(desc(recipients.createdAt));
|
||||||
@@ -29,11 +37,19 @@ export async function findRecipientById(id: number) {
|
|||||||
return rows.at(0) ?? null;
|
return rows.at(0) ?? null;
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function findPendingRecipients(placeOfWorshipId?: number) {
|
export async function findPendingRecipients(placeOfWorshipIds?: number | number[]) {
|
||||||
const db = getDb();
|
const db = getDb();
|
||||||
const conditions = [eq(recipients.status, "pending")];
|
const conditions = [eq(recipients.status, "pending")];
|
||||||
if (placeOfWorshipId) {
|
if (placeOfWorshipIds !== undefined) {
|
||||||
conditions.push(eq(recipients.placeOfWorshipId, placeOfWorshipId));
|
if (Array.isArray(placeOfWorshipIds)) {
|
||||||
|
if (placeOfWorshipIds.length > 0) {
|
||||||
|
conditions.push(inArray(recipients.placeOfWorshipId, placeOfWorshipIds));
|
||||||
|
} else {
|
||||||
|
conditions.push(sql`1 = 0`);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
conditions.push(eq(recipients.placeOfWorshipId, placeOfWorshipIds));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return db.select().from(recipients)
|
return db.select().from(recipients)
|
||||||
.where(and(...conditions))
|
.where(and(...conditions))
|
||||||
|
|||||||
+115
-21
@@ -1,5 +1,5 @@
|
|||||||
import { z } from "zod";
|
import { z } from "zod";
|
||||||
import { createRouter, publicQuery } from "./middleware";
|
import { createRouter, authedQuery } from "./middleware";
|
||||||
import {
|
import {
|
||||||
findAllRecipients,
|
findAllRecipients,
|
||||||
findRecipientById,
|
findRecipientById,
|
||||||
@@ -10,6 +10,8 @@ import {
|
|||||||
deleteRecipient,
|
deleteRecipient,
|
||||||
} from "./queries/recipients";
|
} from "./queries/recipients";
|
||||||
import { createActivityLog } from "./queries/activityLogs";
|
import { createActivityLog } from "./queries/activityLogs";
|
||||||
|
import { findPlaceIdsByManagerId } from "./queries/placesOfWorship";
|
||||||
|
import { TRPCError } from "@trpc/server";
|
||||||
|
|
||||||
async function logActivitySafe(payload: Parameters<typeof createActivityLog>[0]) {
|
async function logActivitySafe(payload: Parameters<typeof createActivityLog>[0]) {
|
||||||
try {
|
try {
|
||||||
@@ -20,7 +22,7 @@ async function logActivitySafe(payload: Parameters<typeof createActivityLog>[0])
|
|||||||
}
|
}
|
||||||
|
|
||||||
export const recipientRouter = createRouter({
|
export const recipientRouter = createRouter({
|
||||||
list: publicQuery
|
list: authedQuery
|
||||||
.input(
|
.input(
|
||||||
z.object({
|
z.object({
|
||||||
search: z.string().optional(),
|
search: z.string().optional(),
|
||||||
@@ -28,23 +30,66 @@ export const recipientRouter = createRouter({
|
|||||||
placeOfWorshipId: z.number().optional(),
|
placeOfWorshipId: z.number().optional(),
|
||||||
}).optional()
|
}).optional()
|
||||||
)
|
)
|
||||||
.query(async ({ input }) => {
|
.query(async ({ input, ctx }) => {
|
||||||
return findAllRecipients(input?.search, input?.status, input?.placeOfWorshipId);
|
if (ctx.user.role === "manager") {
|
||||||
|
const placeIds = await findPlaceIdsByManagerId(ctx.user.id);
|
||||||
|
if (placeIds.length === 0) return [];
|
||||||
|
if (input?.placeOfWorshipId) {
|
||||||
|
if (!placeIds.includes(input.placeOfWorshipId)) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Anda tidak berwenang mengakses data rumah ibadah ini.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
return findAllRecipients(input?.search, input?.status, [input.placeOfWorshipId]);
|
||||||
|
}
|
||||||
|
return findAllRecipients(input?.search, input?.status, placeIds);
|
||||||
|
}
|
||||||
|
return findAllRecipients(
|
||||||
|
input?.search,
|
||||||
|
input?.status,
|
||||||
|
input?.placeOfWorshipId ? [input.placeOfWorshipId] : undefined
|
||||||
|
);
|
||||||
}),
|
}),
|
||||||
|
|
||||||
pending: publicQuery
|
pending: authedQuery
|
||||||
.input(z.object({ placeOfWorshipId: z.number().optional() }).optional())
|
.input(z.object({ placeOfWorshipId: z.number().optional() }).optional())
|
||||||
.query(async ({ input }) => {
|
.query(async ({ input, ctx }) => {
|
||||||
return findPendingRecipients(input?.placeOfWorshipId);
|
if (ctx.user.role === "manager") {
|
||||||
|
const placeIds = await findPlaceIdsByManagerId(ctx.user.id);
|
||||||
|
if (placeIds.length === 0) return [];
|
||||||
|
if (input?.placeOfWorshipId) {
|
||||||
|
if (!placeIds.includes(input.placeOfWorshipId)) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Anda tidak berwenang mengakses data rumah ibadah ini.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
return findPendingRecipients([input.placeOfWorshipId]);
|
||||||
|
}
|
||||||
|
return findPendingRecipients(placeIds);
|
||||||
|
}
|
||||||
|
return findPendingRecipients(input?.placeOfWorshipId ? [input.placeOfWorshipId] : undefined);
|
||||||
}),
|
}),
|
||||||
|
|
||||||
byId: publicQuery
|
byId: authedQuery
|
||||||
.input(z.object({ id: z.number() }))
|
.input(z.object({ id: z.number() }))
|
||||||
.query(async ({ input }) => {
|
.query(async ({ input, ctx }) => {
|
||||||
return findRecipientById(input.id);
|
const recipient = await findRecipientById(input.id);
|
||||||
|
if (!recipient) return null;
|
||||||
|
if (ctx.user.role === "manager") {
|
||||||
|
const placeIds = await findPlaceIdsByManagerId(ctx.user.id);
|
||||||
|
if (!placeIds.includes(recipient.placeOfWorshipId)) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Anda tidak berwenang mengakses data penerima ini.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return recipient;
|
||||||
}),
|
}),
|
||||||
|
|
||||||
create: publicQuery
|
create: authedQuery
|
||||||
.input(
|
.input(
|
||||||
z.object({
|
z.object({
|
||||||
nik: z.string().length(16),
|
nik: z.string().length(16),
|
||||||
@@ -65,7 +110,17 @@ export const recipientRouter = createRouter({
|
|||||||
sktmDocument: z.string().optional(),
|
sktmDocument: z.string().optional(),
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
.mutation(async ({ input }) => {
|
.mutation(async ({ input, ctx }) => {
|
||||||
|
if (ctx.user.role === "manager") {
|
||||||
|
const placeIds = await findPlaceIdsByManagerId(ctx.user.id);
|
||||||
|
if (!placeIds.includes(input.placeOfWorshipId)) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Anda hanya berwenang mendaftarkan penerima untuk rumah ibadah yang Anda kelola.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const created = await createRecipient({
|
const created = await createRecipient({
|
||||||
...input,
|
...input,
|
||||||
latitude: input.latitude?.toString() ?? null,
|
latitude: input.latitude?.toString() ?? null,
|
||||||
@@ -84,7 +139,7 @@ export const recipientRouter = createRouter({
|
|||||||
|
|
||||||
if (created) {
|
if (created) {
|
||||||
await logActivitySafe({
|
await logActivitySafe({
|
||||||
userId: input.registeredBy ?? null,
|
userId: ctx.user.id,
|
||||||
action: "CREATE",
|
action: "CREATE",
|
||||||
entityType: "recipient",
|
entityType: "recipient",
|
||||||
entityId: created.id,
|
entityId: created.id,
|
||||||
@@ -95,7 +150,7 @@ export const recipientRouter = createRouter({
|
|||||||
return created;
|
return created;
|
||||||
}),
|
}),
|
||||||
|
|
||||||
update: publicQuery
|
update: authedQuery
|
||||||
.input(
|
.input(
|
||||||
z.object({
|
z.object({
|
||||||
id: z.number(),
|
id: z.number(),
|
||||||
@@ -116,9 +171,26 @@ export const recipientRouter = createRouter({
|
|||||||
sktmDocument: z.string().optional(),
|
sktmDocument: z.string().optional(),
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
.mutation(async ({ input }) => {
|
.mutation(async ({ input, ctx }) => {
|
||||||
const { id, ...data } = input;
|
const { id, ...data } = input;
|
||||||
const beforeUpdate = await findRecipientById(id);
|
const beforeUpdate = await findRecipientById(id);
|
||||||
|
if (!beforeUpdate) {
|
||||||
|
throw new TRPCError({ code: "NOT_FOUND", message: "Penerima tidak ditemukan." });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ctx.user.role === "manager") {
|
||||||
|
const placeIds = await findPlaceIdsByManagerId(ctx.user.id);
|
||||||
|
if (
|
||||||
|
!placeIds.includes(beforeUpdate.placeOfWorshipId) ||
|
||||||
|
(input.placeOfWorshipId && !placeIds.includes(input.placeOfWorshipId))
|
||||||
|
) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Anda tidak berwenang mengubah data penerima ini.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const updateData: Record<string, unknown> = { ...data };
|
const updateData: Record<string, unknown> = { ...data };
|
||||||
if (data.latitude !== undefined) updateData.latitude = data.latitude.toString();
|
if (data.latitude !== undefined) updateData.latitude = data.latitude.toString();
|
||||||
if (data.longitude !== undefined) updateData.longitude = data.longitude.toString();
|
if (data.longitude !== undefined) updateData.longitude = data.longitude.toString();
|
||||||
@@ -126,7 +198,7 @@ export const recipientRouter = createRouter({
|
|||||||
|
|
||||||
if (updated) {
|
if (updated) {
|
||||||
await logActivitySafe({
|
await logActivitySafe({
|
||||||
userId: beforeUpdate?.registeredBy ?? null,
|
userId: ctx.user.id,
|
||||||
action: "UPDATE",
|
action: "UPDATE",
|
||||||
entityType: "recipient",
|
entityType: "recipient",
|
||||||
entityId: updated.id,
|
entityId: updated.id,
|
||||||
@@ -137,7 +209,7 @@ export const recipientRouter = createRouter({
|
|||||||
return updated;
|
return updated;
|
||||||
}),
|
}),
|
||||||
|
|
||||||
verify: publicQuery
|
verify: authedQuery
|
||||||
.input(
|
.input(
|
||||||
z.object({
|
z.object({
|
||||||
id: z.number(),
|
id: z.number(),
|
||||||
@@ -146,7 +218,15 @@ export const recipientRouter = createRouter({
|
|||||||
rejectionReason: z.string().optional(),
|
rejectionReason: z.string().optional(),
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
.mutation(async ({ input }) => {
|
.mutation(async ({ input, ctx }) => {
|
||||||
|
// Verify is only allowed for Admin and Officer
|
||||||
|
if (ctx.user.role !== "admin" && ctx.user.role !== "officer") {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Hanya petugas verifikasi atau administrator yang dapat memverifikasi kelayakan.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
const verified = await verifyRecipient(input.id, input.status, input.verifiedBy, input.rejectionReason);
|
const verified = await verifyRecipient(input.id, input.status, input.verifiedBy, input.rejectionReason);
|
||||||
if (verified) {
|
if (verified) {
|
||||||
const statusText = input.status === "active" ? "Diterima" : "Ditolak";
|
const statusText = input.status === "active" ? "Diterima" : "Ditolak";
|
||||||
@@ -161,15 +241,29 @@ export const recipientRouter = createRouter({
|
|||||||
return verified;
|
return verified;
|
||||||
}),
|
}),
|
||||||
|
|
||||||
delete: publicQuery
|
delete: authedQuery
|
||||||
.input(z.object({ id: z.number() }))
|
.input(z.object({ id: z.number() }))
|
||||||
.mutation(async ({ input }) => {
|
.mutation(async ({ input, ctx }) => {
|
||||||
const target = await findRecipientById(input.id);
|
const target = await findRecipientById(input.id);
|
||||||
|
if (!target) {
|
||||||
|
throw new TRPCError({ code: "NOT_FOUND", message: "Penerima tidak ditemukan." });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ctx.user.role === "manager") {
|
||||||
|
const placeIds = await findPlaceIdsByManagerId(ctx.user.id);
|
||||||
|
if (!placeIds.includes(target.placeOfWorshipId)) {
|
||||||
|
throw new TRPCError({
|
||||||
|
code: "FORBIDDEN",
|
||||||
|
message: "Anda tidak berwenang menghapus data penerima ini.",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
await deleteRecipient(input.id);
|
await deleteRecipient(input.id);
|
||||||
|
|
||||||
if (target) {
|
if (target) {
|
||||||
await logActivitySafe({
|
await logActivitySafe({
|
||||||
userId: target.registeredBy ?? null,
|
userId: ctx.user.id,
|
||||||
action: "DELETE",
|
action: "DELETE",
|
||||||
entityType: "recipient",
|
entityType: "recipient",
|
||||||
entityId: target.id,
|
entityId: target.id,
|
||||||
|
|||||||
@@ -10,6 +10,9 @@ import {
|
|||||||
} from "./queries/users";
|
} from "./queries/users";
|
||||||
import { hashPassword } from "./auth";
|
import { hashPassword } from "./auth";
|
||||||
import { createActivityLog } from "./queries/activityLogs";
|
import { createActivityLog } from "./queries/activityLogs";
|
||||||
|
import { getDb } from "./queries/connection";
|
||||||
|
import * as schema from "@db/schema";
|
||||||
|
import { inArray, eq } from "drizzle-orm";
|
||||||
|
|
||||||
async function logActivitySafe(payload: Parameters<typeof createActivityLog>[0]) {
|
async function logActivitySafe(payload: Parameters<typeof createActivityLog>[0]) {
|
||||||
try {
|
try {
|
||||||
@@ -31,6 +34,7 @@ export const userRouter = createRouter({
|
|||||||
email: z.string().email(),
|
email: z.string().email(),
|
||||||
password: z.string().min(6),
|
password: z.string().min(6),
|
||||||
role: z.enum(["admin", "officer", "manager"]),
|
role: z.enum(["admin", "officer", "manager"]),
|
||||||
|
placeIds: z.array(z.number()).optional(),
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
.mutation(async ({ input, ctx }) => {
|
.mutation(async ({ input, ctx }) => {
|
||||||
@@ -53,6 +57,15 @@ export const userRouter = createRouter({
|
|||||||
|
|
||||||
const insertedId = result.insertId;
|
const insertedId = result.insertId;
|
||||||
|
|
||||||
|
// Hubungkan rumah ibadah yang dipilih jika perannya adalah manager
|
||||||
|
if (input.role === "manager" && input.placeIds && input.placeIds.length > 0) {
|
||||||
|
const db = getDb();
|
||||||
|
await db
|
||||||
|
.update(schema.placesOfWorship)
|
||||||
|
.set({ managerId: insertedId })
|
||||||
|
.where(inArray(schema.placesOfWorship.id, input.placeIds));
|
||||||
|
}
|
||||||
|
|
||||||
await logActivitySafe({
|
await logActivitySafe({
|
||||||
userId: ctx.user.id,
|
userId: ctx.user.id,
|
||||||
action: "CREATE",
|
action: "CREATE",
|
||||||
@@ -72,6 +85,7 @@ export const userRouter = createRouter({
|
|||||||
email: z.string().email().optional(),
|
email: z.string().email().optional(),
|
||||||
password: z.string().min(6).optional(),
|
password: z.string().min(6).optional(),
|
||||||
role: z.enum(["admin", "officer", "manager"]).optional(),
|
role: z.enum(["admin", "officer", "manager"]).optional(),
|
||||||
|
placeIds: z.array(z.number()).optional(),
|
||||||
})
|
})
|
||||||
)
|
)
|
||||||
.mutation(async ({ input, ctx }) => {
|
.mutation(async ({ input, ctx }) => {
|
||||||
@@ -96,6 +110,38 @@ export const userRouter = createRouter({
|
|||||||
|
|
||||||
await updateUser(input.id, updatedFields);
|
await updateUser(input.id, updatedFields);
|
||||||
|
|
||||||
|
// Kelola asosiasi Rumah Ibadah
|
||||||
|
const db = getDb();
|
||||||
|
// Cari role saat ini untuk mengecek apakah bertipe manager
|
||||||
|
const userRec = await db
|
||||||
|
.select({ role: schema.users.role })
|
||||||
|
.from(schema.users)
|
||||||
|
.where(eq(schema.users.id, input.id))
|
||||||
|
.limit(1);
|
||||||
|
const userRole = userRec[0]?.role;
|
||||||
|
|
||||||
|
if (userRole === "manager") {
|
||||||
|
// Hapus penugasan manager dari semua rumah ibadah yang sebelumnya dikelola user ini
|
||||||
|
await db
|
||||||
|
.update(schema.placesOfWorship)
|
||||||
|
.set({ managerId: null })
|
||||||
|
.where(eq(schema.placesOfWorship.managerId, input.id));
|
||||||
|
|
||||||
|
// Hubungkan ke kumpulan rumah ibadah baru jika ada
|
||||||
|
if (input.placeIds && input.placeIds.length > 0) {
|
||||||
|
await db
|
||||||
|
.update(schema.placesOfWorship)
|
||||||
|
.set({ managerId: input.id })
|
||||||
|
.where(inArray(schema.placesOfWorship.id, input.placeIds));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// Jika peran berubah dari manager ke peran lain, hapus semua relasi kelolanya
|
||||||
|
await db
|
||||||
|
.update(schema.placesOfWorship)
|
||||||
|
.set({ managerId: null })
|
||||||
|
.where(eq(schema.placesOfWorship.managerId, input.id));
|
||||||
|
}
|
||||||
|
|
||||||
await logActivitySafe({
|
await logActivitySafe({
|
||||||
userId: ctx.user.id,
|
userId: ctx.user.id,
|
||||||
action: "UPDATE",
|
action: "UPDATE",
|
||||||
|
|||||||
@@ -464,7 +464,7 @@ export default function PlacesOfWorshipPage() {
|
|||||||
<SelectContent>
|
<SelectContent>
|
||||||
{activeRecipients.map((recipient) => (
|
{activeRecipients.map((recipient) => (
|
||||||
<SelectItem key={recipient.id} value={String(recipient.id)}>
|
<SelectItem key={recipient.id} value={String(recipient.id)}>
|
||||||
{recipient.name} - {recipient.nik}
|
{recipient.name} - {recipient.phone || "-"}
|
||||||
</SelectItem>
|
</SelectItem>
|
||||||
))}
|
))}
|
||||||
</SelectContent>
|
</SelectContent>
|
||||||
|
|||||||
@@ -24,6 +24,7 @@ import {
|
|||||||
SelectTrigger,
|
SelectTrigger,
|
||||||
SelectValue,
|
SelectValue,
|
||||||
} from "@/components/ui/select";
|
} from "@/components/ui/select";
|
||||||
|
import { Checkbox } from "@/components/ui/checkbox";
|
||||||
import {
|
import {
|
||||||
Shield,
|
Shield,
|
||||||
User,
|
User,
|
||||||
@@ -72,6 +73,7 @@ export default function UsersPage() {
|
|||||||
const [email, setEmail] = useState("");
|
const [email, setEmail] = useState("");
|
||||||
const [password, setPassword] = useState("");
|
const [password, setPassword] = useState("");
|
||||||
const [role, setRole] = useState<"admin" | "officer" | "manager">("manager");
|
const [role, setRole] = useState<"admin" | "officer" | "manager">("manager");
|
||||||
|
const [selectedPlaces, setSelectedPlaces] = useState<number[]>([]);
|
||||||
const [errorMsg, setErrorMsg] = useState("");
|
const [errorMsg, setErrorMsg] = useState("");
|
||||||
|
|
||||||
// tRPC Queries & Mutations
|
// tRPC Queries & Mutations
|
||||||
@@ -79,6 +81,8 @@ export default function UsersPage() {
|
|||||||
enabled: !!currentUser && currentUser.role === "admin",
|
enabled: !!currentUser && currentUser.role === "admin",
|
||||||
});
|
});
|
||||||
|
|
||||||
|
const { data: places, isLoading: placesLoading } = trpc.placeOfWorship.list.useQuery();
|
||||||
|
|
||||||
const createUserMutation = trpc.user.create.useMutation({
|
const createUserMutation = trpc.user.create.useMutation({
|
||||||
onSuccess: () => {
|
onSuccess: () => {
|
||||||
toast.success("Pengguna baru berhasil ditambahkan!");
|
toast.success("Pengguna baru berhasil ditambahkan!");
|
||||||
@@ -121,6 +125,7 @@ export default function UsersPage() {
|
|||||||
setEmail("");
|
setEmail("");
|
||||||
setPassword("");
|
setPassword("");
|
||||||
setRole("manager");
|
setRole("manager");
|
||||||
|
setSelectedPlaces([]);
|
||||||
setErrorMsg("");
|
setErrorMsg("");
|
||||||
setSelectedUser(null);
|
setSelectedUser(null);
|
||||||
};
|
};
|
||||||
@@ -137,6 +142,13 @@ export default function UsersPage() {
|
|||||||
setEmail(user.email || "");
|
setEmail(user.email || "");
|
||||||
setPassword(""); // Biarkan kosong kecuali ingin merubah sandi
|
setPassword(""); // Biarkan kosong kecuali ingin merubah sandi
|
||||||
setRole(user.role);
|
setRole(user.role);
|
||||||
|
|
||||||
|
// Ambil list ID rumah ibadah yang sedang dikelola oleh pengguna ini
|
||||||
|
const managed = (places ?? [])
|
||||||
|
.filter((p) => p.managerId === user.id)
|
||||||
|
.map((p) => p.id);
|
||||||
|
setSelectedPlaces(managed);
|
||||||
|
|
||||||
setIsFormOpen(true);
|
setIsFormOpen(true);
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -159,6 +171,11 @@ export default function UsersPage() {
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (role === "manager" && selectedPlaces.length === 0) {
|
||||||
|
setErrorMsg("Harap pilih minimal satu rumah ibadah yang dikelola.");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if (selectedUser) {
|
if (selectedUser) {
|
||||||
updateUserMutation.mutate({
|
updateUserMutation.mutate({
|
||||||
id: selectedUser.id,
|
id: selectedUser.id,
|
||||||
@@ -166,6 +183,7 @@ export default function UsersPage() {
|
|||||||
email,
|
email,
|
||||||
password: password ? password : undefined,
|
password: password ? password : undefined,
|
||||||
role,
|
role,
|
||||||
|
placeIds: role === "manager" ? selectedPlaces : undefined,
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
if (!password || password.length < 6) {
|
if (!password || password.length < 6) {
|
||||||
@@ -177,6 +195,7 @@ export default function UsersPage() {
|
|||||||
email,
|
email,
|
||||||
password,
|
password,
|
||||||
role,
|
role,
|
||||||
|
placeIds: role === "manager" ? selectedPlaces : undefined,
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
@@ -305,6 +324,15 @@ export default function UsersPage() {
|
|||||||
<RoleIcon className="h-3 w-3" />
|
<RoleIcon className="h-3 w-3" />
|
||||||
{ROLE_LABELS[u.role]}
|
{ROLE_LABELS[u.role]}
|
||||||
</Badge>
|
</Badge>
|
||||||
|
{u.role === "manager" && (
|
||||||
|
<div className="text-[10px] text-muted-foreground mt-1 max-w-xs truncate">
|
||||||
|
Mengelola:{" "}
|
||||||
|
{(places ?? [])
|
||||||
|
.filter((p) => p.managerId === u.id)
|
||||||
|
.map((p) => p.name)
|
||||||
|
.join(", ") || "-"}
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
</td>
|
</td>
|
||||||
<td className="py-3 px-4 text-muted-foreground text-xs">
|
<td className="py-3 px-4 text-muted-foreground text-xs">
|
||||||
{u.lastSignInAt
|
{u.lastSignInAt
|
||||||
@@ -487,6 +515,37 @@ export default function UsersPage() {
|
|||||||
</Select>
|
</Select>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
{role === "manager" && (
|
||||||
|
<div className="space-y-1.5">
|
||||||
|
<Label className="text-xs font-medium">Rumah Ibadah yang Dikelola (Bisa lebih dari satu)</Label>
|
||||||
|
<div className="border rounded-xl p-3 max-h-40 overflow-y-auto space-y-2 bg-background">
|
||||||
|
{placesLoading ? (
|
||||||
|
<div className="space-y-1 text-xs text-muted-foreground">Memuat data...</div>
|
||||||
|
) : !places || places.length === 0 ? (
|
||||||
|
<div className="text-xs text-muted-foreground">Belum ada data rumah ibadah.</div>
|
||||||
|
) : (
|
||||||
|
places.map((place) => (
|
||||||
|
<label key={place.id} className="flex items-center gap-2 text-xs cursor-pointer hover:bg-muted/50 p-1 rounded-lg transition-colors">
|
||||||
|
<Checkbox
|
||||||
|
checked={selectedPlaces.includes(place.id)}
|
||||||
|
onCheckedChange={(checked) => {
|
||||||
|
if (checked) {
|
||||||
|
setSelectedPlaces([...selectedPlaces, place.id]);
|
||||||
|
} else {
|
||||||
|
setSelectedPlaces(selectedPlaces.filter((id) => id !== place.id));
|
||||||
|
}
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
<span>
|
||||||
|
{place.name} <span className="text-[10px] text-muted-foreground capitalize">({place.type})</span>
|
||||||
|
</span>
|
||||||
|
</label>
|
||||||
|
))
|
||||||
|
)}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
)}
|
||||||
|
|
||||||
<DialogFooter className="pt-3 gap-2">
|
<DialogFooter className="pt-3 gap-2">
|
||||||
<DialogClose asChild>
|
<DialogClose asChild>
|
||||||
<Button type="button" variant="outline" className="h-9 text-xs rounded-xl">
|
<Button type="button" variant="outline" className="h-9 text-xs rounded-xl">
|
||||||
|
|||||||
Reference in New Issue
Block a user