Merge pull request #284 from shamoo53/user-module

initial commit

Author: yusuftomilola

.gitignore

@@ -0,0 +1,2 @@
+node_modules
+node_modules

backend/src/app.module.ts

@@ -7,44 +7,32 @@ import { AssetCategoriesModule } from './asset-categories/asset-categories.modul
 import { AssetCategory } from './asset-categories/asset-category.entity';
 import { DepartmentsModule } from './departments/departments.module';
 import { Department } from './departments/department.entity';
+import { UsersModule } from './users/users.module';
+import { User } from './users/entities/user.entity';
 
 @Module({
   imports: [
     ConfigModule.forRoot({
       isGlobal: true,
     }),
+
     TypeOrmModule.forRootAsync({
-      imports: [ConfigModule,
-         // --- ADD THIS CONFIGURATION ---
-      I18nModule.forRoot({
-      fallbackLanguage: 'en',
-      loaderOptions: {
-        path: path.join(__dirname, '/i18n/'), // Directory for translation files
-        watch: true, // Watch for changes in translation files
-      },
-      resolvers: [
-        // Order matters: checks query param, then header, then browser settings
-        new QueryResolver(['lang', 'l']),
-        new HeaderResolver(['x-custom-lang-header']),
-        AcceptLanguageResolver, // Standard 'Accept-Language' header
-      ],
-    }),
-    // --- END OF CONFIGURATION ---
-  ],],
+      imports: [ConfigModule],
       useFactory: (configService: ConfigService) => ({
         type: 'postgres',
         host: configService.get('DB_HOST', 'localhost'),
         port: configService.get('DB_PORT', 5432),
         username: configService.get('DB_USERNAME', 'postgres'),
         password: configService.get('DB_PASSWORD', 'password'),
         database: configService.get('DB_DATABASE', 'manage_assets'),
-        entities: [AssetCategory, Department],
+        entities: [AssetCategory, Department, User],
         synchronize: configService.get('NODE_ENV') !== 'production', // Only for development
       }),
       inject: [ConfigService],
     }),
     AssetCategoriesModule,
     DepartmentsModule,
+    UsersModule,
   ],
   controllers: [AppController],
   providers: [AppService],

backend/src/users/__tests__/users.e2e-spec.ts

@@ -0,0 +1,174 @@
+import { Test, TestingModule } from '@nestjs/testing';
+import { INestApplication } from '@nestjs/common';
+import * as request from 'supertest';
+import { TypeOrmModule } from '@nestjs/typeorm';
+import { UsersModule } from '../users.module';
+import { User } from '../entities/user.entity';
+
+describe('UsersController (e2e)', () => {
+  let app: INestApplication;
+
+  beforeAll(async () => {
+    const moduleFixture: TestingModule = await Test.createTestingModule({
+      imports: [
+        TypeOrmModule.forRoot({
+          type: 'sqlite',
+          database: ':memory:',
+          dropSchema: true,
+          entities: [User],
+          synchronize: true,
+        }),
+        UsersModule,
+      ],
+    }).compile();
+
+    app = moduleFixture.createNestApplication();
+    await app.init();
+  });
+
+  afterAll(async () => {
+    await app.close();
+  });
+
+  it('should create a user', async () => {
+    const res = await request(app.getHttpServer())
+      .post('/users')
+      .send({
+        fullName: 'Test User',
+        email: 'test@example.com',
+        password: 'password123',
+        role: 'admin',
+      });
+    expect(res.status).toBe(201);
+    expect(res.body).toHaveProperty('id');
+    expect(res.body.email).toBe('test@example.com');
+  });
+
+  it('should get all users', async () => {
+    const res = await request(app.getHttpServer()).get('/users');
+    expect(res.status).toBe(200);
+    expect(Array.isArray(res.body)).toBe(true);
+  });
+
+  it('should get a user by id', async () => {
+    const createRes = await request(app.getHttpServer())
+      .post('/users')
+      .send({
+        fullName: 'Another User',
+        email: 'another@example.com',
+        password: 'password123',
+        role: 'user',
+      });
+    const userId = createRes.body.id;
+    const res = await request(app.getHttpServer()).get(`/users/${userId}`);
+    expect(res.status).toBe(200);
+    expect(res.body.id).toBe(userId);
+  });
+
+  it('should update a user', async () => {
+    const createRes = await request(app.getHttpServer())
+      .post('/users')
+      .send({
+        fullName: 'Update User',
+        email: 'update@example.com',
+        password: 'password123',
+        role: 'user',
+      });
+    const userId = createRes.body.id;
+    const res = await request(app.getHttpServer())
+      .patch(`/users/${userId}`)
+      .send({ fullName: 'Updated Name' });
+    expect(res.status).toBe(200);
+    expect(res.body.fullName).toBe('Updated Name');
+  });
+
+  it('should delete a user', async () => {
+    const createRes = await request(app.getHttpServer())
+      .post('/users')
+      .send({
+        fullName: 'Delete User',
+        email: 'delete@example.com',
+        password: 'password123',
+        role: 'user',
+      });
+    const userId = createRes.body.id;
+    const res = await request(app.getHttpServer()).delete(`/users/${userId}`);
+    expect(res.status).toBe(200);
+  });
+
+  it('should not create user with duplicate email', async () => {
+    await request(app.getHttpServer())
+      .post('/users')
+      .send({
+        fullName: 'Dup User',
+        email: 'dup@example.com',
+        password: 'password123',
+        role: 'user',
+      });
+    const res = await request(app.getHttpServer())
+      .post('/users')
+      .send({
+        fullName: 'Dup User2',
+        email: 'dup@example.com',
+        password: 'password123',
+        role: 'user',
+      });
+    expect(res.status).toBeGreaterThanOrEqual(400);
+  });
+
+  it('should filter users by role', async () => {
+    await request(app.getHttpServer())
+      .post('/users')
+      .send({
+        fullName: 'Admin User',
+        email: 'admin@example.com',
+        password: 'password123',
+        role: 'admin',
+      });
+    const res = await request(app.getHttpServer())
+      .get('/users?role=admin');
+    expect(res.status).toBe(200);
+    expect(res.body.some((u: any) => u.role === 'admin')).toBe(true);
+  });
+
+  it('should paginate users', async () => {
+    for (let i = 0; i < 15; i++) {
+      await request(app.getHttpServer())
+        .post('/users')
+        .send({
+          fullName: `User${i}`,
+          email: `user${i}@example.com`,
+          password: 'password123',
+          role: 'user',
+        });
+    }
+    const res = await request(app.getHttpServer())
+      .get('/users?page=2&limit=10');
+    expect(res.status).toBe(200);
+    expect(res.body.length).toBeLessThanOrEqual(10);
+  });
+
+  it('should not expose passwordHash in user response', async () => {
+    const res = await request(app.getHttpServer())
+      .post('/users')
+      .send({
+        fullName: 'Hidden Password',
+        email: 'hidden@example.com',
+        password: 'password123',
+        role: 'user',
+      });
+    expect(res.body.passwordHash).toBeUndefined();
+  });
+
+  it('should return 404 for non-existent user', async () => {
+    const res = await request(app.getHttpServer()).get('/users/non-existent-id');
+    expect(res.status).toBe(404);
+  });
+
+  it('should validate required fields on create', async () => {
+    const res = await request(app.getHttpServer())
+      .post('/users')
+      .send({ email: 'invalid@example.com' });
+    expect(res.status).toBeGreaterThanOrEqual(400);
+  });
+});

backend/src/users/dto/create-user.dto.ts

@@ -0,0 +1,32 @@
+import { IsEmail, IsNotEmpty, IsString, MinLength, IsOptional } from 'class-validator';
+
+export class CreateUserDto {
+  @IsNotEmpty()
+  @IsString()
+  fullName: string;
+
+  @IsEmail()
+  email: string;
+
+  @IsOptional()
+  @IsString()
+  phoneNumber?: string;
+
+  @IsNotEmpty()
+  @MinLength(6)
+  password: string;
+
+    @IsNotEmpty()
+    @IsString()
+    @IsOptional()
+    role: 'admin' | 'user' | 'manager';
+
+    @IsOptional()
+    companyId?: number;
+    @IsOptional()
+    departmentId?: number;
+    @IsOptional()
+    branchId?: number;
+
+  // companyId, departmentId, branchId can be added for mapping
+}

backend/src/users/dto/update-user.dto.ts

@@ -0,0 +1,32 @@
+import { IsEmail, IsOptional, IsString, MinLength } from 'class-validator';
+
+export class UpdateUserDto {
+  @IsOptional()
+  @IsString()
+  fullName?: string;
+
+  @IsOptional()
+  @IsEmail()
+  email?: string;
+
+  @IsOptional()
+  @IsString()
+  phoneNumber?: string;
+
+  @IsOptional()
+  @MinLength(6)
+  password?: string;
+
+    @IsOptional()
+    @IsString()
+    role?: 'admin' | 'user' | 'manager';
+
+    @IsOptional()
+    companyId?: number;
+    @IsOptional()
+    departmentId?: number;
+    @IsOptional()
+    branchId?: number;
+
+  // companyId, departmentId, branchId can be added for mapping
+}

backend/src/users/entities/user.entity.ts

@@ -0,0 +1,42 @@
+import { Entity, PrimaryGeneratedColumn, Column, ManyToOne } from 'typeorm';
+
+@Entity('users')
+export class User {
+  @PrimaryGeneratedColumn('uuid')
+  id: string;
+
+  @Column()
+  fullName: string;
+
+  @Column({ unique: true })
+  email: string;
+
+  @Column({ nullable: true })
+  phoneNumber: string;
+
+  @Column()
+  passwordHash: string;
+
+    @Column({ type: 'enum', enum: ['admin', 'user', 'manager'], default: 'user' })
+    role: 'admin' | 'user' | 'manager';
+    // Department relation temporarily commented out due to import error
+    // @ManyToOne(() => Department, { nullable: true })
+    // department?: Department;
+    @Column({ nullable: true })
+    companyId?: number;
+    @Column({ nullable: true })
+    branchId?: number;
+
+    @CreateDateColumn()
+    createdAt: Date;
+    @UpdateDateColumn()
+    updatedAt: Date;
+
+  // Relations to company, department, branch (to be defined)
+  // @ManyToOne(() => Company, company => company.users)
+  // company: Company;
+  // @ManyToOne(() => Department, department => department.users)
+  // department: Department;
+  // @ManyToOne(() => Branch, branch => branch.users)
+  // branch: Branch;
+}

backend/src/users/users.controller.ts

@@ -0,0 +1,48 @@
+import { Controller, Get, Post, Body, Patch, Param, Delete, Query } from '@nestjs/common';
+import { UsersService } from './users.service';
+import { CreateUserDto } from './dto/create-user.dto';
+import { UpdateUserDto } from './dto/update-user.dto';
+
+@Controller('users')
+export class UsersController {
+  constructor(private readonly usersService: UsersService) {}
+
+  @Post()
+  create(@Body() createUserDto: CreateUserDto) {
+    return this.usersService.create(createUserDto);
+  }
+
+  @Get()
+  findAll(@Query('page') page = 1, @Query('limit') limit = 10, @Query('role') role?: string) {
+    return this.usersService.findAll(Number(page), Number(limit), role);
+  }
+  @Patch(':id/department')
+  mapDepartment(@Param('id') id: string, @Body('department') department: any) {
+    return this.usersService.mapUserToDepartment(id, department);
+  }
+
+  @Patch(':id/company')
+  mapCompany(@Param('id') id: string, @Body('companyId') companyId: number) {
+    return this.usersService.mapUserToCompany(id, companyId);
+  }
+
+  @Patch(':id/branch')
+  mapBranch(@Param('id') id: string, @Body('branchId') branchId: number) {
+    return this.usersService.mapUserToBranch(id, branchId);
+  }
+
+  @Get(':id')
+  findOne(@Param('id') id: string) {
+    return this.usersService.findOne(id);
+  }
+
+  @Patch(':id')
+  update(@Param('id') id: string, @Body() updateUserDto: UpdateUserDto) {
+    return this.usersService.update(id, updateUserDto);
+  }
+
+  @Delete(':id')
+  remove(@Param('id') id: string) {
+    return this.usersService.remove(id);
+  }
+}