get one with security and removed minimal from org controller

Author: AugustHA-Iterator

src/controllers/user-management/new-kombit-creation.controller.ts

@@ -19,7 +19,6 @@ import {
   Param,
   ParseIntPipe,
   Put,
-  Query,
   Req,
   UseGuards,
 } from "@nestjs/common";
@@ -35,6 +34,7 @@ import { OrganizationService } from "@services/user-management/organization.serv
 import { PermissionService } from "@services/user-management/permission.service";
 import { UserService } from "@services/user-management/user.service";
 import { ApiAuth } from "@auth/swagger-auth-decorator";
+import { checkIfUserHasAccessToUser } from "@helpers/security-helper";
 
 @UseGuards(JwtAuthGuard)
 @ApiAuth()
@@ -130,4 +130,31 @@ export class NewKombitCreationController {
       throw err;
     }
   }
+
+  @Get(":id")
+  @ApiOperation({ summary: "Get one user" })
+  async find(@Req() req: AuthenticatedRequest, @Param("id", new ParseIntPipe()) id: number): Promise<UserResponseDto> {
+    let dbUser;
+
+    try {
+      dbUser = await this.userService.findOne(id);
+    } catch (err) {
+      throw new NotFoundException(ErrorCodes.IdDoesNotExists);
+    }
+
+    try {
+      checkIfUserHasAccessToUser(req, dbUser);
+
+      dbUser.permissions.forEach(perm => {
+        delete perm.organization;
+      });
+
+      // Don't leak the passwordHash
+      const { passwordHash: _, ...user } = dbUser;
+
+      return user;
+    } catch (err) {
+      throw err;
+    }
+  }
 }

src/controllers/user-management/organization.controller.ts

@@ -89,16 +89,10 @@ export class OrganizationController {
     }
   }
 
-  @Get("minimal")
-  @ApiOperation({
-    summary: "Get list of the minimal representation of organizations, i.e. id and name.",
-  })
-  @Read()
-  async findAllMinimal(): Promise<ListAllMinimalOrganizationsResponseDto> {
-    return await this.organizationService.findAllMinimal();
-  }
-
-  findAll(
+  @Get()
+  @ApiOperation({ summary: "Get list of all Organizations" })
+  @UserAdmin()
+  async findAll(
     @Req() req: AuthenticatedRequest,
     @Query() query?: ListAllEntitiesDto
   ): Promise<ListAllOrganizationsResponseDto> {