feat/ add API to update impersonation requests (#2446)

Suvidh-kaushik · web-flow · commit 37afd2f99594 · 2025-06-28T23:32:23.000+05:30
* added services, controllers and model for update impersonation requests

* added route and fixed jsdoc

* fixed bot comments and typos

* removed validation service and fixed forbidden errors

* removed validation service
diff --git a/controllers/impersonationRequests.ts b/controllers/impersonationRequests.ts
@@ -2,17 +2,20 @@ import {
   ERROR_WHILE_CREATING_REQUEST,
   ERROR_WHILE_FETCHING_REQUEST,
   REQUEST_FETCHED_SUCCESSFULLY,
-  REQUEST_CREATED_SUCCESSFULLY,
-  REQUEST_DOES_NOT_EXIST
+  REQUEST_DOES_NOT_EXIST,
+  ERROR_WHILE_UPDATING_REQUEST,
+  REQUEST_CREATED_SUCCESSFULLY
 } from "../constants/requests";
-import { createImpersonationRequestService } from "../services/impersonationRequests";
+import { createImpersonationRequestService, updateImpersonationRequestService } from "../services/impersonationRequests";
 import { getImpersonationRequestById, getImpersonationRequests } from "../models/impersonationRequests";
 import {
   CreateImpersonationRequest,
   CreateImpersonationRequestBody,
+  UpdateImpersonationRequest,
+  UpdateImpersonationRequestStatusBody,
   ImpersonationRequestResponse,
   GetImpersonationControllerRequest,
-  GetImpersonationRequestByIdRequest
+  GetImpersonationRequestByIdRequest,
 } from "../types/impersonationRequest";
 import { getPaginatedLink } from "../utils/helper";
 import { NextFunction } from "express";
@@ -140,3 +143,40 @@ export const getImpersonationRequestsController = async (
     return res.boom.badImplementation(ERROR_WHILE_FETCHING_REQUEST);
   }
 };
+
+
+/**
+ * Controller to  Update the status of an impersonation request.
+ *
+ * @param {UpdateImpersonationRequest} req - Express request with params, body, and user data.
+ * @param {ImpersonationRequestResponse} res - Express response object.
+ * @param {NextFunction} next - Express middleware `next` function.
+ * @returns {Promise<ImpersonationRequestResponse>} Returns updated request data or passes error to `next`.
+ */
+export const updateImpersonationRequestStatusController = async (
+  req: UpdateImpersonationRequest,
+  res: ImpersonationRequestResponse,
+  next: NextFunction
+): Promise<ImpersonationRequestResponse> => {
+  try {
+    const requestId = req.params.id;
+    const lastModifiedBy = req.userData.id;
+    const requestBody: UpdateImpersonationRequestStatusBody = req.body;
+    
+    const { returnMessage, updatedRequest: response } = await updateImpersonationRequestService({
+      id: requestId,
+      updatePayload: requestBody,
+      lastModifiedBy,
+    });
+
+    return res.status(200).json({
+      message: returnMessage,
+      data: {
+        ...response,
+      },
+    });
+  } catch (error) {
+    logger.error(ERROR_WHILE_UPDATING_REQUEST, error);
+    next(error);
+  }
+};
diff --git a/middlewares/validators/impersonationRequests.ts b/middlewares/validators/impersonationRequests.ts
@@ -1,6 +1,6 @@
 import joi from "joi";
 import { NextFunction } from "express";
-import { CreateImpersonationRequest,GetImpersonationControllerRequest,GetImpersonationRequestByIdRequest,ImpersonationRequestResponse } from "../../types/impersonationRequest";
+import { CreateImpersonationRequest,GetImpersonationControllerRequest,GetImpersonationRequestByIdRequest,ImpersonationRequestResponse, UpdateImpersonationRequest } from "../../types/impersonationRequest";
 import { REQUEST_STATE } from "../../constants/requests";
 const logger = require("../../utils/logger");
 
@@ -99,3 +99,34 @@ export const getImpersonationRequestByIdValidator = async (
     return res.boom.badRequest(errorMessages);
   }
 };
+
+
+
+export const updateImpersonationRequestValidator=async (
+    req:UpdateImpersonationRequest,
+    res:ImpersonationRequestResponse,
+    next:NextFunction
+)=>{
+  const schema = joi
+    .object()
+    .strict()
+    .keys({
+      status: joi
+        .string()
+        .valid(REQUEST_STATE.APPROVED, REQUEST_STATE.REJECTED)
+        .required()
+        .messages({
+          "any.only": "status must be APPROVED or REJECTED",
+        }),
+      message: joi.string().optional()
+    });
+  
+    try {
+      await schema.validateAsync(req.body, { abortEarly: false });
+      next();
+    } catch (error) {
+     const errorMessages = error.details.map((detail:{message: string}) => detail.message);
+     logger.error(`Error while validating request payload : ${errorMessages}`);
+     return res.boom.badRequest(errorMessages);
+    }
+}
diff --git a/models/impersonationRequests.ts b/models/impersonationRequests.ts
@@ -1,14 +1,12 @@
 import firestore from "../utils/firestore";
 import {
   ERROR_WHILE_CREATING_REQUEST,
-  IMPERSONATION_NOT_COMPLETED,
-  REQUEST_ALREADY_PENDING,
-  REQUEST_STATE,
+  ERROR_WHILE_UPDATING_REQUEST,
   ERROR_WHILE_FETCHING_REQUEST
 } from "../constants/requests";
 import { Timestamp } from "firebase-admin/firestore";
 import { Query, CollectionReference } from '@google-cloud/firestore';
-import { CreateImpersonationRequestModelDto, ImpersonationRequest, PaginatedImpersonationRequests,ImpersonationRequestQuery} from "../types/impersonationRequest";
+import { CreateImpersonationRequestModelDto, ImpersonationRequest, UpdateImpersonationRequestModelDto, PaginatedImpersonationRequests,ImpersonationRequestQuery} from "../types/impersonationRequest";
 import { Forbidden } from "http-errors";
 const logger = require("../utils/logger");
 const impersonationRequestModel = firestore.collection("impersonationRequests");
@@ -168,4 +166,29 @@ export const getImpersonationRequests = async (
     logger.error(ERROR_WHILE_FETCHING_REQUEST, error);
     throw error;
   }
-}
+}
+
+/**
+ * Updates an existing impersonation request in Firestore.
+ * @param {UpdateImpersonationRequestModelDto} body - The update data for the impersonation request. Must include `id`, `lastModifiedBy`, and `updatingBody` (fields to update).
+ * @returns {Promise<object>} An object containing the updated fields and the request id.
+ * @throws {Error} Logs and rethrows any error encountered during update. Throws error if the request does not exist.
+ */
+export const updateImpersonationRequest = async ( body: UpdateImpersonationRequestModelDto ) => {
+  try {
+    await impersonationRequestModel.doc(body.id).update({
+      updatedAt: Timestamp.now(),
+      lastModifiedBy: body.lastModifiedBy,
+      ...body.updatePayload,
+    });
+
+    return {
+      id:body.id,
+      lastModifiedBy: body.lastModifiedBy,
+      ...body.updatePayload
+    };
+  } catch (error) {
+    logger.error(`${ERROR_WHILE_UPDATING_REQUEST} for document ID: ${body.id}`, error);
+    throw error;
+  }
+};
diff --git a/routes/impersonation.ts b/routes/impersonation.ts
@@ -1,10 +1,10 @@
 import express from "express";
-import { createImpersonationRequestValidator, getImpersonationRequestByIdValidator, getImpersonationRequestsValidator } from "../middlewares/validators/impersonationRequests";
+import { createImpersonationRequestValidator, getImpersonationRequestByIdValidator, getImpersonationRequestsValidator, updateImpersonationRequestValidator } from "../middlewares/validators/impersonationRequests";
+import authenticate from "../middlewares/authenticate";
+import { createImpersonationRequestController, getImpersonationRequestByIdController, getImpersonationRequestsController, updateImpersonationRequestStatusController } from "../controllers/impersonationRequests";
 const router = express.Router();
 const authorizeRoles = require("../middlewares/authorizeRoles");
 const { SUPERUSER } = require("../constants/roles");
-import authenticate from "../middlewares/authenticate";
-import { createImpersonationRequestController, getImpersonationRequestByIdController, getImpersonationRequestsController } from "../controllers/impersonationRequests";
 
 router.post(
   "/requests",
@@ -28,4 +28,11 @@ router.get(
    getImpersonationRequestByIdController
 );
 
-module.exports = router;
+router.patch(
+  "/requests/:id",
+  authenticate,
+  updateImpersonationRequestValidator,
+  updateImpersonationRequestStatusController
+);
+
+module.exports = router;
diff --git a/services/impersonationRequests.ts b/services/impersonationRequests.ts
@@ -3,14 +3,22 @@ import {
   LOG_ACTION,
   REQUEST_LOG_TYPE,
   REQUEST_STATE,
-  TASK_REQUEST_MESSAGES
+  TASK_REQUEST_MESSAGES,
+  REQUEST_ALREADY_APPROVED,
+  REQUEST_ALREADY_REJECTED,
+  REQUEST_APPROVED_SUCCESSFULLY,
+  REQUEST_DOES_NOT_EXIST,
+  REQUEST_REJECTED_SUCCESSFULLY,
+  UNAUTHORIZED_TO_UPDATE_REQUEST,
+  ERROR_WHILE_UPDATING_REQUEST,
 } from "../constants/requests";
-import { createImpersonationRequest } from "../models/impersonationRequests";
+import { createImpersonationRequest, updateImpersonationRequest, getImpersonationRequestById } from "../models/impersonationRequests";
 import { fetchUser } from "../models/users";
 import { addLog } from "./logService";
 import { User } from "../typeDefinitions/users";
-import { NotFound } from "http-errors";
-import { CreateImpersonationRequestServiceBody, ImpersonationRequest } from "../types/impersonationRequest";
+import { NotFound, Forbidden } from "http-errors";
+import { CreateImpersonationRequestServiceBody, ImpersonationRequest,   UpdateImpersonationRequestModelDto,
+  UpdateImpersonationStatusModelResponse, } from "../types/impersonationRequest";
 const logger = require("../utils/logger");
 
 /**
@@ -69,4 +77,56 @@ export const createImpersonationRequestService = async (
     logger.error(ERROR_WHILE_CREATING_REQUEST, error);
     throw error;
   }
-};
+};
+
+/**
+ * Validates and Updates an impersonation request and logs the update action.
+ * @async
+ * @function updateImpersonationRequestService
+ * @param {UpdateImpersonationRequestModelDto} body - The update data for the impersonation request.
+ * @returns {Promise<{ returnMessage: string, updatedRequest: UpdateImpersonationStatusModelResponse }>} The update result and message.
+ * @throws {Error} If the update or logging fails.
+ */
+export const updateImpersonationRequestService = async (
+  body: UpdateImpersonationRequestModelDto
+) => {
+  try {
+   const request = await getImpersonationRequestById(body.id);
+   
+    if (!request) {
+      throw new NotFound(REQUEST_DOES_NOT_EXIST);
+    }
+
+    if (request.impersonatedUserId !== body.lastModifiedBy || request.status !== REQUEST_STATE.PENDING) {
+      throw new Forbidden("You are not allowed for this Operation at the moment");
+    }
+    
+    const updatedRequest = await updateImpersonationRequest(body) as UpdateImpersonationStatusModelResponse;
+
+    const [logType, returnMessage] = updatedRequest.status === REQUEST_STATE.APPROVED
+      ? [REQUEST_LOG_TYPE.REQUEST_APPROVED, REQUEST_APPROVED_SUCCESSFULLY]
+      : [REQUEST_LOG_TYPE.REQUEST_REJECTED, REQUEST_REJECTED_SUCCESSFULLY];
+
+    const requestLog = {
+      type: logType,
+      meta: {
+        requestId: body.id,
+        action: LOG_ACTION.UPDATE,
+        createdBy: body.lastModifiedBy,
+      },
+      body: updatedRequest,
+    };
+
+    await addLog(requestLog.type, requestLog.meta, requestLog.body);
+
+    const response = {
+      returnMessage,
+      updatedRequest,
+    };
+
+    return response;
+  } catch (error) {
+    logger.error(ERROR_WHILE_UPDATING_REQUEST, error);
+    throw error;
+  }
+}
diff --git a/types/impersonationRequest.d.ts b/types/impersonationRequest.d.ts
@@ -47,6 +47,20 @@ export type UpdateImpersonationRequestStatusBody = {
     message?: string;
 }
 
+
+export type UpdateImpersonationRequestModelDto = {
+    id: string;
+    updatePayload: UpdateImpersonationRequestDataBody | UpdateImpersonationRequestStatusBody;
+    lastModifiedBy: string;
+}
+
+export type UpdateImpersonationStatusModelResponse = {
+    status: REQUEST_STATE.APPROVED | REQUEST_STATE.REJECTED;
+    message?: string;
+    id: string;
+    lastModifiedBy: string;
+}
+
 export type ImpersonationRequestQuery = RequestQuery & {
     dev?: string;
     createdBy?: string;
@@ -71,7 +85,7 @@ export type CreateImpersonationRequest = Request & {
    query: ImpersonationRequestQuery;
 };
 
-export type UpdateImpersonationRequestStatus = Request & {
+export type UpdateImpersonationRequest = Request & {
     userData: userData;
     body: UpdateImpersonationRequestStatusBody;
     query: ImpersonationRequestQuery;
@@ -90,6 +104,10 @@ export type GetImpersonationRequestByIdRequest = Request & {
     params: RequestParams;
 }
 
+export type GetImpersonationControllerRequest = Request & {
+    query: ImpersonationRequestQuery
+}
+
 export type CreateImpersonationRequestServiceBody={
    userId: string;
    createdBy: string;
