code4romania · OlteanuCosmin · Nov 15, 2022 · Nov 16, 2022 · Nov 16, 2022 · Nov 16, 2022
diff --git a/backend/src/modules/application/services/application.service.ts b/backend/src/modules/application/services/application.service.ts
@@ -75,7 +75,7 @@ export class ApplicationService {
     private readonly mailService: MailService,
     private readonly organizationService: OrganizationService,
     private readonly ongApplicationRepository: OngApplicationRepository,
-  ) { }
+  ) {}
 
   public async create(
     createApplicationDto: CreateApplicationDto,
@@ -434,6 +434,22 @@ export class ApplicationService {
       }
     }
 
+    // if application is disabled, sign out all users from all organizations
+    try {
+      if (updateApplicationDto.status === ApplicationStatus.DISABLED) {
+        const ongApplications = await this.ongApplicationService.findMany({
+          where: { applicationId: id },
+        });
+        const organizationIds = ongApplications.map(
+          (ongApplication) => ongApplication.organizationId,
+        );
+        await this.userService.signOutAllOrganization(organizationIds);
+      }
+    } catch (error) {
+      this.logger.error(error);
+      throw error;
+    }
+
     return this.applicationRepository.update({ id }, updateApplicationDto);
   }
 
@@ -446,6 +462,13 @@ export class ApplicationService {
       applicationId,
       OngApplicationStatus.RESTRICTED,
     );
+
+    try {
+      await this.userService.signOutAllOrganization([organizationId]);
+    } catch (error) {
+      this.logger.error(error);
+      throw error;
+    }
   }
 
   public async restore(
@@ -594,7 +617,9 @@ export class ApplicationService {
         'ongApp.applicationId = application.id',
       )
       .where('ongApp.organizationId = :organizationId', { organizationId })
-      .andWhere('ongApp.status != :status', { status: OngApplicationStatus.PENDING })
+      .andWhere('ongApp.status != :status', {
+        status: OngApplicationStatus.PENDING,
+      })
       .orWhere('application.type = :type', {
         type: ApplicationTypeEnum.INDEPENDENT,
       })
@@ -772,7 +797,7 @@ export class ApplicationService {
 
     const finalStatus =
       applicationStatus === ApplicationStatus.DISABLED &&
-        status !== OngApplicationStatus.RESTRICTED
+      status !== OngApplicationStatus.RESTRICTED
         ? ApplicationStatus.DISABLED
         : status;
 

diff --git a/backend/src/modules/organization/organization.module.ts b/backend/src/modules/organization/organization.module.ts
@@ -1,4 +1,4 @@
-import { Module } from '@nestjs/common';
+import { forwardRef, Module } from '@nestjs/common';
 import { OrganizationController } from './controllers/organization.controller';
 import { TypeOrmModule } from '@nestjs/typeorm';
 import { ApplicationModule } from '../application/application.module';
@@ -70,6 +70,7 @@ import { CivicCenterModule } from '../civic-center-service/civic-center.module';
     UserModule,
     PracticeProgramModule,
     CivicCenterModule,
+    forwardRef(() => UserModule),
   ],
   controllers: [
     OrganizationApplicationController,

diff --git a/backend/src/modules/organization/services/organization.service.ts b/backend/src/modules/organization/services/organization.service.ts
@@ -1,6 +1,8 @@
 import {
   BadRequestException,
+  forwardRef,
   HttpException,
+  Inject,
   Injectable,
   InternalServerErrorException,
   Logger,
@@ -14,6 +16,7 @@ import { CivicCenterServiceService } from 'src/modules/civic-center-service/serv
 import { PracticeProgramService } from 'src/modules/practice-program/services/practice-program.service';
 import { Role } from 'src/modules/user/enums/role.enum';
 import { FILE_TYPE } from 'src/shared/enum/FileType.enum';
+import { UserService } from 'src/modules/user/services/user.service';
 import { AnafService } from 'src/shared/services';
 import { FileManagerService } from 'src/shared/services/file-manager.service';
 import { NomenclaturesService } from 'src/shared/services/nomenclatures.service';
@@ -79,7 +82,9 @@ export class OrganizationService {
     private readonly mailService: MailService,
     private readonly practiceProgramService: PracticeProgramService,
     private readonly civicCenterService: CivicCenterServiceService,
-  ) { }
+    @Inject(forwardRef(() => UserService))
+    private readonly userService: UserService,
+  ) {}
 
   public async create(
     createUserRequestDto: CreateUserRequestDto,
@@ -917,6 +922,13 @@ export class OrganizationService {
       status: OrganizationStatus.RESTRICTED,
     });
 
+    try {
+      await this.userService.signOutAllOrganization([organizationId]);
+    } catch (error) {
+      this.logger.error(error);
+      throw error;
+    }
+
     const {
       template,
       subject,

diff --git a/backend/src/modules/user/constants/user-error.constants.ts b/backend/src/modules/user/constants/user-error.constants.ts
@@ -55,4 +55,8 @@ export const USER_ERRORS = {
     message: 'User is not part of an organization',
     errorCode: 'USR_014',
   },
+  SIGN_OUT: {
+    message: 'Error on signing out user',
+    errorCode: 'USR_015',
+  },
 };
diff --git a/backend/src/modules/user/services/cognito.service.ts b/backend/src/modules/user/services/cognito.service.ts
@@ -1,4 +1,4 @@
-import { ConsoleLogger, Injectable } from '@nestjs/common';
+import { BadRequestException, Injectable } from '@nestjs/common';
 import {
   AdminCreateUserCommand,
   AdminCreateUserCommandOutput,
@@ -17,6 +17,7 @@ import { CognitoConfig } from 'src/common/config/cognito.config';
 import { CreateUserDto } from '../dto/create-user.dto';
 import { UpdateUserDto } from '../dto/update-user.dto';
 import { CognitoUserStatus } from '../enums/cognito-user-status.enum';
+import { USER_ERRORS } from '../constants/user-error.constants';
 
 @Injectable()
 export class CognitoUserService {
@@ -107,13 +108,17 @@ export class CognitoUserService {
   }
 
   async globalSignOut(cognitoId: string) {
-    const revokeTokenCommand = new AdminUserGlobalSignOutCommand({
-      UserPoolId: CognitoConfig.userPoolId,
-      Username: cognitoId,
-    });
-
-    const data = await this.cognitoProvider.send(revokeTokenCommand);
-    return data;
+    try {
+      const revokeTokenCommand = new AdminUserGlobalSignOutCommand({
+        UserPoolId: CognitoConfig.userPoolId,
+        Username: cognitoId,
+      });
+      const data = await this.cognitoProvider.send(revokeTokenCommand);
+
+      return data;
+    } catch (error) {
+      throw new BadRequestException(USER_ERRORS.SIGN_OUT);
+    }
   }
 
   async deleteUser(cognitoId: string) {

diff --git a/backend/src/modules/user/services/user.service.ts b/backend/src/modules/user/services/user.service.ts
@@ -1,6 +1,8 @@
 import {
   BadRequestException,
+  forwardRef,
   HttpException,
+  Inject,
   Injectable,
   InternalServerErrorException,
   Logger,
@@ -43,6 +45,7 @@ export class UserService {
   constructor(
     private readonly userRepository: UserRepository,
     private readonly cognitoService: CognitoUserService,
+    @Inject(forwardRef(() => OrganizationService))
     private readonly organizationService: OrganizationService,
     private readonly userOngApplicationService: UserOngApplicationService,
   ) {}
@@ -152,6 +155,8 @@ export class UserService {
         );
       }
 
+      await this.cognitoService.globalSignOut(user.cognitoId);
+
       // 6. Update db user data
       return this.update(id, userData);
     } catch (error) {
@@ -168,8 +173,10 @@ export class UserService {
         case USER_ERRORS.ACCESS.errorCode:
         // 3. USR_013: User already exists with this phone
         case USER_ERRORS.ALREADY_EXISTS_PHONE.errorCode:
+        // 4. USR_015: Error on signing out user
+        case USER_ERRORS.SIGN_OUT.errorCode:
           throw new BadRequestException(err);
-        // 4. USR_009: Something unexpected happened while updating the user
+        // 5. USR_009: Something unexpected happened while updating the user
         default: {
           throw new InternalServerErrorException({
             ...USER_ERRORS.UPDATE,
@@ -295,20 +302,20 @@ export class UserService {
     }
   }
 
-  async removeById(id: number, organizatioinId?: number): Promise<string> {
+  async removeById(id: number, organizationId?: number): Promise<string> {
     // 1. Get the user by id
-    const user = await this.getById(id, organizatioinId);
+    const user = await this.getById(id, organizationId);
 
     return this.remove(user);
   }
 
-  async restrictAccess(ids: number[], organizatioinId?: number) {
+  async restrictAccess(ids: number[], organizationId?: number) {
     const updated = [],
       failed = [];
     for (let i = 0; i < ids.length; i++) {
       const id = ids[i];
       try {
-        const user = await this.getById(id, organizatioinId);
+        const user = await this.getById(id, organizationId);
         await this.userRepository.update(
           { id },
           { status: UserStatus.RESTRICTED },
@@ -355,6 +362,20 @@ export class UserService {
     return;
   }
 
+  public async signOutAllOrganization(
+    organizationIds: number[],
+  ): Promise<void> {
+    try {
+      const users = await this.findMany({ where: { id: In(organizationIds) } });
+
+      users.map(
+        async (user) => await this.cognitoService.globalSignOut(user.cognitoId),
+      );
+    } catch (error) {
+      throw new BadRequestException(USER_ERRORS.SIGN_OUT);
+    }
+  }
+
   // ****************************************************
   // ***************** PRIVATE METHODS ******************
   // ****************************************************