✨ Add endpoints for user memberships

src/modules/memberships/memberships.controller.ts

@@ -0,0 +1,65 @@
+import {
+  Controller,
+  Delete,
+  Get,
+  Param,
+  ParseIntPipe,
+  Query,
+  UseGuards,
+} from '@nestjs/common';
+import { memberships } from '@prisma/client';
+import { Expose } from 'src/modules/prisma/prisma.interface';
+import { CursorPipe } from 'src/pipes/cursor.pipe';
+import { OptionalIntPipe } from 'src/pipes/optional-int.pipe';
+import { OrderByPipe } from 'src/pipes/order-by.pipe';
+import { WherePipe } from 'src/pipes/where.pipe';
+import { JwtAuthGuard } from '../auth/jwt-auth.guard';
+import { Scopes } from '../auth/scope.decorator';
+import { ScopesGuard } from '../auth/scope.guard';
+import { MembershipsService } from './memberships.service';
+
+@Controller('users/:userId/memberships')
+@UseGuards(JwtAuthGuard)
+export class MembershipController {
+  constructor(private membershipsService: MembershipsService) {}
+
+  @Get()
+  @UseGuards(ScopesGuard)
+  @Scopes('user{userId}:read', 'membership:read')
+  async getAll(
+    @Param('userId', ParseIntPipe) userId: number,
+    @Query('skip', OptionalIntPipe) skip?: number,
+    @Query('take', OptionalIntPipe) take?: number,
+    @Query('cursor', CursorPipe) cursor?: Record<string, number | string>,
+    @Query('where', WherePipe) where?: Record<string, number | string>,
+    @Query('orderBy', OrderByPipe) orderBy?: Record<string, 'asc' | 'desc'>,
+  ): Promise<Expose<memberships>[]> {
+    return this.membershipsService.getMemberships(userId, {
+      skip,
+      take,
+      orderBy,
+      cursor,
+      where,
+    });
+  }
+
+  @Get(':id')
+  @UseGuards(ScopesGuard)
+  @Scopes('user{userId}:read', 'membership{id}:read')
+  async get(
+    @Param('userId', ParseIntPipe) userId: number,
+    @Param('id', ParseIntPipe) id: number,
+  ): Promise<Expose<memberships>> {
+    return this.membershipsService.getMembership(userId, Number(id));
+  }
+
+  @Delete(':id')
+  @UseGuards(ScopesGuard)
+  @Scopes('user{userId}:delete', 'membership{id}:delete')
+  async remove(
+    @Param('userId', ParseIntPipe) userId: number,
+    @Param('id', ParseIntPipe) id: number,
+  ): Promise<Expose<memberships>> {
+    return this.membershipsService.deleteMembership(userId, Number(id));
+  }
+}

src/modules/memberships/memberships.module.ts

@@ -0,0 +1,11 @@
+import { Module } from '@nestjs/common';
+import { PrismaModule } from '../prisma/prisma.module';
+import { MembershipController } from './memberships.controller';
+import { MembershipsService } from './memberships.service';
+
+@Module({
+  imports: [PrismaModule],
+  controllers: [MembershipController],
+  providers: [MembershipsService],
+})
+export class MembershipsModule {}

src/modules/memberships/memberships.service.ts

@@ -0,0 +1,95 @@
+import {
+  HttpException,
+  HttpStatus,
+  Injectable,
+  UnauthorizedException,
+} from '@nestjs/common';
+import {
+  memberships,
+  membershipsOrderByInput,
+  membershipsWhereInput,
+  membershipsWhereUniqueInput,
+} from '@prisma/client';
+import { Expose } from 'src/modules/prisma/prisma.interface';
+import { PrismaService } from '../prisma/prisma.service';
+
+@Injectable()
+export class MembershipsService {
+  constructor(private prisma: PrismaService) {}
+  async getMemberships(
+    userId: number,
+    params: {
+      skip?: number;
+      take?: number;
+      cursor?: membershipsWhereUniqueInput;
+      where?: membershipsWhereInput;
+      orderBy?: membershipsOrderByInput;
+    },
+  ): Promise<Expose<memberships>[]> {
+    const { skip, take, cursor, where, orderBy } = params;
+    const memberships = await this.prisma.memberships.findMany({
+      skip,
+      take,
+      cursor,
+      where: { ...where, user: { id: userId } },
+      orderBy,
+      include: { group: true },
+    });
+    return memberships.map(user => this.prisma.expose<memberships>(user));
+  }
+
+  async getMembership(
+    userId: number,
+    id: number,
+  ): Promise<Expose<memberships> | null> {
+    const membership = await this.prisma.memberships.findOne({
+      where: { id },
+      include: { group: true },
+    });
+    if (membership.userId !== userId) throw new UnauthorizedException();
+    if (!membership)
+      throw new HttpException('Membership not found', HttpStatus.NOT_FOUND);
+    return this.prisma.expose<memberships>(membership);
+  }
+
+  async deleteMembership(
+    userId: number,
+    id: number,
+  ): Promise<Expose<memberships>> {
+    const testMembership = await this.prisma.memberships.findOne({
+      where: { id },
+    });
+    if (testMembership.userId !== userId) throw new UnauthorizedException();
+    await this.verifyDeleteMembership(testMembership.groupId, id);
+    const membership = await this.prisma.memberships.delete({
+      where: { id },
+    });
+    return this.prisma.expose<memberships>(membership);
+  }
+
+  /** Verify whether a group membership can be deleted */
+  async verifyDeleteMembership(
+    groupId: number,
+    membershipId: number,
+  ): Promise<void> {
+    const memberships = await this.prisma.memberships.findMany({
+      where: { group: { id: groupId } },
+    });
+    if (memberships.length === 1)
+      throw new HttpException(
+        'You cannot remove the sole member of a group',
+        HttpStatus.BAD_REQUEST,
+      );
+    const membership = await this.prisma.memberships.findOne({
+      where: { id: membershipId },
+    });
+    if (
+      membership.role === 'OWNER' &&
+      memberships.filter(i => i.role === 'OWNER').length === 1
+    )
+      throw new HttpException(
+        'You cannot remove the sole owner of a group',
+        HttpStatus.BAD_REQUEST,
+      );
+  }
+}