import { logger } from "../config/logger.js";
import { AdminService } from "../services/admin.service.js";
import { AuthService } from "../services/auth.service.js";
/**
* Administrative controller exposing user management endpoints.
* @category Controllers
*/
export class AdminController {
/**
* Create a new user via the admin service.
* @param {ICreateUserRequest} req Express request containing user data.
* @param {Response} res Express response instance.
* @returns {Promise<void>} Resolves when the response has been sent.
*/
static async createUser(req, res) {
try {
const userData = req.body;
const adminService = new AdminService();
const user = await adminService.createUser(userData);
res.status(201).json({
success: true,
message: "User created successfully",
data: user,
});
}
catch (error) {
logger.error({
error,
message: "Create user controller error",
});
const message = error instanceof Error ? error.message : "User creation failed";
const statusCode = message.includes("already exists") ? 409 : 500;
res.status(statusCode).json({
success: false,
message,
});
}
}
// async getAllUsers(req: IAuthRequest, res: Response): Promise<void> {
// try {
// const users = await userService.getAllUsers();
// res.status(200).json({
// success: true,
// data: users
// });
// } catch (error) {
// logger.error('Get all users controller error:', error);
// res.status(500).json({
// success: false,
// message: 'Failed to get users'
// });
// }
// }
// async getUserById(req: IAuthRequest, res: Response): Promise<void> {
// try {
// const { userId } = (req as any).params;
// const user = await userService.getUserById(userId);
// res.status(200).json({
// success: true,
// data: user
// });
// } catch (error) {
// logger.error('Get user by ID controller error:', error);
// const message = error instanceof Error ? error.message : 'Failed to get user';
// const statusCode = message.includes('not found') ? 404 : 500;
// res.status(statusCode).json({
// success: false,
// message
// });
// }
// }
// async updateUser(req: IAuthRequest, res: Response): Promise<void> {
// try {
// const { userId } = (req as any).params;
// const updateData = req.body as IUserUpdate;
// const user = await userService.updateUser(userId, updateData);
// res.status(200).json({
// success: true,
// message: 'User updated successfully',
// data: user
// });
// } catch (error) {
// logger.error('Update user controller error:', error);
// const message = error instanceof Error ? error.message : 'User update failed';
// const statusCode = message.includes('not found') ? 404 : 500;
// res.status(statusCode).json({
// success: false,
// message
// });
// }
// }
/**
* Reset a user's password via the admin service.
* @param {IGenericBodyResponse<IResetPasswordDto>} req Express request body with reset DTO.
* @param {Response} res Express response instance.
* @returns {Promise<void>} Resolves when the response has been sent.
*/
static async resetPassword(req, res) {
try {
const resetData = req.body;
const adminService = new AdminService();
await adminService.resetPassword(resetData);
res.status(200).json({
success: true,
message: "Password reset successfully",
});
}
catch (error) {
logger.error({
error,
message: "Reset password controller error",
});
const message = error instanceof Error ? error.message : "Password reset failed";
const statusCode = message.includes("not found") ? 404 : 500;
res.status(statusCode).json({
success: false,
message,
});
}
}
/**
* Update limited user fields (name, role) via the auth service.
* @param {IGenericBodyResponse<IUpdateUserDto>} req Express request with update payload.
* @param {Response} res Express response instance.
* @returns {Promise<void>} Resolves when the response has been sent.
*/
static async updateUser(req, res) {
try {
const { email, name, role } = req.body;
const authService = new AuthService();
await authService.updateUserByEmail(email, name, role);
res.status(200).json({
success: true,
message: "User updated successfully",
});
}
catch (error) {
logger.error({
error,
message: "Update user controller error",
});
const message = error instanceof Error ? error.message : "Failed to update user";
const statusCode = message.includes("not found") ? 404 : 500;
res.status(statusCode).json({
success: false,
message,
});
}
}
/**
* Delete a user via the admin service with auditing safeguards.
* @param {IRequestWithUser} req Express request that includes the authenticated admin.
* @param {Response} res Express response instance.
* @returns {Promise<void>} Resolves when the response has been sent.
*/
static async deleteUser(req, res) {
try {
const { email } = req.body;
const currentUserEmail = req.user?.email;
if (!currentUserEmail) {
res.status(401).json({
success: false,
message: "Unauthorized",
});
return;
}
const adminService = new AdminService();
await adminService.deleteUser(email, currentUserEmail);
res.status(200).json({
success: true,
message: "User deleted successfully",
});
}
catch (error) {
logger.error({
error,
message: "Delete user controller error",
});
const message = error instanceof Error ? error.message : "User deletion failed";
let statusCode = 500;
if (message.includes("not found")) {
statusCode = 404;
}
else if (message.includes("cannot delete")) {
statusCode = 403;
}
res.status(statusCode).json({
success: false,
message,
});
}
}
/**
* Retrieve a paginated list of SMEs and admins.
* @param {IRequestWithUser} req Express request with pagination query params.
* @param {Response} res Express response instance.
* @returns {Promise<void>} Resolves when the response has been sent.
*/
static async getAllSmes(req, res) {
try {
const { page = 1, limit = 10, search } = req.query;
const adminService = new AdminService();
const result = await adminService.getAllSmes(req.user.userId, Number(page), Number(limit), search);
res.status(200).json({
success: true,
data: result.data,
pagination: result.pagination,
});
}
catch (error) {
logger.error({
error,
message: "Get admins and SMEs controller error",
});
res.status(500).json({
success: false,
message: "Failed to retrieve admins and SMEs",
});
}
}
}
Source