feat : Admin can unlocked users

feat : admin can update and create users.

src/controllers/admin_auth.controller.js

@@ -62,6 +62,7 @@ async function getUserDetails(req, res) {
     res.status(500).json({ error: 'invalid CIF number' });
   }
 }
+
 async function getUserRights(req, res) {
   const { CIF } = req.query;
   if (!CIF) {
@@ -71,13 +72,13 @@ async function getUserRights(req, res) {
   }
   const userDetails = await adminAuthService.getCustomerDetailsFromDB(CIF);
   if (!userDetails)
-    return res.status(401).json({ error: 'invalid CIF number or No rights is present for the user.' });
+    return res.status(404).json({ error: 'invalid CIF number or No rights is present for the user.' });
   return res.json(userDetails);
 }
 
 async function UserRights(req, res) {
   try {
-    const { CIF, ib_access_level, mb_access_level } = req.body;
+    const { CIF, ib_access_level, mb_access_level, ib_limit, mb_limit } = req.body;
 
     if (!CIF) {
       return res.status(400).json({ error: 'CIF number is required' });
@@ -93,23 +94,26 @@ async function UserRights(req, res) {
       if (FirstTimeLogin && dayjs(currentTime).diff(dayjs(user.created_at), 'day') > 8) {
         // Password expired, resend
         await db.query(
-          'UPDATE users SET password_hash=$2, updated_at=$5, ib_access_level=$3, mb_access_level=$4 WHERE customer_no=$1',
-          [CIF, password, ib_access_level, mb_access_level, currentTime]
+          'UPDATE users SET password_hash=$2, updated_at=$5, ib_access_level=$3, mb_access_level=$4 ,inb_limit_amount=$6,mobile_limit_amount=$7 WHERE customer_no=$1',
+          [CIF, password, ib_access_level, mb_access_level, currentTime, ib_limit, mb_limit]
         );
+        logger.info("Admin sended the OTP");
         return res.json({ otp: first_time_pass });
       }
       // Just update access levels and timestamp
       await db.query(
-        'UPDATE users SET updated_at=$4, ib_access_level=$2, mb_access_level=$3 WHERE customer_no=$1',
-        [CIF, ib_access_level, mb_access_level, currentTime]
+        'UPDATE users SET updated_at=$4, ib_access_level=$2, mb_access_level=$3 ,inb_limit_amount=$5,mobile_limit_amount=$6 WHERE customer_no=$1',
+        [CIF, ib_access_level, mb_access_level, currentTime, ib_limit, mb_limit]
       );
+      logger.info("Admin Updated the user.");
       return res.json({ message: "User updated successfully." });
     } else {
       // User does not exist, insert
       await db.query(
-        'INSERT INTO users (customer_no, password_hash, ib_access_level, mb_access_level) VALUES ($1, $2, $3, $4)',
-        [CIF, password, ib_access_level, mb_access_level]
+        'INSERT INTO users (customer_no, password_hash, ib_access_level, mb_access_level ,inb_limit_amount,mobile_limit_amount) VALUES ($1, $2, $3, $4 ,$5 ,$6)',
+        [CIF, password, ib_access_level, mb_access_level, ib_limit, mb_limit]
       );
+      logger.info("New user enroll by admin.");
       return res.json({ otp: first_time_pass });
     }
   } catch (err) {
@@ -119,4 +123,30 @@ async function UserRights(req, res) {
   }
 }
 
-module.exports = { login, fetchAdminDetails, getUserDetails, UserRights, getUserRights };
+async function handleUnlockUser(req, res) {
+  try {
+    const { user, action } = req.body;
+    const adminUserName = req.admin;
+    if (!user) {
+      return res.status(400).json({ error: "CIF or username is required" });
+    }
+    const userDetails = await adminAuthService.getCustomerDetailsFromDB(user);
+    if (!userDetails) {
+      return res
+        .status(404)
+        .json({ error: "Invalid CIF number or username" });
+    }
+    await adminAuthService.updateUserLockStatus(user, action,adminUserName);
+    const statusText = action ? "locked" : "unlocked";
+    logger.info(`User ${user} has been successfully ${statusText}.`);
+
+    return res.json({
+      message: `User ${user} has been successfully ${statusText}.`,
+    });
+  } catch (error) {
+    console.error("Unlock user error:", error);
+    return res.status(500).json({ error: "Internal server error" });
+  }
+}
+
+module.exports = { login, fetchAdminDetails, getUserDetails, UserRights, getUserRights, handleUnlockUser };