ghostfolio/apps/api/src/app/order/order.controller.ts

import { nullifyValuesInObjects } from '@ghostfolio/api/helper/object.helper';
import { ImpersonationService } from '@ghostfolio/api/services/impersonation.service';
import {
  getPermissions,
  hasPermission,
  permissions
} from '@ghostfolio/common/permissions';
import { RequestWithUser } from '@ghostfolio/common/types';
import {
  Body,
  Controller,
  Delete,
  Get,
  Headers,
  HttpException,
  Inject,
  Param,
  Post,
  Put,
  UseGuards
} from '@nestjs/common';
import { REQUEST } from '@nestjs/core';
import { AuthGuard } from '@nestjs/passport';
import { Order as OrderModel } from '@prisma/client';
import { parseISO } from 'date-fns';
import { StatusCodes, getReasonPhrase } from 'http-status-codes';

import { CreateOrderDto } from './create-order.dto';
import { OrderService } from './order.service';
import { UpdateOrderDto } from './update-order.dto';

@Controller('order')
export class OrderController {
  public constructor(
    private readonly impersonationService: ImpersonationService,
    private readonly orderService: OrderService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Delete(':id')
  @UseGuards(AuthGuard('jwt'))
  public async deleteOrder(@Param('id') id: string): Promise<OrderModel> {
    if (
      !hasPermission(
        getPermissions(this.request.user.role),
        permissions.deleteOrder
      )
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
      );
    }

    return this.orderService.deleteOrder({
      id_userId: {
        id,
        userId: this.request.user.id
      }
    });
  }

  @Get()
  @UseGuards(AuthGuard('jwt'))
  public async getAllOrders(
    @Headers('impersonation-id') impersonationId
  ): Promise<OrderModel[]> {
    const impersonationUserId =
      await this.impersonationService.validateImpersonationId(
        impersonationId,
        this.request.user.id
      );

    let orders = await this.orderService.orders({
      include: {
        Account: {
          include: {
            Platform: true
          }
        },
        SymbolProfile: {
          select: {
            name: true
          }
        }
      },
      orderBy: { date: 'desc' },
      where: { userId: impersonationUserId || this.request.user.id }
    });

    if (impersonationUserId) {
      orders = nullifyValuesInObjects(orders, ['fee', 'quantity', 'unitPrice']);
    }

    return orders;
  }

  @Get(':id')
  @UseGuards(AuthGuard('jwt'))
  public async getOrderById(@Param('id') id: string): Promise<OrderModel> {
    return this.orderService.order({
      id_userId: {
        id,
        userId: this.request.user.id
      }
    });
  }

  @Post()
  @UseGuards(AuthGuard('jwt'))
  public async createOrder(@Body() data: CreateOrderDto): Promise<OrderModel> {
    if (
      !hasPermission(
        getPermissions(this.request.user.role),
        permissions.createOrder
      )
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
      );
    }

    const date = parseISO(data.date);

    const accountId = data.accountId;
    delete data.accountId;

    return this.orderService.createOrder({
      ...data,
      Account: {
        connect: {
          id_userId: { id: accountId, userId: this.request.user.id }
        }
      },
      date,
      SymbolProfile: {
        connectOrCreate: {
          where: {
            dataSource_symbol: {
              dataSource: data.dataSource,
              symbol: data.symbol
            }
          },
          create: {
            dataSource: data.dataSource,
            symbol: data.symbol
          }
        }
      },
      User: { connect: { id: this.request.user.id } }
    });
  }

  @Put(':id')
  @UseGuards(AuthGuard('jwt'))
  public async update(@Param('id') id: string, @Body() data: UpdateOrderDto) {
    if (
      !hasPermission(
        getPermissions(this.request.user.role),
        permissions.updateOrder
      )
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
      );
    }

    const originalOrder = await this.orderService.order({
      id_userId: {
        id,
        userId: this.request.user.id
      }
    });

    if (!originalOrder) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
      );
    }

    const date = parseISO(data.date);

    const accountId = data.accountId;
    delete data.accountId;

    return this.orderService.updateOrder({
      data: {
        ...data,
        date,
        Account: {
          connect: {
            id_userId: { id: accountId, userId: this.request.user.id }
          }
        },
        User: { connect: { id: this.request.user.id } }
      },
      where: {
        id_userId: {
          id,
          userId: this.request.user.id
        }
      }
    });
  }
}
Feature/improve imports with paths in tsconfig (#32) * Improve imports 3 years ago			`import { nullifyValuesInObjects } from '@ghostfolio/api/helper/object.helper';`
			`import { ImpersonationService } from '@ghostfolio/api/services/impersonation.service';`
Feature/reorganize helper lib (#100) Reorganize helper lib (Move interfaces and types) * InfoItem * PortfolioItem * PortfolioOverview * PortfolioPerformance * Position * PortfolioPosition * PortfolioReport * PortfolioReportRule * User * UserSettings * DateRange * AdminData * AccessWithGranteeUser * OrderWithAccount * Granularity * UserWithSettings * RequestWithUser 3 years ago			`import {`
			`getPermissions,`
			`hasPermission,`
			`permissions`
Introduce @ghostfolio/common lib (#102) 3 years ago			`} from '@ghostfolio/common/permissions';`
			`import { RequestWithUser } from '@ghostfolio/common/types';`
Initial commit 3 years ago			`import {`
			`Body,`
			`Controller,`
			`Delete,`
			`Get,`
			`Headers,`
			`HttpException,`
			`Inject,`
			`Param,`
			`Post,`
			`Put,`
			`UseGuards`
			`} from '@nestjs/common';`
			`import { REQUEST } from '@nestjs/core';`
			`import { AuthGuard } from '@nestjs/passport';`
			`import { Order as OrderModel } from '@prisma/client';`
			`import { parseISO } from 'date-fns';`
			`import { StatusCodes, getReasonPhrase } from 'http-status-codes';`

			`import { CreateOrderDto } from './create-order.dto';`
			`import { OrderService } from './order.service';`
			`import { UpdateOrderDto } from './update-order.dto';`

			`@Controller('order')`
			`export class OrderController {`
			`public constructor(`
			`private readonly impersonationService: ImpersonationService,`
			`private readonly orderService: OrderService,`
			`@Inject(REQUEST) private readonly request: RequestWithUser`
			`) {}`

			`@Delete(':id')`
			`@UseGuards(AuthGuard('jwt'))`
			`public async deleteOrder(@Param('id') id: string): Promise<OrderModel> {`
			`if (`
			`!hasPermission(`
			`getPermissions(this.request.user.role),`
			`permissions.deleteOrder`
			`)`
			`) {`
			`throw new HttpException(`
			`getReasonPhrase(StatusCodes.FORBIDDEN),`
			`StatusCodes.FORBIDDEN`
			`);`
			`}`

Feature/improve support for draft transactions (#265) * Improve support for draft transactions * Update changelog 3 years ago			`return this.orderService.deleteOrder({`
			`id_userId: {`
			`id,`
			`userId: this.request.user.id`
			`}`
			`});`
Initial commit 3 years ago			`}`

			`@Get()`
			`@UseGuards(AuthGuard('jwt'))`
			`public async getAllOrders(`
			`@Headers('impersonation-id') impersonationId`
			`): Promise<OrderModel[]> {`
Drafts for orders (#187) * Render the future with a dashed border * Update changelog 3 years ago			`const impersonationUserId =`
			`await this.impersonationService.validateImpersonationId(`
			`impersonationId,`
			`this.request.user.id`
			`);`
Initial commit 3 years ago
			`let orders = await this.orderService.orders({`
			`include: {`
Feature/migration to accounts (#58) * Migrate transaction table * Add accounts page * Add account page logic 3 years ago			`Account: {`
			`include: {`
			`Platform: true`
			`}`
Feature/eliminate name from timeline position (#245) * Eliminate name from timeline position: Get the name from the symbolProfileService instead * Update changelog 3 years ago			`},`
			`SymbolProfile: {`
			`select: {`
			`name: true`
			`}`
Feature/migration to accounts (#58) * Migrate transaction table * Add accounts page * Add account page logic 3 years ago			`}`
Initial commit 3 years ago			`},`
			`orderBy: { date: 'desc' },`
			`where: { userId: impersonationUserId \|\| this.request.user.id }`
			`});`

Feature/improve impersonation mode (#293) * Improve the impersonation mode * Update changelog 3 years ago			`if (impersonationUserId) {`
Initial commit 3 years ago			`orders = nullifyValuesInObjects(orders, ['fee', 'quantity', 'unitPrice']);`
			`}`

			`return orders;`
			`}`

			`@Get(':id')`
			`@UseGuards(AuthGuard('jwt'))`
			`public async getOrderById(@Param('id') id: string): Promise<OrderModel> {`
			`return this.orderService.order({`
			`id_userId: {`
			`id,`
			`userId: this.request.user.id`
			`}`
			`});`
			`}`

			`@Post()`
			`@UseGuards(AuthGuard('jwt'))`
			`public async createOrder(@Body() data: CreateOrderDto): Promise<OrderModel> {`
			`if (`
			`!hasPermission(`
			`getPermissions(this.request.user.role),`
			`permissions.createOrder`
			`)`
			`) {`
			`throw new HttpException(`
			`getReasonPhrase(StatusCodes.FORBIDDEN),`
			`StatusCodes.FORBIDDEN`
			`);`
			`}`

			`const date = parseISO(data.date);`

Prepare for multi accounts support: store account for new transactions (#46) 3 years ago			`const accountId = data.accountId;`
			`delete data.accountId;`

Feature/improve support for draft transactions (#265) * Improve support for draft transactions * Update changelog 3 years ago			`return this.orderService.createOrder({`
			`...data,`
			`Account: {`
			`connect: {`
			`id_userId: { id: accountId, userId: this.request.user.id }`
			`}`
			`},`
			`date,`
			`SymbolProfile: {`
			`connectOrCreate: {`
			`where: {`
			`dataSource_symbol: {`
Feature/connect or create logic for symbol profile (#153) * Add connectOrCreate logic * Extend seed * Update changelog 3 years ago			`dataSource: data.dataSource,`
			`symbol: data.symbol`
			`}`
Feature/improve support for draft transactions (#265) * Improve support for draft transactions * Update changelog 3 years ago			`},`
			`create: {`
			`dataSource: data.dataSource,`
			`symbol: data.symbol`
Feature/connect or create logic for symbol profile (#153) * Add connectOrCreate logic * Extend seed * Update changelog 3 years ago			`}`
Feature/improve support for draft transactions (#265) * Improve support for draft transactions * Update changelog 3 years ago			`}`
Feature/eliminate platform from order (#63) * Eliminate platform from order * Update changelog 3 years ago			`},`
Feature/improve support for draft transactions (#265) * Improve support for draft transactions * Update changelog 3 years ago			`User: { connect: { id: this.request.user.id } }`
			`});`
Initial commit 3 years ago			`}`

			`@Put(':id')`
			`@UseGuards(AuthGuard('jwt'))`
			`public async update(@Param('id') id: string, @Body() data: UpdateOrderDto) {`
			`if (`
			`!hasPermission(`
			`getPermissions(this.request.user.role),`
			`permissions.updateOrder`
			`)`
			`) {`
			`throw new HttpException(`
			`getReasonPhrase(StatusCodes.FORBIDDEN),`
			`StatusCodes.FORBIDDEN`
			`);`
			`}`

			`const originalOrder = await this.orderService.order({`
			`id_userId: {`
			`id,`
			`userId: this.request.user.id`
			`}`
			`});`

Feature/create and update accounts (#60) * Allow to create and update accounts * Activate account selector in transaction dialog * Refactor analytics and report from platforms to accounts 3 years ago			`if (!originalOrder) {`
			`throw new HttpException(`
			`getReasonPhrase(StatusCodes.FORBIDDEN),`
			`StatusCodes.FORBIDDEN`
			`);`
			`}`

Initial commit 3 years ago			`const date = parseISO(data.date);`

Prepare for multi accounts support: store account for new transactions (#46) 3 years ago			`const accountId = data.accountId;`
			`delete data.accountId;`

Feature/improve support for draft transactions (#265) * Improve support for draft transactions * Update changelog 3 years ago			`return this.orderService.updateOrder({`
			`data: {`
			`...data,`
			`date,`
			`Account: {`
			`connect: {`
			`id_userId: { id: accountId, userId: this.request.user.id }`
Feature/eliminate platform from order (#63) * Eliminate platform from order * Update changelog 3 years ago			`}`
Feature/improve support for draft transactions (#265) * Improve support for draft transactions * Update changelog 3 years ago			`},`
			`User: { connect: { id: this.request.user.id } }`
Feature/eliminate platform from order (#63) * Eliminate platform from order * Update changelog 3 years ago			`},`
Feature/improve support for draft transactions (#265) * Improve support for draft transactions * Update changelog 3 years ago			`where: {`
			`id_userId: {`
			`id,`
			`userId: this.request.user.id`
			`}`
			`}`
			`});`
Initial commit 3 years ago			`}`
			`}`