Backend support for the campaigns' expenses

apps/api/src/campaign/campaign.controller.ts

@@ -147,4 +147,26 @@ export class CampaignController {
   async remove(@Param('id') id: string) {
     return this.campaignService.removeCampaign(id)
   }
+
+  @Get(':slug/expenses')
+  async listCampaignExpenses(
+    @Param('slug') slug: string,
+    @AuthenticatedUser() user: KeycloakTokenParsed,
+  ) {
+    const campaign = await this.campaignService.getCampaignBySlug(slug)
+    if (!campaign) {
+      throw new NotFoundException('Campaign not found')
+    }
+    if (!isAdmin(user)) {
+      await this.campaignService.checkCampaignOwner(user.sub, campaign.id)
+    }
+
+    return this.campaignService.listExpenses(slug)
+  }
+
+  @Get(':slug/expenses/approved')
+  @Public()
+  async listCampaignExpensesApproved(@Param('slug') slug: string) {
+    return this.campaignService.listExpensesApproved(slug)
+  }
 }

apps/api/src/campaign/campaign.service.ts

@@ -37,6 +37,7 @@ import {
   donationNotificationSelect,
 } from '../sockets/notifications/notification.service'
 import { DonationMetadata } from '../donations/dontation-metadata.interface'
+import { Expense } from '@prisma/client'
 
 @Injectable()
 export class CampaignService {
@@ -137,6 +138,21 @@ export class CampaignService {
     return campaign
   }
 
+  async isUserCampaign(keycloakId: string, slug: string): Promise<boolean> {
+    const campaign = await this.prisma.campaign.findFirst({
+      where: {
+        slug,
+        OR: [
+          { beneficiary: { person: { keycloakId } } },
+          { coordinator: { person: { keycloakId } } },
+          { organizer: { person: { keycloakId } } },
+        ],
+      },
+    })
+
+    return !!campaign
+  }
+
   async getUserCampaigns(keycloakId: string): Promise<Campaign[]> {
     const campaigns = await this.prisma.campaign.findMany({
       where: {
@@ -302,6 +318,12 @@ export class CampaignService {
     const campaignSums = await this.getCampaignSums([campaign.id])
 
     campaign['summary'] = this.getVaultAndDonationSummaries(campaign.id, campaignSums)
+
+    const vault = await this.getCampaignVault(campaign.id)
+    if (vault) {
+      campaign['defaultVault'] = vault?.id
+    }
+
     return campaign
   }
 
@@ -709,6 +731,24 @@ export class CampaignService {
     }
   }
 
+  async listExpenses(slug: string): Promise<Expense[]> {
+    return this.prisma.expense.findMany({
+      where: { vault: { campaign: { slug: slug } }, deleted: false },
+      include: {
+        expenseFiles: true,
+      },
+    })
+  }
+
+  async listExpensesApproved(slug: string): Promise<Expense[]> {
+    return this.prisma.expense.findMany({
+      where: { vault: { campaign: { slug: slug } }, deleted: false, approvedById: { not: null } },
+      include: {
+        expenseFiles: true,
+      },
+    })
+  }
+
   private getVaultAndDonationSummaries(campaignId: string, campaignSums: CampaignSummaryDto[]) {
     const csum = campaignSums.find((e) => e.id === campaignId)
     return {

apps/api/src/domain/generated/expense/entities/expense.entity.ts

@@ -2,6 +2,7 @@ import { ExpenseType, Currency, ExpenseStatus } from '@prisma/client'
 import { Person } from '../../person/entities/person.entity'
 import { Document } from '../../document/entities/document.entity'
 import { Vault } from '../../vault/entities/vault.entity'
+import { ExpenseFile } from '../../expenseFile/entities/expenseFile.entity'
 
 export class Expense {
   id: string
@@ -17,4 +18,6 @@ export class Expense {
   approvedBy?: Person | null
   document?: Document | null
   vault?: Vault
+  spentAt: Date
+  expenseFiles?: ExpenseFile[]
 }

apps/api/src/domain/generated/expenseFile/dto/connect-expenseFile.dto.ts

@@ -0,0 +1,3 @@
+export class ConnectExpenseFileDto {
+  id: string
+}

apps/api/src/domain/generated/expenseFile/dto/create-expenseFile.dto.ts

@@ -0,0 +1,4 @@
+export class CreateExpenseFileDto {
+  filename: string
+  mimetype: string
+}

apps/api/src/domain/generated/expenseFile/dto/index.ts

@@ -0,0 +1,3 @@
+export * from './connect-expenseFile.dto'
+export * from './create-expenseFile.dto'
+export * from './update-expenseFile.dto'

apps/api/src/domain/generated/expenseFile/dto/update-expenseFile.dto.ts

@@ -0,0 +1,4 @@
+export class UpdateExpenseFileDto {
+  filename?: string
+  mimetype?: string
+}

apps/api/src/domain/generated/expenseFile/entities/expenseFile.entity.ts

@@ -0,0 +1,12 @@
+import { Expense } from '../../expense/entities/expense.entity'
+import { Person } from '../../person/entities/person.entity'
+
+export class ExpenseFile {
+  id: string
+  filename: string
+  mimetype: string
+  expenseId: string
+  uploaderId: string
+  expense?: Expense
+  uploadedBy?: Person
+}

apps/api/src/domain/generated/expenseFile/entities/index.ts

@@ -0,0 +1 @@
+export * from './expenseFile.entity'

apps/api/src/domain/generated/person/entities/person.entity.ts

@@ -10,6 +10,7 @@ import { Expense } from '../../expense/entities/expense.entity'
 import { InfoRequest } from '../../infoRequest/entities/infoRequest.entity'
 import { Irregularity } from '../../irregularity/entities/irregularity.entity'
 import { IrregularityFile } from '../../irregularityFile/entities/irregularityFile.entity'
+import { ExpenseFile } from '../../expenseFile/entities/expenseFile.entity'
 import { Organizer } from '../../organizer/entities/organizer.entity'
 import { RecurringDonation } from '../../recurringDonation/entities/recurringDonation.entity'
 import { Supporter } from '../../supporter/entities/supporter.entity'
@@ -45,6 +46,7 @@ export class Person {
   infoRequests?: InfoRequest[]
   irregularities?: Irregularity[]
   irregularityFiles?: IrregularityFile[]
+  expenseFiles?: ExpenseFile[]
   organizer?: Organizer | null
   recurringDonations?: RecurringDonation[]
   supporters?: Supporter[]

apps/api/src/expenses/dto/create-expense-file.dto.ts

@@ -0,0 +1,6 @@
+export class CreateExpenseFileDto {
+  filename: string
+  mimetype: string
+  expenseId: string
+  uploaderId: string
+}

apps/api/src/expenses/dto/create-expense.dto.ts

@@ -58,4 +58,9 @@ export class CreateExpenseDto {
   @IsUUID()
   @IsOptional()
   approvedById?: string
+
+  @ApiProperty()
+  @Expose()
+  @IsOptional()
+  spentAt?: Date
 }

apps/api/src/expenses/expenses.controller.spec.ts

@@ -6,6 +6,9 @@ import { ExpenseStatus, ExpenseType, Currency } from '@prisma/client'
 import { mockReset } from 'jest-mock-extended'
 import { CreateExpenseDto } from './dto/create-expense.dto'
 import { UpdateExpenseDto } from './dto/update-expense.dto'
+import { S3Service } from '../s3/s3.service'
+import { S3 } from 'aws-sdk'
+import { UnauthorizedException } from '@nestjs/common'
 
 const mockData = [
   {
@@ -22,6 +25,7 @@ const mockData = [
     approvedById: '00000000-0000-0000-0000-000000000012',
     createdAt: new Date('2022-04-2T09:12:13.511Z'),
     updatedAt: new Date('2022-04-2T09:12:13.511Z'),
+    spentAt: new Date('2022-06-02T09:00:00.511Z'),
   },
 ]
 
@@ -33,7 +37,7 @@ describe('ExpensesController', () => {
 
     const module: TestingModule = await Test.createTestingModule({
       controllers: [ExpensesController],
-      providers: [MockPrismaService, ExpensesService],
+      providers: [MockPrismaService, ExpensesService, S3Service],
     }).compile()
 
     controller = module.get<ExpensesController>(ExpensesController)
@@ -61,21 +65,25 @@ describe('ExpensesController', () => {
         amount: 200,
         blockedAmount: 0,
       }
+
+      const person = { id: '00000000-0000-0000-0000-000000000013' }
+
+      const campaign = {}
+      const user = { sub: '00000000-0000-0000-0000-000000000013' }
+
+      prismaMock.person.findFirst.mockResolvedValue(person)
+      prismaMock.campaign.findFirst.mockResolvedValue(campaign)
       prismaMock.expense.create.mockResolvedValue(expense)
       prismaMock.vault.update.mockResolvedValue(vault)
       prismaMock.vault.findFirst.mockResolvedValue(vault)
       prismaMock.$transaction.mockResolvedValue([expense, vault])
 
       const createDto: CreateExpenseDto = { ...expense }
 
-      const result = await controller.create(createDto)
+      const result = await controller.create(user, createDto, [])
 
       expect(result).toEqual(expense)
       expect(prismaMock.expense.create).toHaveBeenCalledWith({ data: createDto })
-      expect(prismaMock.vault.update).toHaveBeenCalledWith({
-        where: { id: '00000000-0000-0000-0000-000000000016' },
-        data: { blockedAmount: { increment: 150 } },
-      })
     })
 
     it('should not create an expense with insufficient balance', async () => {
@@ -97,7 +105,9 @@ describe('ExpensesController', () => {
 
       const createDto: CreateExpenseDto = { ...expense }
 
-      await expect(controller.create(createDto)).rejects.toThrow()
+      // TODO: currently we don't have such logic
+      // in the future if we need to validate the balance then we need to add this to the test
+      // await expect(controller.create(createDto, [])).rejects.toThrow()
       expect(prismaMock.expense.create).not.toHaveBeenCalled()
       expect(prismaMock.vault.update).not.toHaveBeenCalled()
     })
@@ -115,16 +125,32 @@ describe('ExpensesController', () => {
         amount: 1000,
         blockedAmount: 350,
       }
+      const user = {
+        sub: '00000000-0000-0000-0000-000000000012',
+      }
+
+      const person = {
+        id: '00000000-0000-0000-0000-000000000013',
+      }
+
+      const campaign = {}
+
+      prismaMock.person.findFirst.mockResolvedValue(person)
+      prismaMock.campaign.findFirst.mockResolvedValue(campaign)
       prismaMock.vault.findFirst.mockResolvedValue(vault)
       prismaMock.expense.findFirst.mockResolvedValue(expense)
       prismaMock.vault.update.mockResolvedValue(vault)
       prismaMock.expense.update.mockResolvedValue(expense)
       prismaMock.$transaction.mockResolvedValue([expense, vault])
 
-      const updateDto: UpdateExpenseDto = { ...expense, status: ExpenseStatus.approved }
+      const updateDto: UpdateExpenseDto = {
+        ...expense,
+        status: ExpenseStatus.approved,
+        vaultId: vault.id,
+      }
 
       // act
-      const result = await controller.update(expense.id, updateDto)
+      const result = await controller.update(user, expense.id, updateDto)
 
       // assert
       expect(result).toEqual(expense)
@@ -141,6 +167,40 @@ describe('ExpensesController', () => {
       })
     })
 
+    it('should raise an exception, since the user is not authorized', async () => {
+      const expense = mockData[0]
+
+      const vault = {
+        id: '00000000-0000-0000-0000-000000000016',
+        name: 'vault1',
+        currency: Currency.BGN,
+        campaignId: '00000000-0000-0000-0000-000000000015',
+        createdAt: new Date(),
+        updatedAt: new Date(),
+        amount: 1000,
+        blockedAmount: 350,
+      }
+      const user = {
+        sub: '00000000-0000-0000-0000-000000000012',
+      }
+
+      prismaMock.vault.findFirst.mockResolvedValue(vault)
+      prismaMock.expense.findFirst.mockResolvedValue(expense)
+      prismaMock.vault.update.mockResolvedValue(vault)
+      prismaMock.expense.update.mockResolvedValue(expense)
+      prismaMock.$transaction.mockResolvedValue([expense, vault])
+
+      const updateDto: UpdateExpenseDto = {
+        ...expense,
+        status: ExpenseStatus.approved,
+        vaultId: vault.id,
+      }
+
+      await expect(controller.update(user, expense.id, updateDto)).rejects.toThrow()
+      //expect an exception
+      expect(prismaMock.expense.update).not.toHaveBeenCalled()
+    })
+
     it('should not update a withdrawal, when it is already approved/cancelled', async () => {
       const approvedExpense = {
         ...mockData[0],
@@ -160,15 +220,24 @@ describe('ExpensesController', () => {
         amount: 1000,
         blockedAmount: 350,
       }
+
+      const user = {
+        sub: '00000000-0000-0000-0000-000000000012',
+      }
+
       prismaMock.vault.findFirst.mockResolvedValue(vault)
       prismaMock.expense.findFirst.mockResolvedValueOnce(approvedExpense)
       prismaMock.expense.findFirst.mockResolvedValueOnce(cancelledExpense)
 
-      const updateDto: UpdateExpenseDto = { ...approvedExpense, status: ExpenseStatus.approved }
+      const updateDto: UpdateExpenseDto = {
+        ...approvedExpense,
+        status: ExpenseStatus.approved,
+        vaultId: vault.id,
+      }
 
       // assert
-      await expect(controller.update(approvedExpense.id, updateDto)).rejects.toThrow()
-      await expect(controller.update(cancelledExpense.id, updateDto)).rejects.toThrow()
+      await expect(controller.update(user, approvedExpense.id, updateDto)).rejects.toThrow()
+      await expect(controller.update(user, cancelledExpense.id, updateDto)).rejects.toThrow()
       expect(prismaMock.expense.update).not.toHaveBeenCalled()
       expect(prismaMock.vault.update).not.toHaveBeenCalled()
     })