2025-08-21 08:14:12 +00:00
|
|
|
import {
|
|
|
|
|
ExpressController,
|
|
|
|
|
authGuard,
|
|
|
|
|
errorMapper,
|
|
|
|
|
forbidQueryFieldGuard,
|
|
|
|
|
tenantGuard,
|
|
|
|
|
} from "@erp/core/api";
|
|
|
|
|
import { CreateCustomerRequestDTO } from "../../../../common/dto";
|
|
|
|
|
import { CreateCustomerUseCase } from "../../../application";
|
2025-08-11 17:49:52 +00:00
|
|
|
|
|
|
|
|
export class CreateCustomerController extends ExpressController {
|
2025-08-21 08:14:12 +00:00
|
|
|
public constructor(private readonly useCase: CreateCustomerUseCase) {
|
2025-08-11 17:49:52 +00:00
|
|
|
super();
|
2025-08-14 14:58:13 +00:00
|
|
|
// 🔐 Reutiliza guards de auth/tenant y prohíbe 'companyId' en query
|
|
|
|
|
this.useGuards(authGuard(), tenantGuard(), forbidQueryFieldGuard("companyId"));
|
2025-08-11 17:49:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
protected async executeImpl() {
|
2025-08-21 08:14:12 +00:00
|
|
|
const tenantId = this.getTenantId()!; // garantizado por tenantGuard
|
|
|
|
|
const dto = this.req.body as CreateCustomerRequestDTO;
|
2025-08-11 17:49:52 +00:00
|
|
|
/*
|
|
|
|
|
// Inyectar empresa del usuario autenticado (ownership)
|
|
|
|
|
dto.customerCompanyId = user.companyId;
|
|
|
|
|
*/
|
|
|
|
|
|
2025-08-25 17:42:56 +00:00
|
|
|
const result = await this.useCase.execute({ tenantId, dto });
|
2025-08-11 17:49:52 +00:00
|
|
|
|
2025-08-21 08:14:12 +00:00
|
|
|
return result.match(
|
|
|
|
|
(data) => this.created(data),
|
|
|
|
|
(err) => this.handleApiError(errorMapper.toApiError(err))
|
|
|
|
|
);
|
2025-08-11 17:49:52 +00:00
|
|
|
}
|
|
|
|
|
}
|
