/** * RequisicionController - Controller de requisiciones de obra * * Endpoints REST para gestión de requisiciones de material. * Workflow: draft -> submitted -> approved -> partially_served -> served * * @module Inventory */ import { Router, Request, Response, NextFunction } from 'express'; import { DataSource } from 'typeorm'; import { RequisicionService, CreateRequisicionDto, AddLineaDto, RequisicionFilters, } from '../services/requisicion.service'; import { AuthMiddleware } from '../../auth/middleware/auth.middleware'; import { AuthService } from '../../auth/services/auth.service'; import { RequisicionObra } from '../entities/requisicion-obra.entity'; import { RequisicionLinea } from '../entities/requisicion-linea.entity'; import { User } from '../../core/entities/user.entity'; import { Tenant } from '../../core/entities/tenant.entity'; import { RefreshToken } from '../../auth/entities/refresh-token.entity'; interface ServiceContext { tenantId: string; userId?: string; } /** * Crear router de requisiciones */ export function createRequisicionController(dataSource: DataSource): Router { const router = Router(); // Repositorios const requisicionRepository = dataSource.getRepository(RequisicionObra); const lineaRepository = dataSource.getRepository(RequisicionLinea); const userRepository = dataSource.getRepository(User); const tenantRepository = dataSource.getRepository(Tenant); const refreshTokenRepository = dataSource.getRepository(RefreshToken); // Servicios const requisicionService = new RequisicionService(requisicionRepository, lineaRepository); const authService = new AuthService(userRepository, tenantRepository, refreshTokenRepository as any); const authMiddleware = new AuthMiddleware(authService, dataSource); // Helper para crear contexto de servicio const getContext = (req: Request): ServiceContext => { if (!req.tenantId) { throw new Error('Tenant ID is required'); } return { tenantId: req.tenantId, userId: req.user?.sub, }; }; /** * GET /requisiciones * Listar requisiciones con filtros */ router.get('/', authMiddleware.authenticate, async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const page = parseInt(req.query.page as string) || 1; const limit = Math.min(parseInt(req.query.limit as string) || 20, 100); const filters: RequisicionFilters = { fraccionamientoId: req.query.fraccionamientoId as string, status: req.query.status as any, priority: req.query.priority as string, dateFrom: req.query.dateFrom ? new Date(req.query.dateFrom as string) : undefined, dateTo: req.query.dateTo ? new Date(req.query.dateTo as string) : undefined, }; const result = await requisicionService.findWithFilters(getContext(req), filters, page, limit); res.status(200).json({ success: true, data: result.data, pagination: { total: result.total, page: result.page, limit: result.limit, totalPages: result.totalPages, }, }); } catch (error) { next(error); } }); /** * GET /requisiciones/:id * Obtener requisición con detalles */ router.get('/:id', authMiddleware.authenticate, async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const requisicion = await requisicionService.findWithDetails(getContext(req), req.params.id); if (!requisicion) { res.status(404).json({ error: 'Not Found', message: 'Requisition not found' }); return; } res.status(200).json({ success: true, data: requisicion }); } catch (error) { next(error); } }); /** * POST /requisiciones * Crear requisición */ router.post('/', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'resident'), async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const dto: CreateRequisicionDto = req.body; if (!dto.fraccionamientoId || !dto.requisitionDate || !dto.requiredDate) { res.status(400).json({ error: 'Bad Request', message: 'fraccionamientoId, requisitionDate and requiredDate are required', }); return; } dto.requisitionDate = new Date(dto.requisitionDate); dto.requiredDate = new Date(dto.requiredDate); const requisicion = await requisicionService.create(getContext(req), dto); res.status(201).json({ success: true, data: requisicion }); } catch (error) { next(error); } }); /** * POST /requisiciones/:id/lineas * Agregar línea a requisición */ router.post('/:id/lineas', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'resident'), async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const dto: AddLineaDto = req.body; if (!dto.productId || dto.quantityRequested === undefined) { res.status(400).json({ error: 'Bad Request', message: 'productId and quantityRequested are required', }); return; } const linea = await requisicionService.addLinea(getContext(req), req.params.id, dto); res.status(201).json({ success: true, data: linea }); } catch (error) { if (error instanceof Error) { if (error.message === 'Requisicion not found') { res.status(404).json({ error: 'Not Found', message: error.message }); return; } if (error.message.includes('draft')) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } } next(error); } }); /** * DELETE /requisiciones/:id/lineas/:lineaId * Eliminar línea de requisición */ router.delete('/:id/lineas/:lineaId', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'resident'), async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const removed = await requisicionService.removeLinea(getContext(req), req.params.id, req.params.lineaId); if (!removed) { res.status(404).json({ error: 'Not Found', message: 'Line not found' }); return; } res.status(200).json({ success: true, message: 'Line removed' }); } catch (error) { if (error instanceof Error && error.message.includes('draft')) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } next(error); } }); /** * POST /requisiciones/:id/submit * Enviar requisición para aprobación */ router.post('/:id/submit', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'resident'), async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const requisicion = await requisicionService.submit(getContext(req), req.params.id); if (!requisicion) { res.status(404).json({ error: 'Not Found', message: 'Requisition not found' }); return; } res.status(200).json({ success: true, data: requisicion, message: 'Requisition submitted' }); } catch (error) { if (error instanceof Error) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } next(error); } }); /** * POST /requisiciones/:id/approve * Aprobar requisición */ router.post('/:id/approve', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director'), async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const requisicion = await requisicionService.approve(getContext(req), req.params.id); if (!requisicion) { res.status(404).json({ error: 'Not Found', message: 'Requisition not found' }); return; } res.status(200).json({ success: true, data: requisicion, message: 'Requisition approved' }); } catch (error) { if (error instanceof Error) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } next(error); } }); /** * POST /requisiciones/:id/reject * Rechazar requisición */ router.post('/:id/reject', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director'), async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const { reason } = req.body; if (!reason) { res.status(400).json({ error: 'Bad Request', message: 'reason is required' }); return; } const requisicion = await requisicionService.reject(getContext(req), req.params.id, reason); if (!requisicion) { res.status(404).json({ error: 'Not Found', message: 'Requisition not found' }); return; } res.status(200).json({ success: true, data: requisicion, message: 'Requisition rejected' }); } catch (error) { if (error instanceof Error) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } next(error); } }); /** * POST /requisiciones/:id/cancel * Cancelar requisición */ router.post('/:id/cancel', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer'), async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const requisicion = await requisicionService.cancel(getContext(req), req.params.id); if (!requisicion) { res.status(404).json({ error: 'Not Found', message: 'Requisition not found' }); return; } res.status(200).json({ success: true, data: requisicion, message: 'Requisition cancelled' }); } catch (error) { if (error instanceof Error) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } next(error); } }); /** * DELETE /requisiciones/:id * Eliminar requisición (soft delete) */ router.delete('/:id', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director'), async (req: Request, res: Response, next: NextFunction): Promise => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const deleted = await requisicionService.softDelete(getContext(req), req.params.id); if (!deleted) { res.status(404).json({ error: 'Not Found', message: 'Requisition not found' }); return; } res.status(200).json({ success: true, message: 'Requisition deleted' }); } catch (error) { if (error instanceof Error) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } next(error); } }); return router; } export default createRequisicionController;