Baditsa/ministry admin update fix (#867)

* Add required and validated attributes

* Tech admin can edit admin until the status is Accepted

* AccountStatus was added to mapping

OutOfSchool/OutOfSchool.Common/Models/CreateMinistryAdminDto.cs

@@ -29,6 +29,7 @@ public class CreateMinistryAdminDto
     [DataType(DataType.DateTime)]
     public DateTimeOffset CreatingTime { get; set; }
 
+    [Required(ErrorMessage = "InstitutionId is required")]
     public Guid InstitutionId { get; set; }
 
     public string UserId { get; set; }

OutOfSchool/OutOfSchool.WebApi/Controllers/V1/MinistryAdminController.cs

@@ -3,7 +3,9 @@
 using Microsoft.AspNetCore.Mvc.Filters;
 
 using OutOfSchool.Common.Models;
+using OutOfSchool.Services.Enums;
 using OutOfSchool.WebApi.Common;
+using OutOfSchool.WebApi.Enums;
 using OutOfSchool.WebApi.Models;
 
 namespace OutOfSchool.WebApi.Controllers;
@@ -174,7 +176,19 @@ public async Task<ActionResult> Update(MinistryAdminDto ministryAdminDto)
 
         if (userId != ministryAdminDto.Id)
         {
-            return StatusCode(403, "Forbidden to update another user.");
+            var currentUserRole = GettingUserProperties.GetUserRole(User);
+            if (currentUserRole == nameof(Role.TechAdmin).ToLower())
+            {
+                var updatedMinistryAdmin = await ministryAdminService.GetByIdAsync(ministryAdminDto.Id);
+                if (updatedMinistryAdmin.AccountStatus == AccountStatus.Accepted)
+                {
+                    return StatusCode(403, "Forbidden to update accepted user.");
+                }
+            }
+            else
+            {
+                return StatusCode(403, "Forbidden to update another user if you haven't techadmin role.");
+            }
         }
 
         return Ok(await ministryAdminService.Update(ministryAdminDto).ConfigureAwait(false));

OutOfSchool/OutOfSchool.WebApi/Models/MinistryAdminDto.cs

@@ -6,6 +6,7 @@ namespace OutOfSchool.WebApi.Models;
 
 public class MinistryAdminDto : BaseUserDto
 {
+    [EnumDataType(typeof(AccountStatus), ErrorMessage = Constants.EnumErrorMessage)]
     public AccountStatus AccountStatus { get; set; }
 
     public Guid InstitutionId { get; set; }

OutOfSchool/OutOfSchool.WebApi/Util/MappingProfile.cs

@@ -2,6 +2,7 @@
 using OutOfSchool.Common.Enums;
 using OutOfSchool.Common.Models;
 using OutOfSchool.Services.Enums;
+using OutOfSchool.WebApi.Enums;
 using OutOfSchool.WebApi.Models;
 using OutOfSchool.WebApi.Models.Achievement;
 using OutOfSchool.WebApi.Models.BlockedProviderParent;
@@ -381,7 +382,14 @@ public MappingProfile()
             .ForMember(dest => dest.MiddleName, opt => opt.MapFrom(src => src.User.MiddleName))
             .ForMember(dest => dest.PhoneNumber, opt => opt.MapFrom(src => src.User.PhoneNumber))
             .ForMember(dest => dest.Email, opt => opt.MapFrom(src => src.User.Email))
-            .ForMember(dest => dest.AccountStatus, m => m.Ignore());
+            .ForMember(
+                dest => dest.AccountStatus,
+                opt => opt.MapFrom(src =>
+                    src.User.IsBlocked
+                        ? AccountStatus.Blocked
+                        : src.User.LastLogin == DateTimeOffset.MinValue
+                            ? AccountStatus.NeverLogged
+                            : AccountStatus.Accepted));
 
         CreateMap<ProviderChangesLogRequest, ChangesLogFilter>()
             .ForMember(dest => dest.EntityType, opt => opt.Ignore())