refactor(api): move /api/memberships/me/disable route

EmmanuelleBonnemay · web-flow · commit 083ab0863547 · 2025-03-03T09:23:29.000Z
to src/team
diff --git a/api/lib/application/memberships/index.js b/api/lib/application/memberships/index.js
@@ -3,37 +3,9 @@ import Joi from 'joi';
 import { securityPreHandlers } from '../../../src/shared/application/security-pre-handlers.js';
 import { identifiersType } from '../../../src/shared/domain/types/identifiers-type.js';
 import { membershipController } from '../../../src/team/application/membership/membership.controller.js';
-import { membershipController as libMembershipController } from './membership-controller.js';
 
 const register = async function (server) {
   server.route([
-    {
-      method: 'POST',
-      path: '/api/memberships/me/disable',
-      config: {
-        pre: [
-          {
-            method: securityPreHandlers.checkUserIsAdminInOrganization,
-            assign: 'isAdminInOrganization',
-          },
-          {
-            method: securityPreHandlers.checkUserCanDisableHisOrganizationMembership,
-            assign: 'canDisableHisOrganizationMembership',
-          },
-        ],
-        validate: {
-          payload: Joi.object({
-            organizationId: identifiersType.organizationId,
-          }),
-        },
-        handler: libMembershipController.disableOwnOrganizationMembership,
-        tags: ['api'],
-        notes: [
-          "- **Cette route est restreinte aux utilisateurs authentifiés en tant qu'administrateur de l'organisation\n" +
-            "- Elle permet de se retirer d'une organisation",
-        ],
-      },
-    },
     {
       method: 'POST',
       path: '/api/memberships/{id}/disable',
diff --git a/api/src/team/application/membership/membership.route.js b/api/src/team/application/membership/membership.route.js
@@ -35,6 +35,33 @@ export const membershipRoutes = [
       tags: ['api', 'team', 'memberships'],
     },
   },
+  {
+    method: 'POST',
+    path: '/api/memberships/me/disable',
+    config: {
+      pre: [
+        {
+          method: securityPreHandlers.checkUserIsAdminInOrganization,
+          assign: 'isAdminInOrganization',
+        },
+        {
+          method: securityPreHandlers.checkUserCanDisableHisOrganizationMembership,
+          assign: 'canDisableHisOrganizationMembership',
+        },
+      ],
+      validate: {
+        payload: Joi.object({
+          organizationId: identifiersType.organizationId,
+        }),
+      },
+      handler: (request, h) => membershipController.disableOwnOrganizationMembership(request, h),
+      tags: ['api'],
+      notes: [
+        "- **Cette route est restreinte aux utilisateurs authentifiés en tant qu'administrateur de l'organisation\n" +
+          "- Elle permet de se retirer d'une organisation",
+      ],
+    },
+  },
   {
     method: 'GET',
     path: '/api/organizations/{id}/memberships',
diff --git a/api/tests/team/acceptance/application/membership/membership.route.test.js b/api/tests/team/acceptance/application/membership/membership.route.test.js
@@ -278,4 +278,41 @@ describe('Acceptance | Team | Application | Route | membership', function () {
       });
     });
   });
+
+  describe('POST /api/memberships/me/disable', function () {
+    context('when user is one of the admins of the organization', function () {
+      it('disables user membership and returns a 204', async function () {
+        // given
+        const organizationId = databaseBuilder.factory.buildOrganization().id;
+        const organizationAdminUserId = databaseBuilder.factory.buildUser().id;
+        databaseBuilder.factory.buildMembership({
+          userId: organizationAdminUserId,
+          organizationId,
+          organizationRole: Membership.roles.ADMIN,
+        });
+        databaseBuilder.factory.buildMembership({
+          userId: databaseBuilder.factory.buildUser().id,
+          organizationId,
+          organizationRole: Membership.roles.ADMIN,
+        });
+
+        await databaseBuilder.commit();
+
+        const options = {
+          method: 'POST',
+          url: '/api/memberships/me/disable',
+          payload: {
+            organizationId,
+          },
+          headers: generateAuthenticatedUserRequestHeaders({ userId: organizationAdminUserId }),
+        };
+
+        // when
+        const response = await server.inject(options);
+
+        // then
+        expect(response.statusCode).to.equal(204);
+      });
+    });
+  });
 });
