[TECH] Migration de la route POST api/membership/me/disable (PIX-16733)

pix-service-auto-merge · web-flow · commit 91cf2fb90fb9 · 2025-03-03T10:30:06.000+01:00
#11528
diff --git a/api/lib/application/memberships/index.js b/api/lib/application/memberships/index.js
@@ -3,37 +3,9 @@ import Joi from 'joi';
 import { securityPreHandlers } from '../../../src/shared/application/security-pre-handlers.js';
 import { identifiersType } from '../../../src/shared/domain/types/identifiers-type.js';
 import { membershipController } from '../../../src/team/application/membership/membership.controller.js';
-import { membershipController as libMembershipController } from './membership-controller.js';
 
 const register = async function (server) {
   server.route([
-    {
-      method: 'POST',
-      path: '/api/memberships/me/disable',
-      config: {
-        pre: [
-          {
-            method: securityPreHandlers.checkUserIsAdminInOrganization,
-            assign: 'isAdminInOrganization',
-          },
-          {
-            method: securityPreHandlers.checkUserCanDisableHisOrganizationMembership,
-            assign: 'canDisableHisOrganizationMembership',
-          },
-        ],
-        validate: {
-          payload: Joi.object({
-            organizationId: identifiersType.organizationId,
-          }),
-        },
-        handler: libMembershipController.disableOwnOrganizationMembership,
-        tags: ['api'],
-        notes: [
-          "- **Cette route est restreinte aux utilisateurs authentifiés en tant qu'administrateur de l'organisation\n" +
-            "- Elle permet de se retirer d'une organisation",
-        ],
-      },
-    },
     {
       method: 'POST',
       path: '/api/memberships/{id}/disable',
diff --git a/api/lib/application/memberships/membership-controller.js b/api/lib/application/memberships/membership-controller.js
diff --git a/api/src/team/application/membership/membership.controller.js b/api/src/team/application/membership/membership.controller.js
@@ -21,6 +21,15 @@ const disable = async function (request, h) {
   return h.response().code(204);
 };
 
+const disableOwnOrganizationMembership = async function (request, h) {
+  const organizationId = request.payload.organizationId;
+  const userId = requestResponseUtils.extractUserIdFromRequest(request);
+
+  await usecases.disableOwnOrganizationMembership({ organizationId, userId });
+
+  return h.response().code(204);
+};
+
 const update = async function (request, h, dependencies = { requestResponseUtils, membershipSerializer }) {
   const membershipId = request.params.id;
   const userId = dependencies.requestResponseUtils.extractUserIdFromRequest(request);
@@ -50,6 +59,12 @@ const findPaginatedFilteredMemberships = async function (request) {
   return membershipSerializer.serialize(memberships, pagination);
 };
 
-const membershipController = { create, disable, findPaginatedFilteredMemberships, update };
+const membershipController = {
+  create,
+  disable,
+  disableOwnOrganizationMembership,
+  findPaginatedFilteredMemberships,
+  update,
+};
 
 export { membershipController };
diff --git a/api/src/team/application/membership/membership.route.js b/api/src/team/application/membership/membership.route.js
@@ -35,6 +35,33 @@ export const membershipRoutes = [
       tags: ['api', 'team', 'memberships'],
     },
   },
+  {
+    method: 'POST',
+    path: '/api/memberships/me/disable',
+    config: {
+      pre: [
+        {
+          method: securityPreHandlers.checkUserIsAdminInOrganization,
+          assign: 'isAdminInOrganization',
+        },
+        {
+          method: securityPreHandlers.checkUserCanDisableHisOrganizationMembership,
+          assign: 'canDisableHisOrganizationMembership',
+        },
+      ],
+      validate: {
+        payload: Joi.object({
+          organizationId: identifiersType.organizationId,
+        }),
+      },
+      handler: (request, h) => membershipController.disableOwnOrganizationMembership(request, h),
+      tags: ['api'],
+      notes: [
+        "- **Cette route est restreinte aux utilisateurs authentifiés en tant qu'administrateur de l'organisation\n" +
+          "- Elle permet de se retirer d'une organisation",
+      ],
+    },
+  },
   {
     method: 'GET',
     path: '/api/organizations/{id}/memberships',
diff --git a/api/src/team/domain/usecases/disable-own-organization-membership.usecase.js b/api/src/team/domain/usecases/disable-own-organization-membership.usecase.js
diff --git a/api/tests/acceptance/application/memberships/membership-controller_test.js b/api/tests/acceptance/application/memberships/membership-controller_test.js
@@ -96,41 +96,4 @@ describe('Acceptance | Controller | membership-controller', function () {
       });
     });
   });
-
-  describe('POST /api/memberships/me/disable', function () {
-    context('when user is one of the admins of the organization', function () {
-      it('disables user membership and returns a 204', async function () {
-        // given
-        const organizationId = databaseBuilder.factory.buildOrganization().id;
-        const organizationAdminUserId = databaseBuilder.factory.buildUser().id;
-        databaseBuilder.factory.buildMembership({
-          userId: organizationAdminUserId,
-          organizationId,
-          organizationRole: Membership.roles.ADMIN,
-        });
-        databaseBuilder.factory.buildMembership({
-          userId: databaseBuilder.factory.buildUser().id,
-          organizationId,
-          organizationRole: Membership.roles.ADMIN,
-        });
-
-        await databaseBuilder.commit();
-
-        const options = {
-          method: 'POST',
-          url: '/api/memberships/me/disable',
-          payload: {
-            organizationId,
-          },
-          headers: generateAuthenticatedUserRequestHeaders({ userId: organizationAdminUserId }),
-        };
-
-        // when
-        const response = await server.inject(options);
-
-        // then
-        expect(response.statusCode).to.equal(204);
-      });
-    });
-  });
 });
diff --git a/api/tests/team/acceptance/application/membership/membership.route.test.js b/api/tests/team/acceptance/application/membership/membership.route.test.js
@@ -278,4 +278,41 @@ describe('Acceptance | Team | Application | Route | membership', function () {
       });
     });
   });
+
+  describe('POST /api/memberships/me/disable', function () {
+    context('when user is one of the admins of the organization', function () {
+      it('disables user membership and returns a 204', async function () {
+        // given
+        const organizationId = databaseBuilder.factory.buildOrganization().id;
+        const organizationAdminUserId = databaseBuilder.factory.buildUser().id;
+        databaseBuilder.factory.buildMembership({
+          userId: organizationAdminUserId,
+          organizationId,
+          organizationRole: Membership.roles.ADMIN,
+        });
+        databaseBuilder.factory.buildMembership({
+          userId: databaseBuilder.factory.buildUser().id,
+          organizationId,
+          organizationRole: Membership.roles.ADMIN,
+        });
+
+        await databaseBuilder.commit();
+
+        const options = {
+          method: 'POST',
+          url: '/api/memberships/me/disable',
+          payload: {
+            organizationId,
+          },
+          headers: generateAuthenticatedUserRequestHeaders({ userId: organizationAdminUserId }),
+        };
+
+        // when
+        const response = await server.inject(options);
+
+        // then
+        expect(response.statusCode).to.equal(204);
+      });
+    });
+  });
 });
diff --git a/api/tests/team/integration/domain/usecases/disable-own-organization-membership.usecase.test.js b/api/tests/team/integration/domain/usecases/disable-own-organization-membership.usecase.test.js
@@ -0,0 +1,50 @@
+import { usecases } from '../../../../../src/team/domain/usecases/index.js';
+import * as membershipRepository from '../../../../../src/team/infrastructure/repositories/membership.repository.js';
+import { databaseBuilder, expect, knex, sinon } from '../../../../test-helper.js';
+
+describe('Integration | Team | Domain | UseCase | disable-own-membership', function () {
+  let clock;
+
+  beforeEach(function () {
+    clock = sinon.useFakeTimers({ now: new Date('2023-08-01T11:15:00Z'), toFake: ['Date'] });
+  });
+
+  afterEach(function () {
+    clock.restore();
+  });
+
+  context('success', function () {
+    it('disables membership', async function () {
+      // given
+      const userId = databaseBuilder.factory.buildUser().id;
+
+      const organizationId1 = databaseBuilder.factory.buildOrganization().id;
+      databaseBuilder.factory.buildMembership({
+        organizationId: organizationId1,
+        userId,
+        disabledAt: null,
+      });
+
+      const organizationId2 = databaseBuilder.factory.buildOrganization().id;
+      databaseBuilder.factory.buildMembership({
+        organizationId: organizationId2,
+        userId,
+        disabledAt: null,
+      });
+
+      await databaseBuilder.commit();
+
+      // when
+      await usecases.disableOwnOrganizationMembership({
+        organizationId: organizationId1,
+        userId,
+        membershipRepository: membershipRepository,
+      });
+
+      // then
+      const userMemberships = await knex('memberships').where('userId', userId).whereNull('disabledAt');
+      expect(userMemberships).to.have.length(1);
+      expect(userMemberships[0].organizationId).to.equal(organizationId2);
+    });
+  });
+});
diff --git a/api/tests/unit/domain/usecases/disable-own-organization-membership_test.js b/api/tests/unit/domain/usecases/disable-own-organization-membership_test.js
