ElPoyo/EM2_ERP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement comprehensive Firebase Functions backend for equipment management and migrate core repository services

Browse Source
This commit is contained in:
ElPoyo
2026-05-26 15:35:48 +02:00
parent 323df01afe
commit ea1e1335e3
37 changed files with 6315 additions and 6140 deletions
Download Patch File Download Diff File Expand all files Collapse all files
em2rp/functions/utils/auth.js
+20 -20
View File
@@ -1,24 +1,24 @@
/**
* Utilitaires d'authentification et d'autorisation
*/
const admin = require('firebase-admin');
const logger = require('firebase-functions/logger');
const admin = require("firebase-admin");
const logger = require("firebase-functions/logger");
/**
* Vérifie le token Firebase et retourne l'utilisateur
*/
async function authenticateUser(req) {
if (!req.headers.authorization || !req.headers.authorization.startsWith('Bearer ')) {
throw new Error('Unauthorized: No token provided');
if (!req.headers.authorization || !req.headers.authorization.startsWith("Bearer ")) {
throw new Error("Unauthorized: No token provided");
}
const idToken = req.headers.authorization.split('Bearer ')[1];
const idToken = req.headers.authorization.split("Bearer ")[1];
try {
const decodedToken = await admin.auth().verifyIdToken(idToken);
return decodedToken;
} catch (e) {
logger.error("Error verifying Firebase ID token:", e);
throw new Error('Unauthorized: Invalid token');
throw new Error("Unauthorized: Invalid token");
}
}
@@ -26,11 +26,11 @@ async function authenticateUser(req) {
* Récupère les données utilisateur depuis Firestore
*/
async function getUserData(uid) {
const userDoc = await admin.firestore().collection('users').doc(uid).get();
const userDoc = await admin.firestore().collection("users").doc(uid).get();
if (!userDoc.exists) {
return null;
}
return { uid, ...userDoc.data() };
return {uid, ...userDoc.data()};
}
/**
@@ -40,7 +40,7 @@ async function getRolePermissions(roleRef) {
if (!roleRef) return [];
let roleId;
if (typeof roleRef === 'string') {
if (typeof roleRef === "string") {
roleId = roleRef;
} else if (roleRef.id) {
roleId = roleRef.id;
@@ -48,7 +48,7 @@ async function getRolePermissions(roleRef) {
return [];
}
const roleDoc = await admin.firestore().collection('roles').doc(roleId).get();
const roleDoc = await admin.firestore().collection("roles").doc(roleId).get();
if (!roleDoc.exists) return [];
return roleDoc.data().permissions || [];
@@ -74,7 +74,7 @@ async function isAdmin(uid) {
let roleId;
const roleField = userData.role;
if (typeof roleField === 'string') {
if (typeof roleField === "string") {
roleId = roleField;
} else if (roleField && roleField.id) {
roleId = roleField.id;
@@ -82,22 +82,22 @@ async function isAdmin(uid) {
return false;
}
return roleId === 'ADMIN';
return roleId === "ADMIN";
}
/**
* Vérifie si l'utilisateur est assigné à un événement
*/
async function isAssignedToEvent(uid, eventId) {
const eventDoc = await admin.firestore().collection('events').doc(eventId).get();
const eventDoc = await admin.firestore().collection("events").doc(eventId).get();
if (!eventDoc.exists) return false;
const eventData = eventDoc.data();
const workforce = eventData.workforce || [];
// workforce contient des références DocumentReference
return workforce.some(ref => {
if (typeof ref === 'string') return ref === uid;
return workforce.some((ref) => {
if (typeof ref === "string") return ref === uid;
if (ref && ref.id) return ref.id === uid;
return false;
});
@@ -113,7 +113,7 @@ async function authMiddleware(req, res, next) {
req.uid = decodedToken.uid;
next();
} catch (error) {
res.status(401).json({ error: error.message });
res.status(401).json({error: error.message});
}
}
@@ -125,12 +125,12 @@ function requirePermission(permission) {
try {
const hasAccess = await hasPermission(req.uid, permission);
if (!hasAccess) {
res.status(403).json({ error: `Forbidden: Requires permission '${permission}'` });
res.status(403).json({error: `Forbidden: Requires permission '${permission}'`});
return;
}
next();
} catch (error) {
res.status(403).json({ error: error.message });
res.status(403).json({error: error.message});
}
};
}
@@ -142,12 +142,12 @@ async function requireAdmin(req, res, next) {
try {
const adminAccess = await isAdmin(req.uid);
if (!adminAccess) {
res.status(403).json({ error: 'Forbidden: Admin access required' });
res.status(403).json({error: "Forbidden: Admin access required"});
return;
}
next();
} catch (error) {
res.status(403).json({ error: error.message });
res.status(403).json({error: error.message});
}
}