add disabled option to user

apps/api/prisma/schema.prisma

@@ -245,6 +245,7 @@ model User {
   dateOfBirth           DateTime?            @db.Date
   phoneNumber           String?
   email                 String?
+  disabled              Boolean?
 
   @@map("UserModel")
 }

apps/api/src/auth/auth.service.ts

@@ -44,6 +44,11 @@ export class AuthService {
       }
       throw err;
     }
+
+    if (user.disabled) {
+      throw new ForbiddenException('Account Disabled');
+    }
+
     const isCorrectPassword = await this.cryptoService.comparePassword(credentials.password, user.hashedPassword);
     if (isCorrectPassword !== true) {
       throw new UnauthorizedException('Invalid Credentials');

apps/api/src/users/dto/create-user.dto.ts

@@ -45,6 +45,9 @@ export class CreateUserDto implements CreateUserData {
   @ApiProperty({ description: 'Date of Birth' })
   dateOfBirth?: Date;
 
+  @ApiProperty({ description: 'Disabled' })
+  disabled?: boolean;
+
   @ApiProperty({ description: 'Email' })
   email?: string;
 

apps/api/src/users/users.service.ts

@@ -54,6 +54,7 @@ export class UsersService {
     {
       basePermissionLevel,
       dateOfBirth,
+      disabled,
       email,
       firstName,
       groupIds,
@@ -84,6 +85,7 @@ export class UsersService {
         additionalPermissions: [],
         basePermissionLevel,
         dateOfBirth,
+        disabled,
         email,
         firstName,
         groups: {

apps/web/src/routes/_app/admin/users/create.tsx

@@ -112,6 +112,18 @@ const RouteComponent = () => {
                 },
                 variant: 'select'
               },
+              disabled: {
+                kind: 'boolean',
+                description: t({
+                  en: 'Use this option if the user is not intended to log in, for example, when the account is used solely to identify the author of uploaded data.',
+                  fr: 'Utilisez cette option si l’utilisateur n’a pas vocation à se connecter, par exemple lorsque le compte sert uniquement à identifier l’auteur de données téléversées.'
+                }),
+                label: t({
+                  en: 'Disabled',
+                  fr: 'Désactivé'
+                }),
+                variant: 'radio'
+              },
               groupIds: {
                 kind: 'dynamic',
                 deps: ['basePermissionLevel'],
@@ -161,6 +173,9 @@ const RouteComponent = () => {
             })
           }
         ]}
+        initialValues={{
+          disabled: false
+        }}
         validationSchema={$CreateUserData
           .omit({
             groupIds: true

apps/web/src/routes/_app/admin/users/index.tsx

@@ -24,6 +24,7 @@ import { PHONE_REGEX } from '@/utils/validation';
 type UpdateUserFormData = {
   additionalPermissions?: Partial<UserPermission>[];
   confirmPassword?: string | undefined;
+  disabled?: boolean;
   email?: string | undefined;
   groupIds: Set<string>;
   password?: string | undefined;
@@ -52,6 +53,7 @@ const UpdateUserForm: React.FC<{
       .object({
         additionalPermissions: z.array($UserPermission.partial()).optional(),
         confirmPassword: z.string().min(1).optional(),
+        disabled: z.boolean().optional(),
         email: z.union([z.literal(''), z.email()]).optional(),
         groupIds: z.set(z.string()),
         password: z.string().min(1).optional(),
@@ -240,6 +242,18 @@ const UpdateUserForm: React.FC<{
                   en: 'Permission',
                   fr: 'Autorisation'
                 })
+              },
+              disabled: {
+                description: t({
+                  en: 'Use this option if the user is not intended to log in, for example, when the account is used solely to identify the author of uploaded data.',
+                  fr: 'Utilisez cette option si l’utilisateur n’a pas vocation à se connecter, par exemple lorsque le compte sert uniquement à identifier l’auteur de données téléversées.'
+                }),
+                kind: 'boolean',
+                label: t({
+                  en: 'Disabled',
+                  fr: 'Désactivé'
+                }),
+                variant: 'radio'
               }
             },
             title: t({
@@ -263,7 +277,10 @@ const UpdateUserForm: React.FC<{
           }
         ]}
         data-testid="update-user-form"
-        initialValues={initialValues}
+        initialValues={{
+          ...initialValues,
+          disabled: initialValues?.disabled ?? false
+        }}
         key={JSON.stringify(initialValues)}
         submitBtnLabel={t('core.save')}
         validationSchema={$UpdateUserFormData}

packages/schemas/src/user/user.ts

@@ -12,6 +12,7 @@ export const $User = $BaseModel.extend({
   additionalPermissions: $Permissions,
   basePermissionLevel: $BasePermissionLevel.nullable(),
   dateOfBirth: z.coerce.date().nullish(),
+  disabled: z.boolean().nullish(),
   email: z.email().nullish(),
   firstName: z.string().min(1),
   groupIds: z.array(z.string()),
@@ -32,6 +33,7 @@ export const $CreateUserData = $User
   })
   .extend({
     dateOfBirth: z.coerce.date().optional(),
+    disabled: z.boolean().optional(),
     email: z.email().optional(),
     password: z.string().min(1),
     phoneNumber: z.string().optional(),