From 838189ae1f3c718935379dbf1d2d78e0f75df2ce Mon Sep 17 00:00:00 2001
From: Nicolas Drolet <nicolasd@targointernet.com>
Date: Wed, 3 Dec 2025 16:59:03 -0500
Subject: [PATCH] fix(employee) change dto so that module access is typesafe,
 modify update route to exclude session email

---
 docs/swagger/swagger-spec.json                         | 10 ++++++++++
 .../employees/controllers/employees.controller.ts      |  4 ++--
 .../employees/dtos/employee-detailed.dto.ts            |  2 +-
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/docs/swagger/swagger-spec.json b/docs/swagger/swagger-spec.json
index d3f50c3..981f20c 100644
--- a/docs/swagger/swagger-spec.json
+++ b/docs/swagger/swagger-spec.json
@@ -542,6 +542,16 @@
       "patch": {
         "operationId": "EmployeesController_updateEmployee",
         "parameters": [],
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/EmployeeDetailedDto"
+              }
+            }
+          }
+        },
         "responses": {
           "200": {
             "description": ""
diff --git a/src/identity-and-account/employees/controllers/employees.controller.ts b/src/identity-and-account/employees/controllers/employees.controller.ts
index dc88bac..ef11eb9 100644
--- a/src/identity-and-account/employees/controllers/employees.controller.ts
+++ b/src/identity-and-account/employees/controllers/employees.controller.ts
@@ -44,7 +44,7 @@ export class EmployeesController {
 
 	@Patch('update')
 	@ModuleAccessAllowed(ModulesEnum.employee_management)
-	async updateEmployee(@Access('email') email:string, dto:EmployeeDetailedDto, employee_email?: string){
-		return await this.updateService.updateEmployee(email, dto, employee_email);
+	async updateEmployee(@Body() dto:EmployeeDetailedDto){
+		return await this.updateService.updateEmployee(dto);
 	}
 }
diff --git a/src/identity-and-account/employees/dtos/employee-detailed.dto.ts b/src/identity-and-account/employees/dtos/employee-detailed.dto.ts
index 54cec6c..2384a96 100644
--- a/src/identity-and-account/employees/dtos/employee-detailed.dto.ts
+++ b/src/identity-and-account/employees/dtos/employee-detailed.dto.ts
@@ -15,5 +15,5 @@ export class EmployeeDetailedDto {
     @IsDateString() @IsOptional() last_work_day?: string;
     @IsString() @IsOptional() residence?: string;
     @IsInt() @IsPositive() @Type(() => Number) external_payroll_id: number;
-    @IsString() @IsArray() user_module_access: string[];
+    @IsArray() @IsString({ each: true }) user_module_access: string[];
 }