From bb60887a0d82c4ef31142643b1ad8bfa2b717649 Mon Sep 17 00:00:00 2001
From: Matthieu Haineault <matthieuh@targointernet.com>
Date: Fri, 31 Oct 2025 14:04:07 -0400
Subject: [PATCH] refactor(timesheet): used session data and removed email from
 query of the Get function

---
 docs/swagger/swagger-spec.json                | 12 ++--------
 .../controllers/timesheet.controller.ts       | 24 +++++++------------
 .../timesheet-get-overview.service.ts         | 10 ++++++--
 3 files changed, 18 insertions(+), 28 deletions(-)

diff --git a/docs/swagger/swagger-spec.json b/docs/swagger/swagger-spec.json
index ae43cd0..af88b3e 100644
--- a/docs/swagger/swagger-spec.json
+++ b/docs/swagger/swagger-spec.json
@@ -342,20 +342,12 @@
       "get": {
         "operationId": "TimesheetController_getTimesheetByIds",
         "parameters": [
-          {
-            "name": "employee_email",
-            "required": true,
-            "in": "query",
-            "schema": {
-              "type": "string"
-            }
-          },
           {
             "name": "year",
             "required": true,
             "in": "query",
             "schema": {
-              "type": "string"
+              "type": "number"
             }
           },
           {
@@ -363,7 +355,7 @@
             "required": true,
             "in": "query",
             "schema": {
-              "type": "string"
+              "type": "number"
             }
           }
         ],
diff --git a/src/time-and-attendance/modules/time-tracker/timesheets/controllers/timesheet.controller.ts b/src/time-and-attendance/modules/time-tracker/timesheets/controllers/timesheet.controller.ts
index 9ec6d6e..414930a 100644
--- a/src/time-and-attendance/modules/time-tracker/timesheets/controllers/timesheet.controller.ts
+++ b/src/time-and-attendance/modules/time-tracker/timesheets/controllers/timesheet.controller.ts
@@ -1,26 +1,18 @@
+import { Controller, Get, ParseIntPipe, Query, Req, UnauthorizedException} from "@nestjs/common";
 import { GetTimesheetsOverviewService } from "src/time-and-attendance/modules/time-tracker/timesheets/services/timesheet-get-overview.service";
-import { BadRequestException, Controller, Get, Query} from "@nestjs/common";
-import { EmailToIdResolver } from "src/time-and-attendance/modules/shared/utils/resolve-email-id.utils";
 
 @Controller('timesheets')
 export class TimesheetController {
-    constructor(
-        private readonly timesheetOverview: GetTimesheetsOverviewService,
-        private readonly emailResolver: EmailToIdResolver,
-    ){}
+    constructor( private readonly timesheetOverview: GetTimesheetsOverviewService ){}
 
     @Get()
     async getTimesheetByIds( 
-    @Query('employee_email') employee_email: string,
-    @Query('year')           year:           string,
-    @Query('period_number')  period_number:  string,
+    @Req() req,
+    @Query('year', ParseIntPipe)           year:           number,
+    @Query('period_number', ParseIntPipe)  period_number:  number,
     ) {
-        if (!employee_email || !year || !period_number) {
-            throw new BadRequestException('Query params "employee_email", "year" and eriod_number" are required.');
-        }
-        const employee_id = await this.emailResolver.findIdByEmail(employee_email);
-        const pay_year    = Number(year);
-        const period_num  = Number(period_number);
-        return this.timesheetOverview.getTimesheetsForEmployeeByPeriod(employee_id, pay_year, period_num);
+        const email = req.user?.email;
+        if(!email) throw new UnauthorizedException('Unauthorized User');
+        return this.timesheetOverview.getTimesheetsForEmployeeByPeriod(email, year, period_number);
     }
 }
diff --git a/src/time-and-attendance/modules/time-tracker/timesheets/services/timesheet-get-overview.service.ts b/src/time-and-attendance/modules/time-tracker/timesheets/services/timesheet-get-overview.service.ts
index e89d684..c6da872 100644
--- a/src/time-and-attendance/modules/time-tracker/timesheets/services/timesheet-get-overview.service.ts
+++ b/src/time-and-attendance/modules/time-tracker/timesheets/services/timesheet-get-overview.service.ts
@@ -3,19 +3,25 @@ import { NUMBER_OF_TIMESHEETS_TO_RETURN } from "src/time-and-attendance/utils/co
 import { Injectable, NotFoundException } from "@nestjs/common";
 import { TotalExpenses, TotalHours } from "src/time-and-attendance/utils/type.utils";
 import { PrismaService } from "src/prisma/prisma.service";
+import { EmailToIdResolver } from "src/time-and-attendance/modules/shared/utils/resolve-email-id.utils";
 
 @Injectable()
 export class GetTimesheetsOverviewService {
-    constructor(private readonly prisma: PrismaService) { }
+    constructor(
+        private readonly prisma: PrismaService,
+        private readonly emailResolver : EmailToIdResolver,
+    ) { }
 
     //-----------------------------------------------------------------------------------
     //                     GET TIMESHEETS FOR A SELECTED EMPLOYEE
     //-----------------------------------------------------------------------------------
-    async getTimesheetsForEmployeeByPeriod(employee_id: number, pay_year: number, pay_period_no: number) {
+    async getTimesheetsForEmployeeByPeriod(email: string, pay_year: number, pay_period_no: number) {
         //find period using year and period_no
         const period = await this.prisma.payPeriods.findFirst({ where: { pay_year, pay_period_no } });
         if (!period) throw new NotFoundException(`Pay period ${pay_year}-${pay_period_no} not found`);
 
+        //fetch the employee_id using the email
+        const employee_id = await this.emailResolver.findIdByEmail(email);
         //loads the timesheets related to the fetched pay-period
         const timesheet_range = { employee_id, start_date: { gte: period.period_start, lte: period.period_end } };
         let rows = await this.loadTimesheets(timesheet_range);