feat(api): List + GetById usuarios — handlers, repo, endpoints [UDT-008]

2026-04-15 17:46:23 -03:00
parent 9dcd63543e
commit 2925336783
29 changed files with 1210 additions and 6 deletions
--- a/src/api/SIGCM2.Application/Usuarios/Deactivate/DeactivateUsuarioCommandHandler.cs
+++ b/src/api/SIGCM2.Application/Usuarios/Deactivate/DeactivateUsuarioCommandHandler.cs
@@ -0,0 +1,54 @@
+using SIGCM2.Application.Abstractions;
+using SIGCM2.Application.Abstractions.Persistence;
+using SIGCM2.Application.Common;
+using SIGCM2.Application.Usuarios.GetById;
+using SIGCM2.Domain.Exceptions;
+
+namespace SIGCM2.Application.Usuarios.Deactivate;
+
+public sealed class DeactivateUsuarioCommandHandler : ICommandHandler<DeactivateUsuarioCommand, UsuarioDetailDto>
+{
+    private readonly IUsuarioRepository _repository;
+    private readonly IRefreshTokenRepository _refreshTokenRepository;
+
+    public DeactivateUsuarioCommandHandler(
+        IUsuarioRepository repository,
+        IRefreshTokenRepository refreshTokenRepository)
+    {
+        _repository = repository;
+        _refreshTokenRepository = refreshTokenRepository;
+    }
+
+    public async Task<UsuarioDetailDto> Handle(DeactivateUsuarioCommand cmd)
+    {
+        var target = await _repository.GetByIdAsync(cmd.UsuarioId)
+            ?? throw new UsuarioNotFoundException(cmd.UsuarioId);
+
+        // Idempotent: already inactive → return as-is without touching FechaModificacion
+        if (!target.Activo)
+        {
+            return new UsuarioDetailDto(
+                target.Id, target.Username, target.Nombre, target.Apellido,
+                target.Email, target.Rol, target.Activo, target.MustChangePassword,
+                target.UltimoLogin, target.FechaModificacion);
+        }
+
+        // Guard: anti-lockout
+        if (target.Rol == "admin" && await _repository.CountActiveAdminsAsync() <= 1)
+            throw new LastAdminLockoutException();
+
+        var fields = new UpdateUsuarioFields(target.Nombre, target.Apellido, target.Email, target.Rol, false);
+        var now = DateTime.UtcNow;
+        await _repository.UpdateAsync(cmd.UsuarioId, fields, now);
+        await _refreshTokenRepository.RevokeAllActiveForUserAsync(cmd.UsuarioId, now);
+
+        // TODO: audit — defer to ADM-004
+        var updated = await _repository.GetDetailAsync(cmd.UsuarioId)
+            ?? throw new UsuarioNotFoundException(cmd.UsuarioId);
+
+        return new UsuarioDetailDto(
+            updated.Id, updated.Username, updated.Nombre, updated.Apellido,
+            updated.Email, updated.Rol, updated.Activo, updated.MustChangePassword,
+            updated.UltimoLogin, updated.FechaModificacion);
+    }
+}