chore(api): add memberIdOrLfid support in param and user validation endpoints

- Add endpoints for detected identities, work history status, and user validation (identity/org) supporting both memberId and LFID
- Implement memberIdOrLfid middleware for flexible ID resolution
- Update permissions and roles for new endpoints and external service access
- Add audit logging for user validation actions
- Refactor and extend data-access-layer for new validation and activity count logic
- Add migrations for memberUserValidations table

Author: skwowet

backend/src/api/member/identity/index.ts

@@ -1,4 +1,5 @@
 import { safeWrap } from '@/middlewares/errorMiddleware'
+import { memberIdOrLfidMiddleware } from '@/middlewares/memberIdOrLfidMiddleware'
 
 export default (app) => {
   // Member Identity List
@@ -15,4 +16,8 @@ export default (app) => {
 
   // Member Identity Delete
   app.delete(`/member/:memberId/identity/:id`, safeWrap(require('./memberIdentityDelete').default))
+
+  app.get(`/member/:memberIdOrLfid/detected-identity`, memberIdOrLfidMiddleware, safeWrap(require('./memberIdentityDetectedList').default))
+
+  app.post(`/member/:memberIdOrLfid/user-validation`, memberIdOrLfidMiddleware, safeWrap(require('./memberIdentityUserValidation').default))
 }

backend/src/api/member/identity/memberIdentityCreate.ts

@@ -17,7 +17,7 @@ import PermissionChecker from '../../../services/user/permissionChecker'
  * @response 429 - Too many requests
  */
 export default async (req, res) => {
-  new PermissionChecker(req).validateHas(Permissions.values.memberEdit)
+  new PermissionChecker(req).validateHas(Permissions.values.memberIdentityCreate)
 
   const memberIdentityService = new MemberIdentityService(req)
 

backend/src/api/member/identity/memberIdentityCreateMultiple.ts

@@ -17,7 +17,7 @@ import PermissionChecker from '../../../services/user/permissionChecker'
  * @response 429 - Too many requests
  */
 export default async (req, res) => {
-  new PermissionChecker(req).validateHas(Permissions.values.memberEdit)
+  new PermissionChecker(req).validateHas(Permissions.values.memberIdentityCreate)
 
   const memberIdentityService = new MemberIdentityService(req)
 

backend/src/api/member/identity/memberIdentityDelete.ts

@@ -18,7 +18,7 @@ import PermissionChecker from '../../../services/user/permissionChecker'
  * @response 429 - Too many requests
  */
 export default async (req, res) => {
-  new PermissionChecker(req).validateHas(Permissions.values.memberEdit)
+  new PermissionChecker(req).validateHas(Permissions.values.memberIdentityDestroy)
 
   const memberIdentityService = new MemberIdentityService(req)
 

backend/src/api/member/identity/memberIdentityDetectedList.ts

@@ -0,0 +1,28 @@
+import MemberIdentityService from '@/services/member/memberIdentityService'
+
+import Permissions from '../../../security/permissions'
+import PermissionChecker from '../../../services/user/permissionChecker'
+
+/**
+ * GET /member/:memberIdOrLfid/detected-identity
+ * @summary Query detected identities for a given LFID or memberID
+ * @tag Members
+ * @security Bearer
+ * @description Query detected identities for a given LFID or memberID
+ * @pathParam {string} memberIdOrLfid - member ID or LFID
+ * @response 200 - Ok
+ * @responseContent {MemberList} 200.application/json
+ * @responseExample {MemberList} 200.application/json.Member
+ * @response 401 - Unauthorized
+ * @response 404 - Not found
+ * @response 429 - Too many requests
+ */
+export default async (req, res) => {
+  new PermissionChecker(req).validateHas(Permissions.values.memberIdentityRead)
+
+  const memberIdentityService = new MemberIdentityService(req)
+
+  const payload = await memberIdentityService.detectedList(req.memberId)
+
+  await req.responseHandler.success(req, res, payload)
+}

backend/src/api/member/identity/memberIdentityList.ts

@@ -18,7 +18,7 @@ import PermissionChecker from '../../../services/user/permissionChecker'
  * @response 429 - Too many requests
  */
 export default async (req, res) => {
-  new PermissionChecker(req).validateHas(Permissions.values.memberRead)
+  new PermissionChecker(req).validateHas(Permissions.values.memberIdentityRead)
 
   const memberIdentityService = new MemberIdentityService(req)
 

backend/src/api/member/identity/memberIdentityUpdate.ts

@@ -18,7 +18,7 @@ import PermissionChecker from '../../../services/user/permissionChecker'
  * @response 429 - Too many requests
  */
 export default async (req, res) => {
-  new PermissionChecker(req).validateHas(Permissions.values.memberEdit)
+  new PermissionChecker(req).validateHas(Permissions.values.memberIdentityEdit)
 
   const memberIdentityService = new MemberIdentityService(req)
 

backend/src/api/member/identity/memberIdentityUserValidation.ts

@@ -0,0 +1,27 @@
+import MemberIdentityService from '@/services/member/memberIdentityService'
+
+import Permissions from '../../../security/permissions'
+import PermissionChecker from '../../../services/user/permissionChecker'
+
+/**
+ * POST /member/:memberIdOrLfid/user-validation
+ * @summary Create user validation for member identity
+ * @tag Members
+ * @security Bearer
+ * @description Creates user validation when identity is accepted or rejected.
+ * @pathParam {string} memberIdOrLfid - member ID or LFID
+ * @response 200 - Ok
+ * @responseContent {MemberList} 200.application/json
+ * @responseExample {MemberList} 200.application/json.MemberIdentity
+ * @response 401 - Unauthorized
+ * @response 429 - Too many requests
+ */
+export default async (req, res) => {
+  new PermissionChecker(req).validateHas(Permissions.values.memberUserValidationCreate)
+
+  const memberIdentityService = new MemberIdentityService(req)
+
+  const payload = await memberIdentityService.userValidation(req.memberId, req.body)
+
+  await req.responseHandler.success(req, res, payload)
+}

backend/src/api/member/organization/index.ts

@@ -1,8 +1,13 @@
 import { safeWrap } from '@/middlewares/errorMiddleware'
+import { memberIdOrLfidMiddleware } from '@/middlewares/memberIdOrLfidMiddleware'
 
 export default (app) => {
   // Member Organiaztion List
-  app.get(`/member/:memberId/organization`, safeWrap(require('./memberOrganizationList').default))
+  app.get(
+    `/member/:memberIdOrLfid/organization`,
+    memberIdOrLfidMiddleware,
+    safeWrap(require('./memberOrganizationList').default),
+  )
 
   // Member Organiaztion Create
   app.post(
@@ -21,4 +26,16 @@ export default (app) => {
     `/member/:memberId/organization/:id`,
     safeWrap(require('./memberOrganizationDelete').default),
   )
+
+  app.get(
+    `/member/:memberIdOrLfid/organization/status`,
+    memberIdOrLfidMiddleware,
+    safeWrap(require('./memberOrganizationStatus').default),
+  )
+
+  app.post(
+    `/member/:memberIdOrLfid/organization/user-validation`,
+    memberIdOrLfidMiddleware,
+    safeWrap(require('./memberOrganizationUserValidation').default),
+  )
 }

backend/src/api/member/organization/memberOrganizationCreate.ts

@@ -16,7 +16,7 @@ import PermissionChecker from '../../../services/user/permissionChecker'
  * @response 429 - Too many requests
  */
 export default async (req, res) => {
-  new PermissionChecker(req).validateHas(Permissions.values.memberEdit)
+  new PermissionChecker(req).validateHas(Permissions.values.memberOrganizationCreate)
 
   const memberOrganizationsService = new MemberOrganizationsService(req)