cpe-kmutt-student
diff --git a/‎README.md‎
Lines changed: 1 addition & 1 deletion b/‎README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎prisma/migrations/20260317045027_merge_payment_and_total_score/migration.sql‎
Lines changed: 32 additions & 0 deletions b/‎prisma/migrations/20260317045027_merge_payment_and_total_score/migration.sql‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎prisma/schema.prisma‎
Lines changed: 36 additions & 0 deletions b/‎prisma/schema.prisma‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎src/app.module.ts‎
Lines changed: 2 additions & 0 deletions b/‎src/app.module.ts‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/common/guards/announce-period.guard.ts‎
Lines changed: 1 addition & 1 deletion b/‎src/common/guards/announce-period.guard.ts‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/common/guards/application-pass.guard.ts‎
Lines changed: 46 additions & 0 deletions b/‎src/common/guards/application-pass.guard.ts‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎src/config/app.config.ts‎
Lines changed: 3 additions & 0 deletions b/‎src/config/app.config.ts‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎src/modules/application-confirmation/application-confirmation.controller.ts‎
Lines changed: 2 additions & 2 deletions b/‎src/modules/application-confirmation/application-confirmation.controller.ts‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/modules/application-payment-evidence/@types/VerifyBank.type.ts‎
Lines changed: 97 additions & 0 deletions b/‎src/modules/application-payment-evidence/@types/VerifyBank.type.ts‎
Lines changed: 97 additions & 0 deletions
diff --git a/‎src/modules/application-payment-evidence/application-payment-evidence.controller.ts‎
Lines changed: 29 additions & 0 deletions b/‎src/modules/application-payment-evidence/application-payment-evidence.controller.ts‎
Lines changed: 29 additions & 0 deletions
@@ -61,7 +61,7 @@
 </ul>
 
 <h3>DB-Diagram (Prototype)</h3>
-<iframe width="560" height="315" src='https://dbdiagram.io/e/69ae7fb9cf54053b6f3980fa/69ae7fffcf54053b6f398582'> </iframe>
+<iframe width="500" height="315" src='https://dbdiagram.io/e/69ae7fb9cf54053b6f3980fa/69ae7fffcf54053b6f398582'> </iframe>
 
 <h3>API Flow Design (Prototype)</h3>
 <a href="https://www.figma.com/board/ZO9E1iaCZasX5wwyK0D6g9/CC37-Backend-Routing-Flow?node-id=0-1&t=meCqyS4DR1seJfqG-1"><p>Open on Figma</p></a>
 
@@ -0,0 +1,32 @@
+-- CreateTable
+CREATE TABLE "ApplicationPaymentEvidence" (
+    "pe_id" TEXT NOT NULL,
+    "pe_transaction_ref" TEXT NOT NULL,
+    "pe_transaction_date" TIMESTAMP(3) NOT NULL,
+    "pe_transaction_expect_amount" DOUBLE PRECISION NOT NULL DEFAULT 500.00,
+    "pe_transaction_actual_amount" DOUBLE PRECISION NOT NULL,
+    "pe_json" TEXT NOT NULL,
+    "pe_sender_account_name" TEXT NOT NULL,
+    "pe_sender_account_number" TEXT NOT NULL,
+    "pe_sender_bank_id" TEXT NOT NULL,
+    "pe_sender_bank_name" TEXT NOT NULL,
+    "pe_reciever_account_name" TEXT NOT NULL,
+    "pe_reciever_account_number" TEXT NOT NULL,
+    "pe_reciever_bank_id" TEXT NOT NULL,
+    "pe_reciever_bank_name" TEXT NOT NULL,
+    "std_file_key" TEXT NOT NULL,
+    "std_application_id" TEXT NOT NULL,
+    "created_at" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "ApplicationPaymentEvidence_pkey" PRIMARY KEY ("pe_id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "ApplicationPaymentEvidence_std_file_key_key" ON "ApplicationPaymentEvidence"("std_file_key");
+
+-- AddForeignKey
+ALTER TABLE "ApplicationPaymentEvidence" ADD CONSTRAINT "ApplicationPaymentEvidence_std_file_key_fkey" FOREIGN KEY ("std_file_key") REFERENCES "ApplicationFile"("std_file_key") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "ApplicationPaymentEvidence" ADD CONSTRAINT "ApplicationPaymentEvidence_std_application_id_fkey" FOREIGN KEY ("std_application_id") REFERENCES "StudentApplication"("std_application_id") ON DELETE RESTRICT ON UPDATE CASCADE;
@@ -22,6 +22,38 @@ model ApplicationTotalScore {
   updated_at                              DateTime              @updatedAt
 }
 
+model ApplicationPaymentEvidence {
+  pe_id                                   String                @id @default(uuid())
+  pe_transaction_ref                      String
+  pe_transaction_date                     DateTime
+
+  pe_transaction_expect_amount                        Float                 @default(500.00)
+  pe_transaction_actual_amount                        Float
+
+  pe_json                                 String                @db.Text
+
+  pe_sender_account_name                  String                
+  pe_sender_account_number                String
+
+  pe_sender_bank_id                       String                
+  pe_sender_bank_name                     String
+
+  pe_reciever_account_name                String                
+  pe_reciever_account_number              String
+
+  pe_reciever_bank_id                     String                
+  pe_reciever_bank_name                   String
+
+  std_file_key                            String                @unique
+  std_file                                ApplicationFile       @relation(fields: [std_file_key], references: [std_file_key])
+  
+  std_application_id                      String               
+  std_application                         StudentApplication    @relation(fields: [std_application_id], references: [std_application_id])
+
+  created_at                              DateTime              @default(now())
+  updated_at                              DateTime              @updatedAt
+}
+
 model StaffEmailHistory {
   email_id                                String                @default(uuid()) @id
   
@@ -123,6 +155,8 @@ model ApplicationFile {
   std_file_size                           Int?
   std_file_key                            String                    @id
   std_file_type                           FileType
+
+  pe_payment_evidence                     ApplicationPaymentEvidence?
   
   std_file_disabled                       Boolean                   @default(false)
 
@@ -303,6 +337,8 @@ model StudentApplication {
   
   std_status                              ApplicationStatus?
 
+  pe_payment_evidence                     ApplicationPaymentEvidence[]
+
   created_at                              DateTime                  @default(now())
   updated_at                              DateTime                  @updatedAt
 }
 
@@ -20,6 +20,7 @@ import { auth } from "./lib/auth";
 import { ApplicationConfirmationModule } from "./modules/application-confirmation/application-confirmation.module";
 import { ApplicationFileModule } from "./modules/application-file/application-file.module";
 import { ApplicationInfoModule } from "./modules/application-info/application-info.module";
+import { ApplicationPaymentEvidenceModule } from "./modules/application-payment-evidence/application-payment-evidence.module";
 import { ApplicationQuestionModule } from "./modules/application-question/application-question.module";
 import { ApplicationStatusModule } from "./modules/application-status/application-status.module";
 import { ApplicationSubmitModule } from "./modules/application-submit/application-submit.module";
@@ -89,6 +90,7 @@ import { UtilModule } from "./modules/util/util.module";
 		StaffEmailModule,
 		StaffTotalScoreModule,
 		StaffLeaderboardModule,
+		ApplicationPaymentEvidenceModule,
 	],
 
 	controllers: [AppController],
 
@@ -7,7 +7,7 @@ import { config } from "src/config/app.config";
 import { PrismaService } from "src/core/prisma/prisma.service";
 
 @Injectable()
-export class AnnouncePeriodGuard implements CanActivate {
+export class AnnounceAndConfirmPeriodGuard implements CanActivate {
 	canActivate(context: ExecutionContext): boolean {
 		try {
 			if (config.resultAnnounceAndConfirmPeriod.bypass) {
 
@@ -0,0 +1,46 @@
+import { Type } from "@aws-sdk/client-s3";
+import { CanActivate, ExecutionContext, ForbiddenException, Injectable, InternalServerErrorException } from "@nestjs/common";
+import type { UserSession } from "@thallesp/nestjs-better-auth";
+import { Session } from "@thallesp/nestjs-better-auth";
+import { Observable, retry } from "rxjs";
+import { PrismaService } from "src/core/prisma/prisma.service";
+
+@Injectable()
+export class ApplicationPassGuard implements CanActivate {
+	constructor(private readonly prisma: PrismaService) {}
+
+	async canActivate(context: ExecutionContext): Promise<boolean> {
+		const request = context.switchToHttp().getRequest();
+		const session = request.session as UserSession;
+
+		try {
+			const studentApplication = await this.prisma.studentApplication.findMany({
+				where: {
+					std_user: {
+						id: session.user.id,
+					},
+				},
+			});
+
+			if (studentApplication.length > 0) {
+				throw "No application found linked with your account";
+			}
+
+			const filterPassApplication = studentApplication.filter((app) => app.std_application_result === "pass");
+
+			if (filterPassApplication.length <= 0) {
+				throw `Your Application in : ${studentApplication.map((app) => app.std_application_result).join(", ")} stage`;
+			}
+
+			const filterAllowConfirm = filterPassApplication.filter((app) => app.stf_application_allow_confirm === true);
+
+			if (filterAllowConfirm.length <= 0) {
+				throw `Please wait staff to allow you to confirm`;
+			}
+
+			return true;
+		} catch (e) {
+			throw new ForbiddenException(e);
+		}
+	}
+}
@@ -52,4 +52,7 @@ export const config = {
 			from: process.env.MAIL_FROM || "",
 		},
 	},
+	apis: {
+		slipKey: process.env.API_EASYSLIP_KEY,
+	},
 } as const;
@@ -1,7 +1,7 @@
 import { Body, Controller, Get, Param, Post, UseGuards } from "@nestjs/common";
 import { ApiBody, ApiOperation, ApiParam, ApiResponse, ApiTags } from "@nestjs/swagger";
 import { Session, type UserSession } from "@thallesp/nestjs-better-auth";
-import { AnnouncePeriodGuard } from "src/common/guards/announce-period.guard";
+import { AnnounceAndConfirmPeriodGuard } from "src/common/guards/announce-period.guard";
 import { RegisterPeriodGuard } from "src/common/guards/register-period.guard";
 import { ApplicationConfirmationService } from "./application-confirmation.service";
 import { ApplicationConfirmationDto } from "./dto/application-confirmation.dto";
@@ -60,7 +60,7 @@ export class ApplicationConfirmationController {
 	}
 
 	@Post("/")
-	@UseGuards(AnnouncePeriodGuard)
+	@UseGuards(AnnounceAndConfirmPeriodGuard)
 	@ApiOperation({
 		description: "Confirm or decline an application. Requires application to be passed and allowed to confirm.",
 	})
 
@@ -0,0 +1,97 @@
+// Request Types
+export interface VerifyBankRequest {
+	// One of the following is required
+	payload?: string; // QR payload (1-128 chars)
+	image?: File; // Image file (multipart/form-data)
+	base64?: string; // Base64 encoded image
+	url?: string; // URL to image (1-2048 chars)
+
+	// Optional parameters
+	remark?: string; // 1-255 chars
+	matchAccount?: boolean;
+	matchAmount?: number;
+	checkDuplicate?: boolean;
+}
+
+// Response Types
+export interface VerifyBankResponse {
+	success: true;
+	data: VerifyBankData;
+	message: string;
+}
+
+export interface VerifyBankData {
+	remark?: string;
+	isDuplicate: boolean;
+	matchedAccount: MatchedAccount | null;
+	amountInOrder?: number;
+	amountInSlip: number;
+	isAmountMatched?: boolean;
+	rawSlip: RawSlip;
+}
+
+export interface MatchedAccount {
+	bank: {
+		nameTh: string;
+		nameEn: string;
+		code: string;
+		shortCode: string;
+	};
+	nameTh: string;
+	nameEn: string;
+	type: "PERSONAL" | "JURISTIC";
+	bankNumber: string;
+}
+
+export interface RawSlip {
+	payload: string;
+	transRef: string;
+	date: string; // ISO 8601
+	countryCode: string;
+	amount: Amount;
+	fee: number;
+	ref1: string;
+	ref2: string;
+	ref3: string;
+	sender: Party;
+	receiver: Party & { merchantId?: string | null };
+}
+
+export interface Amount {
+	amount: number;
+	local: {
+		amount: number;
+		currency: string;
+	};
+}
+
+export interface Party {
+	bank: {
+		id: string;
+		name: string;
+		short: string;
+	};
+	account: {
+		name: {
+			th?: string;
+			en?: string;
+		};
+		bank?: {
+			type: "BANKAC" | "TOKEN" | "DUMMY";
+			account: string;
+		};
+		proxy?: {
+			type: "NATID" | "MSISDN" | "EWALLETID" | "EMAIL" | "BILLERID";
+			account: string;
+		};
+	};
+}
+
+// Error Response
+export interface ErrorResponse {
+	success: false;
+	error: {
+		code: string;
+		message: string;
+	};
+}
@@ -0,0 +1,29 @@
+import { Body, Controller, FileTypeValidator, MaxFileSizeValidator, ParseFilePipe, Post, UploadedFile, UseGuards, UseInterceptors } from "@nestjs/common";
+import { FileInterceptor } from "@nestjs/platform-express";
+import { Session, type UserSession } from "@thallesp/nestjs-better-auth";
+import { AnnounceAndConfirmPeriodGuard } from "src/common/guards/announce-period.guard";
+import { ApplicationPassGuard } from "src/common/guards/application-pass.guard";
+import { ApplicationPaymentEvidenceService } from "./application-payment-evidence.service";
+import { ApplicationPaymentEvidenceDto } from "./dto/application-payment-evidence.dto";
+
+@Controller("/api/application/payment-evidence")
+export class ApplicationPaymentEvidenceController {
+	constructor(private readonly applicationPaymentEvidenceService: ApplicationPaymentEvidenceService) {}
+
+	@Post("/upload")
+	// @UseGuards(AnnounceAndConfirmPeriodGuard)
+	// @UseGuards(ApplicationPassGuard)
+	@UseInterceptors(FileInterceptor("file"))
+	uploadEvidence(
+		@Session() session: UserSession,
+		@Body() applicationPaymentEvidenceDto: ApplicationPaymentEvidenceDto,
+		@UploadedFile(
+			new ParseFilePipe({
+				validators: [new MaxFileSizeValidator({ maxSize: 3 * 1024 * 1024 }), new FileTypeValidator({ fileType: "image/*" })],
+			}),
+		)
+		file: Express.Multer.File,
+	) {
+		return this.applicationPaymentEvidenceService.uploadEvidence(session.user.id, applicationPaymentEvidenceDto, file);
+	}
+}