From 6e8578c3d71d14fec35b41ee20755735ea48ef37 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Salazar?=
 <73718835+joshrs23@users.noreply.github.com>
Date: Thu, 22 Jan 2026 16:04:10 -0500
Subject: [PATCH] validation userrole

---
 .../auth_repository_impl.dart                 | 94 +++++++------------
 1 file changed, 35 insertions(+), 59 deletions(-)

diff --git a/apps/mobile/packages/features/client/authentication/lib/src/data/repositories_impl/auth_repository_impl.dart b/apps/mobile/packages/features/client/authentication/lib/src/data/repositories_impl/auth_repository_impl.dart
index 0c2ebf11..ede79873 100644
--- a/apps/mobile/packages/features/client/authentication/lib/src/data/repositories_impl/auth_repository_impl.dart
+++ b/apps/mobile/packages/features/client/authentication/lib/src/data/repositories_impl/auth_repository_impl.dart
@@ -1,5 +1,5 @@
-import 'package:firebase_auth/firebase_auth.dart';
-import 'package:krow_data_connect/krow_data_connect.dart';
+import 'package:firebase_auth/firebase_auth.dart' as firebase;
+import 'package:krow_data_connect/krow_data_connect.dart' as dc;
 import 'package:krow_domain/krow_domain.dart' as domain;
 import '../../domain/repositories/auth_repository_interface.dart';
 
@@ -8,15 +8,15 @@ import '../../domain/repositories/auth_repository_interface.dart';
 /// This implementation integrates with Firebase Authentication for user
 /// identity management and Krow's Data Connect SDK for storing user profile data.
 class AuthRepositoryImpl implements AuthRepositoryInterface {
-  final FirebaseAuth _firebaseAuth;
-  final ExampleConnector _dataConnect;
+  final firebase.FirebaseAuth _firebaseAuth;
+  final dc.ExampleConnector _dataConnect;
 
   /// Creates an [AuthRepositoryImpl] with the real dependencies.
   AuthRepositoryImpl({
-    required FirebaseAuth firebaseAuth,
-    required ExampleConnector dataConnect,
-  }) : _firebaseAuth = firebaseAuth,
-       _dataConnect = dataConnect;
+    required firebase.FirebaseAuth firebaseAuth,
+    required dc.ExampleConnector dataConnect,
+  })  : _firebaseAuth = firebaseAuth,
+        _dataConnect = dataConnect;
 
   @override
   Future<domain.User> signInWithEmail({
@@ -34,38 +34,19 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
         throw Exception('Sign-in failed, no Firebase user received.');
       }
 
-      final response = await _dataConnect.getUserById(
-        id: firebaseUser.uid,
-      ).execute();
-      final user = response.data?.user;
-      if (user == null) {
-        await _firebaseAuth.signOut();
-        throw Exception('Authenticated user profile not found in database.');
-      }
-      if (user.userRole != 'BUSINESS') {
-        await _firebaseAuth.signOut();
-        throw Exception('User is not authorized for this app.');
-      }
-
-      final resolvedEmail = user.email ?? firebaseUser.email ?? email;
-      if (resolvedEmail.isEmpty) {
-        throw Exception('User email is missing in profile data.');
-      }
-
-      return domain.User(
-        id: user.id,
-        email: resolvedEmail,
-        role: user.role.stringValue,
+      return _getUserProfile(
+        firebaseUserId: firebaseUser.uid,
+        fallbackEmail: firebaseUser.email ?? email,
       );
 
+      //TO-DO: validate that user is business role and has business account
+
     } on firebase.FirebaseAuthException catch (e) {
       if (e.code == 'invalid-credential' || e.code == 'wrong-password') {
         throw Exception('Incorrect email or password.');
       } else {
         throw Exception('Authentication error: ${e.message}');
       }
-    } on Exception catch (e) {
-      throw e;
     } catch (e) {
       throw Exception('Failed to sign in and fetch user data: ${e.toString()}');
     }
@@ -91,25 +72,23 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
       // Client-specific business logic:
       // 1. Create a `Business` entity.
       // 2. Create a `User` entity associated with the business.
-      final createBusinessResponse = await _dataConnect
-          .createBusiness(
-            businessName: companyName,
-            userId: firebaseUser.uid,
-            rateGroup: BusinessRateGroup.STANDARD,
-            status: BusinessStatus.PENDING,
-          )
-          .execute();
+      final createBusinessResponse = await _dataConnect.createBusiness(
+        businessName: companyName,
+        userId: firebaseUser.uid,
+        rateGroup: dc.BusinessRateGroup.STANDARD,
+        status: dc.BusinessStatus.PENDING,
+      ).execute();
 
       final businessData = createBusinessResponse.data?.business_insert;
       if (businessData == null) {
         await firebaseUser.delete(); // Rollback if business creation fails
-        throw Exception(
-          'Business creation failed after Firebase user registration.',
-        );
+        throw Exception('Business creation failed after Firebase user registration.');
       }
 
-      final createUserResponse = await _dataConnect
-          .createUser(id: firebaseUser.uid, role: UserBaseRole.USER)
+      final createUserResponse = await _dataConnect.createUser(
+        id: firebaseUser.uid,
+        role: dc.UserBaseRole.USER,
+      )
           .email(email)
           .userRole('BUSINESS')
           .execute();
@@ -118,16 +97,15 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
       if (newUserData == null) {
         await firebaseUser.delete(); // Rollback if user profile creation fails
         // TO-DO: Also delete the created Business if this fails
-        throw Exception(
-          'User profile creation failed after Firebase user registration.',
-        );
+        throw Exception('User profile creation failed after Firebase user registration.');
       }
 
       return _getUserProfile(
         firebaseUserId: firebaseUser.uid,
         fallbackEmail: firebaseUser.email ?? email,
       );
-    } on FirebaseAuthException catch (e) {
+
+    } on firebase.FirebaseAuthException catch (e) {
       if (e.code == 'weak-password') {
         throw Exception('The password provided is too weak.');
       } else if (e.code == 'email-already-in-use') {
@@ -136,9 +114,7 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
         throw Exception('Sign-up error: ${e.message}');
       }
     } catch (e) {
-      throw Exception(
-        'Failed to sign up and create user data: ${e.toString()}',
-      );
+      throw Exception('Failed to sign up and create user data: ${e.toString()}');
     }
   }
 
@@ -153,18 +129,14 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
 
   @override
   Future<domain.User> signInWithSocial({required String provider}) {
-    throw UnimplementedError(
-      'Social authentication with $provider is not yet implemented.',
-    );
+    throw UnimplementedError('Social authentication with $provider is not yet implemented.');
   }
 
   Future<domain.User> _getUserProfile({
     required String firebaseUserId,
     required String? fallbackEmail,
   }) async {
-    final response = await _dataConnect
-        .getUserById(id: firebaseUserId)
-        .execute();
+    final response = await _dataConnect.getUserById(id: firebaseUserId).execute();
     final user = response.data?.user;
     if (user == null) {
       throw Exception('Authenticated user profile not found in database.');
@@ -175,6 +147,10 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
       throw Exception('User email is missing in profile data.');
     }
 
-    return domain.User(id: user.id, email: email, role: user.role.stringValue);
+    return domain.User(
+      id: user.id,
+      email: email,
+      role: user.role.stringValue,
+    );
   }
 }