4nk/lecoffre-back
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(middlewares): add error catcher

Browse Source
This commit is contained in:
OxSaitama 2023-07-25 11:34:38 +02:00
parent 69585af4db
commit 3049dfcd75
13 changed files with 362 additions and 287 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/app/middlewares/AuthHandler.ts
View File

@ -4,21 +4,28 @@ import { NextFunction, Request, Response } from "express";
import Container from "typedi"; import Container from "typedi";
export default function authHandler(req: Request, response: Response, next: NextFunction) { export default function authHandler(req: Request, response: Response, next: NextFunction) {
const authHeader = req.headers["authorization"]; try {
const token = authHeader && authHeader.split(" ")[1]; const authHeader = req.headers["authorization"];
const token = authHeader && authHeader.split(" ")[1];
if (!token) { if (!token) {
response.status(HttpCodes.UNAUTHORIZED).send("Missing token in authorization header"); response.status(HttpCodes.UNAUTHORIZED).send("Missing token in authorization header");
return;
}
const authService = Container.get(AuthService);
authService.verifyAccessToken(token, (err, userPayload) => {
if (err) {
response.status(HttpCodes.UNAUTHORIZED).send("Error while verifying token");
return; return;
} }
req.body.user = userPayload;
next(); const authService = Container.get(AuthService);
}); authService.verifyAccessToken(token, (err, userPayload) => {
if (err) {
response.status(HttpCodes.UNAUTHORIZED).send("Error while verifying token");
return;
}
req.body.user = userPayload;
next();
});
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
}
} }

34
src/app/middlewares/CustomerHandler/DocumentHandler.ts
View File

@ -4,20 +4,28 @@ import { NextFunction, Request, Response } from "express";
import Container from "typedi"; import Container from "typedi";
export default async function documentHandler(req: Request, response: Response, next: NextFunction) { export default async function documentHandler(req: Request, response: Response, next: NextFunction) {
const customerId = req.body.user.customerId; try {
const uid = req.path && req.path.split("/")[5]; const customerId = req.body.user.customerId;
const uid = req.path && req.path.split("/")[5];
if(!uid) { if (!uid) {
response.status(HttpCodes.BAD_REQUEST).send("Missing document uid"); response.status(HttpCodes.BAD_REQUEST).send("Missing document uid");
return;
}
const documentService = Container.get(DocumentsService);
const document = await documentService.getByUid(uid);
if (document?.depositor_uid != customerId) {
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
return;
}
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return; return;
} }
const documentService = Container.get(DocumentsService);
const document = await documentService.getByUid(uid);
if(document?.depositor_uid != customerId) {
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
return;
}
} }

2
src/app/middlewares/CustomerHandler/FileHandler.ts
View File

@ -34,4 +34,6 @@ export default async function fileHandler(req: Request, response: Response, next
return; return;
} }
} }
next();
} }

61
src/app/middlewares/OfficeMembershipHandlers/DeedHandler.ts
View File

@ -6,39 +6,46 @@ import Container from "typedi";
import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService"; import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService";
export default async function deedHandler(req: Request, response: Response, next: NextFunction) { export default async function deedHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; try {
const uid = req.path && req.path.split("/")[5]; const officeId = req.body.user.office_Id;
const documentTypes: DocumentType[] = req.body.document_types; const uid = req.path && req.path.split("/")[5];
const documentTypes: DocumentType[] = req.body.document_types;
if (uid) { if (uid) {
const deedService = Container.get(DeedsService); const deedService = Container.get(DeedsService);
const deed = await deedService.getByUidWithOffice(uid); const deed = await deedService.getByUidWithOffice(uid);
if (!deed) { if (!deed) {
response.status(HttpCodes.NOT_FOUND).send("Deed not found"); response.status(HttpCodes.NOT_FOUND).send("Deed not found");
return;
}
if (deed.deed_type.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
}
if (documentTypes) {
const documentTypeService = Container.get(DocumentTypesService);
documentTypes.forEach(async (documentType) => {
const deedTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if (!deedTypeWithOffice) {
response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
return; return;
} }
if (deedTypeWithOffice.office?.uid != officeId) {
if (deed.deed_type.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return; return;
} }
}); }
}
next(); if (documentTypes) {
const documentTypeService = Container.get(DocumentTypesService);
documentTypes.forEach(async (documentType) => {
const deedTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if (!deedTypeWithOffice) {
response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
return;
}
if (deedTypeWithOffice.office?.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
});
}
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
}
} }

67
src/app/middlewares/OfficeMembershipHandlers/DeedTypeHandler.ts
View File

@ -6,45 +6,52 @@ import Container from "typedi";
import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService"; import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService";
export default async function deedTypeHandler(req: Request, response: Response, next: NextFunction) { export default async function deedTypeHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; try {
const uid = req.path && req.path.split("/")[5]; const officeId = req.body.user.office_Id;
const documentTypes: DocumentType[] = req.body.document_types; const uid = req.path && req.path.split("/")[5];
const office = req.body.office; const documentTypes: DocumentType[] = req.body.document_types;
const office = req.body.office;
if (office && office.uid != officeId) { if (office && office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
if (uid) {
const deedTypeService = Container.get(DeedTypesService);
const deedType = await deedTypeService.getByUidWithOffice(uid!);
if (!deedType) {
response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
return;
}
if (deedType.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return; return;
} }
}
if (documentTypes) { if (uid) {
const documentTypeService = Container.get(DocumentTypesService); const deedTypeService = Container.get(DeedTypesService);
documentTypes.forEach(async (documentType) => { const deedType = await deedTypeService.getByUidWithOffice(uid!);
const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if (!documentTypeWithOffice) { if (!deedType) {
response.status(HttpCodes.NOT_FOUND).send("Document type not found"); response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
return; return;
} }
if (documentTypeWithOffice.office?.uid != officeId) {
if (deedType.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return; return;
} }
}); }
}
next(); if (documentTypes) {
const documentTypeService = Container.get(DocumentTypesService);
documentTypes.forEach(async (documentType) => {
const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if (!documentTypeWithOffice) {
response.status(HttpCodes.NOT_FOUND).send("Document type not found");
return;
}
if (documentTypeWithOffice.office?.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
});
}
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
}
} }

93
src/app/middlewares/OfficeMembershipHandlers/DocumentHandler.ts
View File

@ -8,51 +8,58 @@ import DocumentTypesService from "@Services/super-admin/DocumentTypesService/Doc
import OfficeFoldersService from "@Services/super-admin/OfficeFoldersService/OfficeFoldersService"; import OfficeFoldersService from "@Services/super-admin/OfficeFoldersService/OfficeFoldersService";
export default async function documentHandler(req: Request, response: Response, next: NextFunction) { export default async function documentHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; try {
const uid = req.path && req.path.split("/")[5]; const officeId = req.body.user.office_Id;
const documentType: DocumentType = req.body.document_type; const uid = req.path && req.path.split("/")[5];
const folder: OfficeFolder = req.body.folder; const documentType: DocumentType = req.body.document_type;
const folder: OfficeFolder = req.body.folder;
if (folder) { if (folder) {
const officeFolderService = Container.get(OfficeFoldersService); const officeFolderService = Container.get(OfficeFoldersService);
const officeFolderWithOffice = await officeFolderService.getByUidWithOffice(folder.uid!); const officeFolderWithOffice = await officeFolderService.getByUidWithOffice(folder.uid!);
if (!officeFolderWithOffice) { if (!officeFolderWithOffice) {
response.status(HttpCodes.NOT_FOUND).send("Folder not found"); response.status(HttpCodes.NOT_FOUND).send("Folder not found");
return; return;
}
if (officeFolderWithOffice.office?.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
} }
if (officeFolderWithOffice.office?.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); if (documentType) {
return; const documentTypeService = Container.get(DocumentTypesService);
const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if (!documentTypeWithOffice) {
response.status(HttpCodes.NOT_FOUND).send("Document type not found");
return;
}
if (documentTypeWithOffice.office?.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
} }
if (uid) {
const documentService = Container.get(DocumentsService);
const document = await documentService.getByUidWithOffice(uid!);
if (!document) {
response.sendStatus(HttpCodes.NOT_FOUND);
return;
}
if (document.document_type.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED);
return;
}
}
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
} }
if (documentType) {
const documentTypeService = Container.get(DocumentTypesService);
const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if (!documentTypeWithOffice) {
response.status(HttpCodes.NOT_FOUND).send("Document type not found");
return;
}
if (documentTypeWithOffice.office?.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
}
if (uid) {
const documentService = Container.get(DocumentsService);
const document = await documentService.getByUidWithOffice(uid!);
if (!document) {
response.sendStatus(HttpCodes.NOT_FOUND);
return;
}
if (document.document_type.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED);
return;
}
}
next();
} }

47
src/app/middlewares/OfficeMembershipHandlers/DocumentTypeHandler.ts
View File

@ -4,29 +4,36 @@ import Container from "typedi";
import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService"; import DocumentTypesService from "@Services/super-admin/DocumentTypesService/DocumentTypesService";
export default async function documentTypeHandler(req: Request, response: Response, next: NextFunction) { export default async function documentTypeHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; try {
const uid = req.path && req.path.split("/")[5]; const officeId = req.body.user.office_Id;
const office = req.body.office; const uid = req.path && req.path.split("/")[5];
const office = req.body.office;
if (office && office.uid != officeId) { if (office && office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
if (uid) {
const documentTypeService = Container.get(DocumentTypesService);
const documentType = await documentTypeService.getByUidWithOffice(uid!);
if (!documentType) {
response.status(HttpCodes.NOT_FOUND).send("Document type not found");
return;
}
if (documentType.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return; return;
} }
}
next(); if (uid) {
const documentTypeService = Container.get(DocumentTypesService);
const documentType = await documentTypeService.getByUidWithOffice(uid!);
if (!documentType) {
response.status(HttpCodes.NOT_FOUND).send("Document type not found");
return;
}
if (documentType.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
}
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
}
} }

68
src/app/middlewares/OfficeMembershipHandlers/FileHandler.ts
View File

@ -5,38 +5,44 @@ import FilesService from "@Services/common/FilesService/FilesService";
import DocumentsService from "@Services/super-admin/DocumentsService/DocumentsService"; import DocumentsService from "@Services/super-admin/DocumentsService/DocumentsService";
export default async function fileHandler(req: Request, response: Response, next: NextFunction) { export default async function fileHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; try {
let uid = req.path && req.path.split("/")[5]; const officeId = req.body.user.office_Id;
const document = req.body.document; let uid = req.path && req.path.split("/")[5];
const document = req.body.document;
if (document) {
const documentService = Container.get(DocumentsService); if (document) {
const documentWithOffice = await documentService.getByUidWithOffice(document.uid!); const documentService = Container.get(DocumentsService);
if (!documentWithOffice) { const documentWithOffice = await documentService.getByUidWithOffice(document.uid!);
response.status(HttpCodes.NOT_FOUND).send("Document not found"); if (!documentWithOffice) {
return; response.status(HttpCodes.NOT_FOUND).send("Document not found");
return;
}
if (documentWithOffice.folder.office?.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
} }
if (documentWithOffice.folder.office?.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); if (uid === "download") uid = req.path && req.path.split("/")[6];
return;
if (uid) {
const fileService = Container.get(FilesService);
const file = await fileService.getByUidWithOffice(uid!);
if (!file) {
response.status(HttpCodes.NOT_FOUND).send("File not found");
return;
}
if (file.document.folder.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
} }
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
} }
if (uid === "download") uid = req.path && req.path.split("/")[6];
if (uid) {
const fileService = Container.get(FilesService);
const file = await fileService.getByUidWithOffice(uid!);
if (!file) {
response.status(HttpCodes.NOT_FOUND).send("File not found");
return;
}
if (file.document.folder.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
}
next();
} }

101
src/app/middlewares/OfficeMembershipHandlers/FolderHandler.ts
View File

@ -5,55 +5,62 @@ import OfficeFoldersService from "@Services/super-admin/OfficeFoldersService/Off
import DeedTypesService from "@Services/super-admin/DeedTypesService/DeedTypesService"; import DeedTypesService from "@Services/super-admin/DeedTypesService/DeedTypesService";
export default async function folderHandler(req: Request, response: Response, next: NextFunction) { export default async function folderHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; try {
const uid = req.path && req.path.split("/")[5]; const officeId = req.body.user.office_Id;
const office = req.body.office; const uid = req.path && req.path.split("/")[5];
const officeFolderNumber = req.body.folder_number; const office = req.body.office;
const deed = req.body.deed; const officeFolderNumber = req.body.folder_number;
const deed = req.body.deed;
if (office && office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); if (office && office.uid != officeId) {
return;
}
if (deed) {
const deedTypeService = Container.get(DeedTypesService);
const deedTypeWithOffice = await deedTypeService.getByUidWithOffice(deed.deed_type.uid!);
if (!deedTypeWithOffice) {
response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
return;
}
if (deedTypeWithOffice.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this deed type");
return;
}
}
const officeFolderService = Container.get(OfficeFoldersService);
if (officeFolderNumber && req.method == "POST") {
const officeFoldersWithSameNumber = await officeFolderService.get({
where: { folder_number: officeFolderNumber, office: { uid: officeId } },
});
if (officeFoldersWithSameNumber.length) {
response.status(HttpCodes.BAD_REQUEST).send("Office number already used");
return;
}
}
if (uid) {
const officeFolder = await officeFolderService.getByUidWithOffice(uid!);
if (!officeFolder) {
response.status(HttpCodes.NOT_FOUND).send("Office folder not found");
return;
}
if (officeFolder.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return; return;
} }
}
if (deed && deed.deed_type) {
const deedTypeService = Container.get(DeedTypesService);
const deedTypeWithOffice = await deedTypeService.getByUidWithOffice(deed.deed_type.uid!);
if (!deedTypeWithOffice) {
response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
return;
}
if (deedTypeWithOffice.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this deed type");
return;
}
}
const officeFolderService = Container.get(OfficeFoldersService);
if (officeFolderNumber && req.method == "POST") {
const officeFoldersWithSameNumber = await officeFolderService.get({
where: { folder_number: officeFolderNumber, office: { uid: officeId } },
});
if (officeFoldersWithSameNumber.length) {
response.status(HttpCodes.BAD_REQUEST).send("Office number already used");
return;
}
}
if (uid) {
const officeFolder = await officeFolderService.getByUidWithOffice(uid!);
if (!officeFolder) {
response.status(HttpCodes.NOT_FOUND).send("Office folder not found");
return;
}
if (officeFolder.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
}
next();
next(); } catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
}
} }

47
src/app/middlewares/OfficeMembershipHandlers/OfficeRoleHandler.ts
View File

@ -4,29 +4,36 @@ import Container from "typedi";
import OfficeRolesService from "@Services/super-admin/OfficeRolesService/OfficeRolesService"; import OfficeRolesService from "@Services/super-admin/OfficeRolesService/OfficeRolesService";
export default async function officeRoleHandler(req: Request, response: Response, next: NextFunction) { export default async function officeRoleHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; try {
const uid = req.path && req.path.split("/")[5]; const officeId = req.body.user.office_Id;
const office = req.body.office; const uid = req.path && req.path.split("/")[5];
const office = req.body.office;
if (office && office.uid != officeId) { if (office && office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
if (uid) {
const officeRoleService = Container.get(OfficeRolesService);
const officeRole = await officeRoleService.getByUidWithOffice(uid!);
if (!officeRole) {
response.status(HttpCodes.NOT_FOUND).send("Office role not found");
return;
}
if (officeRole.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return; return;
} }
}
next(); if (uid) {
const officeRoleService = Container.get(OfficeRolesService);
const officeRole = await officeRoleService.getByUidWithOffice(uid!);
if (!officeRole) {
response.status(HttpCodes.NOT_FOUND).send("Office role not found");
return;
}
if (officeRole.office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
}
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
}
} }

46
src/app/middlewares/OfficeMembershipHandlers/UserHandler.ts
View File

@ -4,29 +4,35 @@ import Container from "typedi";
import UsersService from "@Services/super-admin/UsersService/UsersService"; import UsersService from "@Services/super-admin/UsersService/UsersService";
export default async function userHandler(req: Request, response: Response, next: NextFunction) { export default async function userHandler(req: Request, response: Response, next: NextFunction) {
const officeId = req.body.user.office_Id; try {
const uid = req.path && req.path.split("/")[5]; const officeId = req.body.user.office_Id;
const office = req.body.office_membership; const uid = req.path && req.path.split("/")[5];
const office = req.body.office_membership;
if (office && office.uid != officeId) { if (office && office.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
if (uid) {
const userService = Container.get(UsersService);
const user = await userService.getByUidWithOffice(uid!);
if (!user) {
response.status(HttpCodes.NOT_FOUND).send("User not found");
return;
}
if (user.office_membership.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office"); response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return; return;
} }
}
next(); if (uid) {
const userService = Container.get(UsersService);
const user = await userService.getByUidWithOffice(uid!);
if (!user) {
response.status(HttpCodes.NOT_FOUND).send("User not found");
return;
}
if (user.office_membership.uid != officeId) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this office");
return;
}
}
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return;
}
} }

43
src/app/middlewares/RulesHandler.ts
View File

@ -2,25 +2,32 @@ import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
import { NextFunction, Request, Response } from "express"; import { NextFunction, Request, Response } from "express";
export default async function ruleHandler(req: Request, response: Response, next: NextFunction) { export default async function ruleHandler(req: Request, response: Response, next: NextFunction) {
const rules = req.body.user.rules; try {
const service = req.path && req.path.split("/")[4]; const rules = req.body.user.rules;
const service = req.path && req.path.split("/")[4];
if(!rules){ if (!rules) {
response.status(HttpCodes.UNAUTHORIZED).send("Missing rules in JWT"); response.status(HttpCodes.UNAUTHORIZED).send("Missing rules in JWT");
return;
}
const namespace = req.path && req.path.split("/")[3];
const role = req.body.user.role;
if (namespace != "notary" && role != namespace && role != "super-admin") {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
return;
}
if (!rules.includes(req.method + " " + service)) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");
return;
}
next();
} catch (error) {
console.log(error);
response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
return; return;
} }
const namespace = req.path && req.path.split("/")[3];
const role = req.body.user.role;
if (namespace != "notary" && role != namespace && role != "super-admin") {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
return;
}
if (!rules.includes(req.method + " " + service)) {
response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");
return;
}
next();
} }

5
src/common/config/variables/Variables.ts
View File

@ -88,8 +88,7 @@ export class BackendVariables {
this.ENV = process.env["ENV"]!; this.ENV = process.env["ENV"]!;
} }
public async validate(groups?: string[]) { public async validate(groups?: string[]) {
console.log(this);
const validationOptions = groups ? { groups } : undefined; const validationOptions = groups ? { groups } : undefined;
try { try {
@ -98,8 +97,6 @@ export class BackendVariables {
if (process.env["ENV"] === "dev") { if (process.env["ENV"] === "dev") {
throw error; throw error;
} }
console.error(error);
console.error(this);
throw new Error("Some env variables are required!"); throw new Error("Some env variables are required!");
} }
return this; return this;