4nk/lecoffre-back
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security in put

Browse Source
This commit is contained in:
Maxime Lalo 2023-09-29 16:52:50 +02:00
parent 3bb9cf1bdf
commit e3ae788b01
1 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/app/api/admin/OfficeRolesController.ts
View File

@ -10,11 +10,12 @@ import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler"; import ruleHandler from "@App/middlewares/RulesHandler";
import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler"; import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
import roleHandler from "@App/middlewares/RolesHandler"; import roleHandler from "@App/middlewares/RolesHandler";
import RulesService from "@Services/admin/RulesService/RulesService";
@Controller() @Controller()
@Service() @Service()
export default class OfficeRolesController extends ApiController { export default class OfficeRolesController extends ApiController {
constructor(private officeRolesService: OfficeRolesService) { constructor(private officeRolesService: OfficeRolesService, private rulesService: RulesService) {
super(); super();
} }
@ -30,7 +31,7 @@ export default class OfficeRolesController extends ApiController {
query = JSON.parse(req.query["q"] as string); query = JSON.parse(req.query["q"] as string);
} }
if(req.query["search"] && typeof req.query["search"] === "string") { if (req.query["search"] && typeof req.query["search"] === "string") {
const filter = req.query["search"]; const filter = req.query["search"];
query = { query = {
where: { where: {
@ -39,7 +40,7 @@ export default class OfficeRolesController extends ApiController {
mode: "insensitive", mode: "insensitive",
}, },
}, },
} };
} }
const officeId: string = req.body.user.office_Id; const officeId: string = req.body.user.office_Id;
@ -108,11 +109,25 @@ export default class OfficeRolesController extends ApiController {
return; return;
} }
if (req.body.rules) {
const rules = req.body.rules;
const allRules = await this.rulesService.get({
where: {
namespace: "notary",
},
});
const rulesToEdit = rules.filter((rule: any) => {
const ruleFound = allRules.find((r) => r.uid === rule.uid && r.namespace === "notary");
return ruleFound;
});
req.body.rules = rulesToEdit;
}
//init IOfficeRole resource with request body values //init IOfficeRole resource with request body values
const officeRoleEntity = OfficeRole.hydrate<OfficeRole>(req.body); const officeRoleEntity = OfficeRole.hydrate<OfficeRole>(req.body);
//validate officeRole //validate officeRole
await validateOrReject(officeRoleEntity, { groups: ["updateOfficeRole"] }); await validateOrReject(officeRoleEntity, { groups: ["updateOfficeRole"] });
//call service to get prisma entity //call service to get prisma entity
const officeRoleEntityUpdated = await this.officeRolesService.update(officeRoleEntity); const officeRoleEntityUpdated = await this.officeRolesService.update(officeRoleEntity);