4nk/lecoffre-back
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security in put

Browse Source
This commit is contained in:
Maxime Lalo 2023-09-29 16:52:50 +02:00
parent 3bb9cf1bdf
commit e3ae788b01
1 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/app/api/admin/OfficeRolesController.ts
View File

@ -10,11 +10,12 @@ import authHandler from "@App/middlewares/AuthHandler";
import ruleHandler from "@App/middlewares/RulesHandler";
import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
import roleHandler from "@App/middlewares/RolesHandler";
import RulesService from "@Services/admin/RulesService/RulesService";
@Controller()
@Service()
export default class OfficeRolesController extends ApiController {
constructor(private officeRolesService: OfficeRolesService) {
constructor(private officeRolesService: OfficeRolesService, private rulesService: RulesService) {
super();
}
@ -39,7 +40,7 @@ export default class OfficeRolesController extends ApiController {
mode: "insensitive",
},
},
}
};
}
const officeId: string = req.body.user.office_Id;
@ -108,6 +109,20 @@ export default class OfficeRolesController extends ApiController {
return;
}
if (req.body.rules) {
const rules = req.body.rules;
const allRules = await this.rulesService.get({
where: {
namespace: "notary",
},
});
const rulesToEdit = rules.filter((rule: any) => {
const ruleFound = allRules.find((r) => r.uid === rule.uid && r.namespace === "notary");
return ruleFound;
});
req.body.rules = rulesToEdit;
}
//init IOfficeRole resource with request body values
const officeRoleEntity = OfficeRole.hydrate<OfficeRole>(req.body);