Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
async updateList(
@Req() request: Request,
@Param('userid') userId: string,
@Param('listid') listId: string,
@Body() data: ListDto,
) {
const current: User = await this.usersService.findByAuth0Id(
request.user.auth0Id,
);
const user: User = await this.usersService.findById(userId);
// check if user exists
if (!user) {
throw new BadRequestException('User not found');
}
// only admins and current user can update lists
if (!current._id.equals(user._id) && !current.roles.includes(Role.ADMIN)) {
throw new UnauthorizedException(
'Not authorized to perform this operation',
);
}
const list: List[] = await this.listsService.findByUserId({
userId,
listId,
isFavorite: false,
});
// check if list exists
public mapExternalException(err: any) {
switch (true) {
case err instanceof SyntaxError:
return new BadRequestException(err.message);
default:
return err;
}
}
}
async transform(value: any, metadata: ArgumentMetadata) {
if (!this.validator.isJSON(value)) {
const { data } = metadata;
const defaults = data ? `${data} is not valid` : 'Validation failed';
throw new BadRequestException(this.message || defaults);
}
return value;
}
}
async transform(value: any, metadata: ArgumentMetadata) {
if (!this.validator.min(value, this.min)) {
const { data } = metadata;
const defaults = data ? `${data} is not valid` : 'Validation failed';
throw new BadRequestException(this.message || defaults);
}
return value;
}
}
async logout(
@User('id') userId,
@Query('refresh_token') refreshToken?: string,
@Query('from_all') fromAll: boolean = false,
): Promise {
if (fromAll) {
await this.authService.logoutFromAll(userId);
} else {
if (!refreshToken) {
throw new BadRequestException('No refresh token provided');
}
await this.authService.logout(refreshToken, userId);
}
return { message: 'ok' };
}
}
async searchOrder(@Body() search: BookingSearch) {
try {
const [orders, total] = await this.orderService.searchOrder(
search.pageable,
search.email,
search.bookingToken,
);
return OrderPage.fromOrders(total, search.pageable, orders);
} catch (error) {
throw new BadRequestException(error.message, error);
}
}
async transform(value: string, metadata: ArgumentMetadata) {
const val = parseInt(value, 10);
if (isNaN(val)) {
throw new BadRequestException('Validation failed');
}
return val;
}
}
public async updateRolePermission(data: RolePermissionDto): Promise {
const [updatedAmount]: [number, any] = await this.rolePermissionRepository.update(
data,
{
where: _.pick(data, ["roleId", "permissionId"]),
fields: ["isEnabled"],
},
);
if (updatedAmount !== 1) {
throw new BadRequestException(`Invalid payload`);
}
}
.catch(err =>
Promise.reject(new BadRequestException(err.toString()))
)
async signUp(options: SignUpDto) {
try {
await this.groupsService.preloadAll();
} catch (error) {
throw new BadRequestException('Error in load groups');
}
if (options.email) {
let userOfEmail: { user };
try {
userOfEmail = await this.usersService.findByEmail(options);
} catch (error) {
userOfEmail = undefined;
}
if (userOfEmail) {
throw new ConflictException(
`User with email "${options.email}" is exists`
);
}
}
if (options.username) {
let userOfUsername: { user };