diff --git a/apps/drec-api/src/guards/PermissionGuard.ts b/apps/drec-api/src/guards/PermissionGuard.ts index 44491a3f9..bfa9eb850 100755 --- a/apps/drec-api/src/guards/PermissionGuard.ts +++ b/apps/drec-api/src/guards/PermissionGuard.ts @@ -40,15 +40,16 @@ export class PermissionGuard implements CanActivate { return false; } const request = context.switchToHttp().getRequest(); - let user: IUser; - user = request.user; - if (request.url.split('/')[3] === 'register') { + const user: IUser = request.user; + if (!user) { + return false; + } + if ( + request.url.split('/')[3] === 'register' && + request.body.organizationType === Role.ApiUser + ) { this.logger.verbose(`When ${request.url.split('/')[3]}`); - if (request.body.organizationType === Role.ApiUser) { - return true; - } - } else { - user = request.user; + return true; } if (user.role === 'Admin') { diff --git a/apps/drec-api/src/pods/user/dto/create-user.dto.ts b/apps/drec-api/src/pods/user/dto/create-user.dto.ts index 112be7a7b..85a1b61df 100755 --- a/apps/drec-api/src/pods/user/dto/create-user.dto.ts +++ b/apps/drec-api/src/pods/user/dto/create-user.dto.ts @@ -1,6 +1,5 @@ -import { ApiProperty, PickType, IntersectionType } from '@nestjs/swagger'; +import { ApiProperty, PickType } from '@nestjs/swagger'; import { UserDTO } from './user.dto'; -import { OrganizationDTO } from '../../organization/dto/organization.dto'; import { IsNotEmpty, IsString, @@ -8,9 +7,12 @@ import { MaxLength, IsOptional, IsUUID, + IsIn, } from 'class-validator'; import { UserORGRegistrationData } from '../../../models'; import { Match } from '../decorators/match.decorator'; +import { Trim } from '../../../transformers/string'; +import { Role } from '../../../utils/enums/role.enum'; // export class CreateUserDTO // extends PickType(UserDTO, [ // 'title', @@ -36,10 +38,7 @@ import { Match } from '../decorators/match.decorator'; // } export class CreateUserORGDTO - extends IntersectionType( - PickType(UserDTO, ['firstName', 'lastName', 'email'] as const), - PickType(OrganizationDTO, ['organizationType'] as const), - ) + extends PickType(UserDTO, ['firstName', 'lastName', 'email'] as const) implements UserORGRegistrationData { @ApiProperty({ type: String }) @@ -58,6 +57,7 @@ export class CreateUserORGDTO @ApiProperty({ type: String }) @IsString() + @Trim() @IsNotEmpty() orgName?: string; @@ -91,4 +91,12 @@ export class CreateUserORGDTO @IsOptional() orgid?: number; + + @ApiProperty({ type: String }) + @IsString() + @IsNotEmpty() + @IsIn([Role.Developer, Role.ApiUser, Role.Buyer], { + message: 'organizationType value should be Developer/Buyer/ApiUser', + }) + organizationType: string; } diff --git a/apps/drec-api/src/pods/user/user.controller.ts b/apps/drec-api/src/pods/user/user.controller.ts index 87e8f571a..39a01d316 100755 --- a/apps/drec-api/src/pods/user/user.controller.ts +++ b/apps/drec-api/src/pods/user/user.controller.ts @@ -52,6 +52,7 @@ import { Permission } from '../permission/decorators/permission.decorator'; import { ACLModules } from '../access-control-layer-module-service/decorator/aclModule.decorator'; import { Roles } from './decorators/roles.decorator'; import { Role } from '../../utils/enums'; +import { IsEmail } from 'class-validator'; @ApiTags('user') @ApiBearerAuth('access-token') @@ -127,35 +128,6 @@ export class UserController { @Req() request: Request, ): Promise { const user = request.user; - if ( - userRegistrationData.organizationType === '' || - userRegistrationData.organizationType === null || - userRegistrationData.organizationType === undefined - ) { - throw new ConflictException({ - success: false, - message: `organizationType should not be empty`, - }); - } - if ( - userRegistrationData.organizationType.toLowerCase() != - 'Buyer'.toLowerCase() && - userRegistrationData.organizationType.toLowerCase() != - 'Developer'.toLowerCase() && - userRegistrationData.organizationType.toLowerCase() != - 'ApiUser'.toLowerCase() - ) { - throw new ConflictException({ - success: false, - message: `organizationType value should be Developer/Buyer/ApiUser`, - }); - } - if (userRegistrationData.orgName.trim() === '') { - throw new ConflictException({ - success: false, - message: `orgName should not be empty`, - }); - } if (!userRegistrationData.api_user_id) { userRegistrationData.api_user_id = (user as any).api_user_id; } @@ -233,14 +205,13 @@ export class UserController { @Param('token') token: IEmailConfirmationToken['token'], @Body() body: UpdateChangePasswordDTO, ): Promise { - const emailregex = - /^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}))$/; - let emailConfirmation: any; - if (emailregex.test(token)) { - emailConfirmation = await this.userService.findOne({ email: token }); + if (IsEmail(token)) { + const emailConfirmation = await this.userService.findOne({ + email: token, + }); return this.userService.changePassword(emailConfirmation, body); } else { - emailConfirmation = await this.emailConfirmationService.findOne({ + const emailConfirmation = await this.emailConfirmationService.findOne({ token, }); if (!emailConfirmation) { diff --git a/apps/drec-api/src/transformers/string.ts b/apps/drec-api/src/transformers/string.ts new file mode 100644 index 000000000..8895c434e --- /dev/null +++ b/apps/drec-api/src/transformers/string.ts @@ -0,0 +1,5 @@ +import { applyDecorators } from '@nestjs/common'; +import { Transform } from 'class-transformer'; + +export const Trim = (): PropertyDecorator => + applyDecorators(Transform((value?: string) => value?.trim())); diff --git a/apps/drec-api/src/utils/enums/role.enum.ts b/apps/drec-api/src/utils/enums/role.enum.ts index 5a24c64db..e80d364d0 100755 --- a/apps/drec-api/src/utils/enums/role.enum.ts +++ b/apps/drec-api/src/utils/enums/role.enum.ts @@ -5,6 +5,7 @@ export enum Role { Buyer = 'Buyer', Admin = 'Admin', SubBuyer = 'SubBuyer', + Developer = 'Developer', // Intermediary = 'Intermediary', ApiUser = 'ApiUser', }