Skip to content

Commit

Permalink
Merge pull request #412 from Benson-Ogheneochuko/feat/create-product
Browse files Browse the repository at this point in the history 
fix: validate org_id for create product
  • Loading branch information
@AdeGneus
AdeGneus authored Jul 31, 2024
2 parents 0752d18 + 1005cd0 commit 566e2f2
Show file tree
Hide file tree
Showing 4 changed files with 183 additions and 141 deletions.
19 changes: 19 additions & 0 deletions src/controllers/ProductController.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,9 +128,19 @@ export class ProductController {
*/
async getProductPagination(req: Request, res: Response) {
try {
const { org_id } = req.params;
const paginationData = await this.productService.getProductPagination(
req.query,
);

if (!org_id) {
return res.status(401).json({
status: "unsuccessful",
status_code: 401,
message: "org_id not found",
});
}

res.status(200).json({
status: "success",
status_code: 200,
Expand Down Expand Up @@ -651,6 +661,7 @@ export class ProductController {
async createProduct(req: Request, res: Response) {
try {
const { user } = req;
const { org_id } = req.params;
const sanitizedData = req.body;

if (!user) {
Expand All @@ -661,6 +672,14 @@ export class ProductController {
});
}

if (!org_id) {
return res.status(401).json({
status: "unsuccessful",
status_code: 401,
message: "org_id not found",
});
}

const productDTO = new ProductDTO(sanitizedData);
await productDTO.validate();

Expand Down
39 changes: 39 additions & 0 deletions src/middleware/organization.validation.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import log from "../utils/logger";
import { z } from "zod";
import { param, validationResult } from "express-validator";
import { InvalidInput } from "./error";
import { OrgService } from "../services/org.services";

export const organizationValidation = async (
req: Request & { user?: User },
Expand Down Expand Up @@ -83,3 +84,41 @@ export const validateOrgId = [
next();
},
];

export const validateUserToOrg = async (
req: Request,
res: Response,
next: NextFunction,
) => {
try {
const { org_id } = req.params;
const { user } = req;
console.log(org_id, user.id);

if (!user || !org_id) {
return res.status(400).json({
status_code: 400,
message: "user or organization id is missing",
});
}

const orgService = new OrgService();
const userOrg = await orgService.getSingleOrg(org_id, user.id);

if (!userOrg) {
return res.status(400).json({
status_code: 400,
message: "user not a member of organization",
});
}

console.log(org_id, user, userOrg);
next();
} catch (error) {
console.error("Error:", error);
res.status(500).json({
status_code: 500,
message: "Internal server error",
});
}
};
22 changes: 13 additions & 9 deletions src/routes/product.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,38 +2,42 @@ import express from "express";
import ProductController from "../controllers/ProductController";
import { authMiddleware } from "../middleware";
import { validateProductDetails } from "../middleware/product";
import { validateUserToOrg } from "../middleware/organization.validation";

const productRouter = express.Router();
const productController = new ProductController();

// modified because the base route changed to "/api/v1"
productRouter.get(
"/",
"/products/:org_id",
authMiddleware,
validateUserToOrg,
productController.getProductPagination.bind(productController),
);

// modified because the base route changed to "/api/v1"
productRouter.put(
"/:product_id",
"/products/:product_id",
authMiddleware,
productController.updateProductById.bind(productController),
);

// modified because the base route changed to "/api/v1"
productRouter.delete(
"/:product_id",
"/products/:product_id",
authMiddleware,
productController.deleteProduct.bind(productController),
);

// modified because the base route changed to "/api/v1"
productRouter.get(
"/:product_id",
"/products/:product_id",
authMiddleware,
productController.fetchProductById.bind(productController),
);

productRouter
.route("/product/")
.route("/products/:org_id")
.post(
validateProductDetails,
authMiddleware,
validateUserToOrg,
productController.createProduct.bind(productController),
);
export { productRouter };
Loading

0 comments on commit 566e2f2

Please sign in to comment.