Skip to content

Commit da8837c

Browse files
committed
fix: security breach issue in docs api's + add: feature getALL docs
1 parent 784f56a commit da8837c

4 files changed

Lines changed: 33 additions & 3 deletions

File tree

Client/.vite/deps/_metadata.json

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
{
2+
"hash": "69c67ab5",
3+
"configHash": "256baf21",
4+
"lockfileHash": "2bcb4725",
5+
"browserHash": "03db4624",
6+
"optimized": {},
7+
"chunks": {}
8+
}

Client/.vite/deps/package.json

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
{
2+
"type": "module"
3+
}

backend/src/documents/document.controller.ts

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,15 @@ export class DocumentController {
4848
);
4949
}
5050

51+
//find all....
52+
@Get()
53+
findAllDocs(
54+
@Req() req: CustomRequest,
55+
@Param('workspaceId') workspaceId: string,
56+
) {
57+
return this.documentService.findAll(req.user.userId, workspaceId);
58+
}
59+
5160
@Patch(':documentId')
5261
updateDocs(
5362
@Req() req: CustomRequest,

backend/src/documents/document.service.ts

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,12 @@ export class DocumentService {
3232
}
3333
return membership;
3434
}
35+
private readonly safeUserSelect = {
36+
id: true,
37+
name: true,
38+
email: true,
39+
role: true,
40+
};
3541

3642
//create document under specified workspace..
3743
async createDocument(
@@ -48,7 +54,11 @@ export class DocumentService {
4854
workspace: { connect: { id: workspaceId } },
4955
createdBy: { connect: { id: userId } },
5056
},
51-
include: { createdBy: true },
57+
include: {
58+
createdBy: {
59+
select: this.safeUserSelect,
60+
},
61+
},
5262
});
5363
}
5464

@@ -61,7 +71,7 @@ export class DocumentService {
6171
id: documentId,
6272
workspaceId: workspaceId,
6373
},
64-
include: { createdBy: true },
74+
include: { createdBy: { select: this.safeUserSelect } },
6575
});
6676

6777
if (!document) {
@@ -81,7 +91,7 @@ export class DocumentService {
8191
orderBy: {
8292
updatedAt: 'desc',
8393
},
84-
include: { createdBy: true },
94+
include: { createdBy: { select: this.safeUserSelect } },
8595
});
8696
}
8797

0 commit comments

Comments
 (0)