fix: validation for nested objects

Author: Dzeranov

packages/apps/reputation-oracle/server/src/common/pipes/validation.ts

@@ -7,27 +7,20 @@ import {
   ValidationPipeOptions,
 } from '@nestjs/common';
 
-// TODO: Revisit validation options
 @Injectable()
 export class HttpValidationPipe extends ValidationPipe {
   constructor(options?: ValidationPipeOptions) {
     super({
       exceptionFactory: (errors: ValidationError[]) => {
-        const errorMessages = errors
-          .map(
-            (error) =>
-              Object.values((error as any).constraints) as unknown as string,
-          )
-          .flat();
+        const flattenErrors = this.flattenValidationErrors(errors);
 
         return new HttpException(
-          errorMessages.join(', '),
+          { validationErrors: flattenErrors, message: 'Validation error' },
           HttpStatus.BAD_REQUEST,
         );
       },
       transform: true,
       whitelist: true,
-      forbidUnknownValues: true,
       ...options,
     });
   }

packages/apps/reputation-oracle/server/src/modules/kyc/kyc.controller.ts

@@ -18,7 +18,11 @@ import {
 } from '@nestjs/common';
 import { Public } from '../../common/decorators';
 import { RequestWithUser } from '../../common/interfaces/request';
-import { KycSessionDto, KycSignedAddressDto, KycStatusDto } from './kyc.dto';
+import {
+  StartSessionResponseDto,
+  KycSignedAddressDto,
+  UpdateKycStatusDto,
+} from './kyc.dto';
 import { KycService } from './kyc.service';
 import { KycWebhookAuthGuard } from './kyc-webhook-auth.guard';
 import { KycErrorFilter } from './kyc.error.filter';
@@ -36,14 +40,15 @@ export class KycController {
   @ApiResponse({
     status: 200,
     description: 'KYC session started successfully',
-    type: KycSessionDto,
+    type: StartSessionResponseDto,
   })
   @ApiBearerAuth()
   @Post('/start')
   @HttpCode(200)
-  async startKyc(@Req() request: RequestWithUser): Promise<KycSessionDto> {
-    const kycSessionData = await this.kycService.initSession(request.user);
-    return kycSessionData;
+  async startKyc(
+    @Req() request: RequestWithUser,
+  ): Promise<StartSessionResponseDto> {
+    return await this.kycService.initSession(request.user);
   }
 
   @ApiOperation({
@@ -66,7 +71,7 @@ export class KycController {
       type: 'string',
     },
   })
-  @ApiBody({ type: KycStatusDto })
+  @ApiBody({ type: UpdateKycStatusDto })
   @ApiResponse({
     status: 200,
     description: 'Kyc status updated successfully',
@@ -75,7 +80,7 @@ export class KycController {
   @Post('/update')
   @UseGuards(KycWebhookAuthGuard)
   @HttpCode(200)
-  async updateKycStatus(@Body() data: KycStatusDto): Promise<void> {
+  async updateKycStatus(@Body() data: UpdateKycStatusDto): Promise<void> {
     await this.kycService.updateKycStatus(data);
   }
 

packages/apps/reputation-oracle/server/src/modules/kyc/kyc.dto.ts

@@ -6,22 +6,24 @@ import {
   IsString,
   IsUrl,
   IsUUID,
+  ValidateNested,
 } from 'class-validator';
+import { Type } from 'class-transformer';
 import { KycStatus } from '../../common/enums/user';
 
-export class KycSessionDto {
+export class StartSessionResponseDto {
   @ApiProperty({ name: 'url' })
   @IsUrl()
   public url: string;
 }
 
-export class KycDocumentDto {
+export class DocumentData {
   @ApiProperty()
   @IsString()
   public country: string;
 }
 
-export class KycVerificationDto {
+export class VerificationData {
   @ApiProperty()
   @IsUUID()
   public id: string;
@@ -41,28 +43,21 @@ export class KycVerificationDto {
 
   @ApiProperty()
   @IsObject()
-  public document: KycDocumentDto;
+  @ValidateNested()
+  @Type(() => DocumentData)
+  public document: DocumentData;
 }
 
-export class TechnicalDataDto {
-  @ApiProperty({ nullable: true })
-  @IsString()
-  @IsOptional()
-  public ip: string | null;
-}
-
-export class KycStatusDto {
+export class UpdateKycStatusDto {
   @ApiProperty()
   @IsString()
   public status: string;
 
-  @ApiProperty({ type: KycVerificationDto })
-  @IsObject()
-  public verification: KycVerificationDto;
-
-  @ApiProperty({ type: TechnicalDataDto })
+  @ApiProperty({ type: VerificationData })
   @IsObject()
-  public technicalData: TechnicalDataDto;
+  @ValidateNested()
+  @Type(() => VerificationData)
+  public verification: VerificationData;
 }
 
 export class KycSignedAddressDto {

packages/apps/reputation-oracle/server/src/modules/kyc/kyc.service.ts

@@ -2,7 +2,11 @@ import { Injectable } from '@nestjs/common';
 
 import { UserEntity } from '../user';
 import { HttpService } from '@nestjs/axios';
-import { KycSessionDto, KycSignedAddressDto, KycStatusDto } from './kyc.dto';
+import {
+  StartSessionResponseDto,
+  KycSignedAddressDto,
+  UpdateKycStatusDto,
+} from './kyc.dto';
 import { KycRepository } from './kyc.repository';
 import { KycStatus } from '../../common/enums/user';
 import { firstValueFrom } from 'rxjs';
@@ -23,7 +27,9 @@ export class KycService {
     private readonly web3ConfigService: Web3ConfigService,
   ) {}
 
-  public async initSession(userEntity: UserEntity): Promise<KycSessionDto> {
+  public async initSession(
+    userEntity: UserEntity,
+  ): Promise<StartSessionResponseDto> {
     if (userEntity.kyc?.sessionId) {
       if (userEntity.kyc.status === KycStatus.APPROVED) {
         throw new KycError(KycErrorMessage.ALREADY_APPROVED, userEntity.id);
@@ -82,7 +88,7 @@ export class KycService {
     };
   }
 
-  public async updateKycStatus(data: KycStatusDto): Promise<void> {
+  public async updateKycStatus(data: UpdateKycStatusDto): Promise<void> {
     const { status, reason, id: sessionId } = data.verification;
     const { country } = data.verification.document;