update CORS methods and remove unused error class; enhance key enrollment logic

flopez7 · flopez7 · commit 8a1bc2987b5b · 2025-12-17T17:11:26.000+01:00
diff --git a/packages/apps/human-app/server/src/main.ts b/packages/apps/human-app/server/src/main.ts
@@ -19,7 +19,7 @@ async function bootstrap() {
   if (envConfigService.isCorsEnabled) {
     app.enableCors({
       origin: envConfigService.corsEnabledOrigin,
-      methods: ['GET', 'POST', 'OPTIONS', 'PUT'],
+      methods: ['GET', 'POST', 'OPTIONS', 'PUT', 'DELETE'],
       allowedHeaders: envConfigService.corsAllowedHeaders,
     });
   }
diff --git a/packages/apps/reputation-oracle/server/src/modules/exchange-api-keys/exchange-api-keys.error-filter.ts b/packages/apps/reputation-oracle/server/src/modules/exchange-api-keys/exchange-api-keys.error-filter.ts
@@ -13,15 +13,13 @@ import {
   ExchangeApiKeyNotFoundError,
   IncompleteKeySuppliedError,
   KeyAuthorizationError,
-  ActiveExchangeApiKeyExistsError,
 } from './exchange-api-keys.errors';
 import { ExchangeApiClientError } from '../exchange/errors';
 
 @Catch(
   UserNotFoundError,
   IncompleteKeySuppliedError,
   KeyAuthorizationError,
-  ActiveExchangeApiKeyExistsError,
   ExchangeApiKeyNotFoundError,
 )
 export class ExchangeApiKeysControllerErrorsFilter implements ExceptionFilter {
@@ -38,8 +36,7 @@ export class ExchangeApiKeysControllerErrorsFilter implements ExceptionFilter {
     if (
       exception instanceof UserNotFoundError ||
       exception instanceof IncompleteKeySuppliedError ||
-      exception instanceof KeyAuthorizationError ||
-      exception instanceof ActiveExchangeApiKeyExistsError
+      exception instanceof KeyAuthorizationError
     ) {
       status = HttpStatus.UNPROCESSABLE_ENTITY;
     } else if (exception instanceof ExchangeApiClientError) {
diff --git a/packages/apps/reputation-oracle/server/src/modules/exchange-api-keys/exchange-api-keys.errors.ts b/packages/apps/reputation-oracle/server/src/modules/exchange-api-keys/exchange-api-keys.errors.ts
@@ -17,12 +17,3 @@ export class KeyAuthorizationError extends BaseError {
     super("Provided API key can't be authorized on exchange");
   }
 }
-
-export class ActiveExchangeApiKeyExistsError extends BaseError {
-  constructor(
-    readonly userId: number,
-    readonly exchangeName: string,
-  ) {
-    super('User already has an active exchange API key');
-  }
-}
diff --git a/packages/apps/reputation-oracle/server/src/modules/exchange-api-keys/exchange-api-keys.service.spec.ts b/packages/apps/reputation-oracle/server/src/modules/exchange-api-keys/exchange-api-keys.service.spec.ts
@@ -12,10 +12,7 @@ import { ExchangeApiKeysService } from './exchange-api-keys.service';
 import { UserEntity, UserNotFoundError, UserRepository } from '@/modules/user';
 
 import { ExchangeApiKeyEntity } from './exchange-api-key.entity';
-import {
-  ActiveExchangeApiKeyExistsError,
-  KeyAuthorizationError,
-} from './exchange-api-keys.errors';
+import { KeyAuthorizationError } from './exchange-api-keys.errors';
 import { ExchangeApiKeysRepository } from './exchange-api-keys.repository';
 import {
   generateExchangeApiKey,
@@ -104,20 +101,31 @@ describe('ExchangeApiKeysService', () => {
       expect(thrownError.exchangeName).toBe(input.exchangeName);
     });
 
-    it('should throw if user already has active keys', async () => {
+    it('should overwrite existing keys if user already has active ones', async () => {
       const input = generateExchangeApiKeysData();
+      const existingKey = generateExchangeApiKey();
       mockExchangeApiKeysRepository.findOneByUserId.mockResolvedValueOnce(
-        generateExchangeApiKey(),
+        existingKey,
+      );
+      mockExchangeClient.checkRequiredAccess.mockResolvedValueOnce(true);
+      mockUserRepository.findOneById.mockResolvedValueOnce({
+        id: input.userId,
+      } as UserEntity);
+      mockExchangeApiKeysRepository.updateOne.mockImplementation(
+        async (entity) => entity,
       );
 
-      let thrownError;
-      try {
-        await exchangeApiKeysService.enroll(input);
-      } catch (error) {
-        thrownError = error;
-      }
+      const updatedEntity = await exchangeApiKeysService.enroll(input);
 
-      expect(thrownError).toBeInstanceOf(ActiveExchangeApiKeyExistsError);
+      expect(mockExchangeApiKeysRepository.updateOne).toHaveBeenCalledWith(
+        existingKey,
+      );
+      const [decryptedApiKey, decryptedSecretKey] = await Promise.all([
+        aesEncryptionService.decrypt(updatedEntity.apiKey),
+        aesEncryptionService.decrypt(updatedEntity.secretKey),
+      ]);
+      expect(decryptedApiKey.toString()).toBe(input.apiKey);
+      expect(decryptedSecretKey.toString()).toBe(input.secretKey);
     });
 
     it('should throw if user not exists', async () => {
diff --git a/packages/apps/reputation-oracle/server/src/modules/exchange-api-keys/exchange-api-keys.service.ts b/packages/apps/reputation-oracle/server/src/modules/exchange-api-keys/exchange-api-keys.service.ts
@@ -10,10 +10,7 @@ import { ExchangeClientFactory } from '@/modules/exchange/exchange-client.factor
 import { UserNotFoundError, UserRepository } from '@/modules/user';
 
 import { ExchangeApiKeyEntity } from './exchange-api-key.entity';
-import {
-  ActiveExchangeApiKeyExistsError,
-  KeyAuthorizationError,
-} from './exchange-api-keys.errors';
+import { KeyAuthorizationError } from './exchange-api-keys.errors';
 import { ExchangeApiKeysRepository } from './exchange-api-keys.repository';
 
 @Injectable()
@@ -39,9 +36,6 @@ export class ExchangeApiKeysService {
 
     const currentKeys =
       await this.exchangeApiKeysRepository.findOneByUserId(userId);
-    if (currentKeys) {
-      throw new ActiveExchangeApiKeyExistsError(userId, exchangeName);
-    }
 
     const client = await this.exchangeClientFactory.create(exchangeName, {
       apiKey,
@@ -57,14 +51,21 @@ export class ExchangeApiKeysService {
       throw new UserNotFoundError(userId);
     }
 
-    const enrolledKey = new ExchangeApiKeyEntity();
-    enrolledKey.userId = userId;
-    enrolledKey.exchangeName = exchangeName;
-
     const [encryptedApiKey, encryptedSecretKey] = await Promise.all([
       this.aesEncryptionService.encrypt(Buffer.from(apiKey)),
       this.aesEncryptionService.encrypt(Buffer.from(secretKey)),
     ]);
+    if (currentKeys) {
+      currentKeys.exchangeName = exchangeName;
+      currentKeys.apiKey = encryptedApiKey;
+      currentKeys.secretKey = encryptedSecretKey;
+
+      return this.exchangeApiKeysRepository.updateOne(currentKeys);
+    }
+
+    const enrolledKey = new ExchangeApiKeyEntity();
+    enrolledKey.userId = userId;
+    enrolledKey.exchangeName = exchangeName;
     enrolledKey.apiKey = encryptedApiKey;
     enrolledKey.secretKey = encryptedSecretKey;
     await this.exchangeApiKeysRepository.createUnique(enrolledKey);

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ async function bootstrap() {`
`19`	`19`	`if (envConfigService.isCorsEnabled) {`
`20`	`20`	`app.enableCors({`
`21`	`21`	`origin: envConfigService.corsEnabledOrigin,`
`22`		`- methods: ['GET', 'POST', 'OPTIONS', 'PUT'],`
	`22`	`+ methods: ['GET', 'POST', 'OPTIONS', 'PUT', 'DELETE'],`
`23`	`23`	`allowedHeaders: envConfigService.corsAllowedHeaders,`
`24`	`24`	`});`
`25`	`25`	`}`
Original file line number	Diff line number	Diff line change
`@@ -17,12 +17,3 @@ export class KeyAuthorizationError extends BaseError {`
`17`	`17`	`super("Provided API key can't be authorized on exchange");`
`18`	`18`	`}`
`19`	`19`	`}`
`20`		`-`
`21`		`-export class ActiveExchangeApiKeyExistsError extends BaseError {`
`22`		`- constructor(`
`23`		`- readonly userId: number,`
`24`		`- readonly exchangeName: string,`
`25`		`- ) {`
`26`		`- super('User already has an active exchange API key');`
`27`		`- }`
`28`		`-}`