fix(services): improve validation PUT /users/current

2024-07-06 21:00:11 +02:00 · 2022-01-29 22:31:37 +01:00 · 2022-01-29 22:31:37 +01:00 · 2405b4951b
commit 2405b4951b
parent 32ac15c831
7 changed files with 890 additions and 1572 deletions
--- a/6
+++ b/6
@ -1,15 +1,15 @@
-FROM node:16.13.1 AS dependencies
+FROM node:16.13.2 AS dependencies
 WORKDIR /usr/src/app
 COPY ./package*.json ./
 RUN npm install

-FROM node:16.13.1 AS builder
+FROM node:16.13.2 AS builder
 WORKDIR /usr/src/app
 COPY --from=dependencies /usr/src/app/node_modules ./node_modules
 COPY ./ ./
 RUN npm run prisma:generate && npm run build

-FROM node:16.13.1 AS runner
+FROM node:16.13.2 AS runner
 WORKDIR /usr/src/app
 ENV NODE_ENV=production
 COPY --from=builder /usr/src/app/node_modules ./node_modules
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -31,17 +31,17 @@
    "postinstall": "husky install"
  },
  "dependencies": {
-    "@prisma/client": "3.8.0",
+    "@prisma/client": "3.8.1",
    "@sinclair/typebox": "0.23.2",
    "@thream/socketio-jwt": "2.1.1",
-    "axios": "0.24.0",
+    "axios": "0.25.0",
    "bcryptjs": "2.4.3",
-    "dotenv": "11.0.0",
+    "dotenv": "14.2.0",
    "ejs": "3.1.6",
-    "fastify": "3.25.3",
+    "fastify": "3.27.0",
    "fastify-cors": "6.0.2",
-    "fastify-helmet": "6.0.0",
-    "fastify-multipart": "5.2.1",
+    "fastify-helmet": "7.0.1",
+    "fastify-multipart": "5.3.0",
    "fastify-plugin": "3.0.0",
    "fastify-rate-limit": "5.7.0",
    "fastify-sensible": "3.1.2",
@ -56,20 +56,20 @@
    "socket.io": "4.4.1"
  },
  "devDependencies": {
-    "@commitlint/cli": "16.0.2",
+    "@commitlint/cli": "16.1.0",
    "@commitlint/config-conventional": "16.0.0",
    "@saithodev/semantic-release-backmerge": "2.1.0",
    "@swc/cli": "0.1.55",
-    "@swc/core": "1.2.129",
+    "@swc/core": "1.2.133",
    "@swc/jest": "0.2.17",
    "@types/bcryptjs": "2.4.2",
    "@types/busboy": "1.3.0",
    "@types/ejs": "3.1.0",
-    "@types/http-errors": "1.8.1",
+    "@types/http-errors": "1.8.2",
    "@types/jest": "27.4.0",
-    "@types/jsonwebtoken": "8.5.7",
+    "@types/jsonwebtoken": "8.5.8",
    "@types/ms": "0.7.31",
-    "@types/node": "17.0.8",
+    "@types/node": "17.0.10",
    "@types/nodemailer": "6.4.4",
    "@typescript-eslint/eslint-plugin": "4.33.0",
    "concurrently": "7.0.0",
@ -82,19 +82,19 @@
    "eslint-plugin-node": "11.1.0",
    "eslint-plugin-prettier": "4.0.0",
    "eslint-plugin-promise": "5.1.1",
-    "eslint-plugin-unicorn": "40.0.0",
+    "eslint-plugin-unicorn": "40.1.0",
    "husky": "7.0.4",
    "jest": "27.4.7",
    "jest-mock-extended": "2.0.4",
    "jest-ts-webcompat-resolver": "1.0.0",
-    "lint-staged": "12.1.7",
+    "lint-staged": "12.2.2",
    "markdownlint-cli": "0.30.0",
    "nodemon": "2.0.15",
    "plop": "3.0.5",
    "prettier": "2.5.1",
-    "prisma": "3.8.0",
+    "prisma": "3.8.1",
    "rimraf": "3.0.2",
-    "semantic-release": "18.0.1",
-    "typescript": "4.5.4"
+    "semantic-release": "19.0.2",
+    "typescript": "4.5.5"
  }
 }
--- a/src/models/UserSettings.ts
+++ b/src/models/UserSettings.ts
@ -8,10 +8,10 @@ export const themes = [Type.Literal('light'), Type.Literal('dark')]

 export const userSettingsSchema = {
  id,
-  language: Type.Union(languages, { default: 'en' }),
-  theme: Type.Union(themes, { default: 'dark' }),
-  isPublicEmail: Type.Boolean({ default: false }),
-  isPublicGuilds: Type.Boolean({ default: false }),
+  language: Type.Union(languages),
+  theme: Type.Union(themes),
+  isPublicEmail: Type.Boolean(),
+  isPublicGuilds: Type.Boolean(),
  createdAt: date.createdAt,
  updatedAt: date.updatedAt,
  userId: id
--- a/src/services/users/current/test/put.test.ts
+++ b/src/services/users/current/test/put.test.ts
@ -82,7 +82,7 @@ describe('PUT /users/current', () => {
    expect(response.statusCode).toEqual(400)
  })

-  it('suceeds with valid website url', async () => {
+  it('succeeds with valid website url', async () => {
    const newWebsite = 'https://somerandomwebsite.com'
    const { accessToken, user } = await authenticateUserTest()
    prismaMock.user.update.mockResolvedValue({
--- a/src/services/users/current/put.ts
+++ b/src/services/users/current/put.ts
@ -1,5 +1,4 @@
 import { randomUUID } from 'node:crypto'
-
 import { Static, Type } from '@sinclair/typebox'
 import { FastifyPluginAsync, FastifySchema } from 'fastify'

@ -14,10 +13,10 @@ import { parseStringNullish } from '../../../tools/utils/parseStringNullish.js'

 const bodyPutServiceSchema = Type.Object({
  name: Type.Optional(userSchema.name),
-  email: Type.Optional(userSchema.email),
-  status: Type.Optional(userSchema.status),
-  biography: Type.Optional(userSchema.biography),
-  website: Type.Optional(userSchema.website)
+  email: Type.Optional(Type.Union([userSchema.email, Type.Null()])),
+  status: Type.Optional(Type.Union([userSchema.status, Type.Null()])),
+  biography: Type.Optional(Type.Union([userSchema.biography, Type.Null()])),
+  website: Type.Optional(Type.Union([userSchema.website, Type.Null()]))
 })

 type BodyPutServiceSchemaType = Static<typeof bodyPutServiceSchema>
@ -89,7 +88,12 @@ export const putCurrentUser: FastifyPluginAsync = async (fastify) => {
      if (request.user.current.password != null) {
        strategies.push('local')
      }
-      if (email != null) {
+      if (email === null && strategies.includes('local')) {
+        throw fastify.httpErrors.badRequest(
+          'You must have an email to sign in.'
+        )
+      }
+      if (email != null && email !== request.user.current.email) {
        await prisma.refreshToken.deleteMany({
          where: {
            userId: request.user.current.id
--- a/src/tools/utils/parseStringNullish.ts
+++ b/src/tools/utils/parseStringNullish.ts
@ -1,21 +1,25 @@
 /**
 * Parse a nullish string:
+ *  - if `string === undefined`, it returns `defaultString`
+ *  - if `string === null`, it returns `null`
 *  - if `string.length === 0`, it returns `null`
- *  - if `string == null`, it returns `defaultString`
- *  - if `string.length > 0`, it returns `string`
+ *  - else, it returns `string`
 * @param defaultString
 * @param string
 * @returns
 */
 export const parseStringNullish = (
  defaultString: string | null,
-  string?: string
+  string?: string | null
 ): string | null => {
-  if (string != null) {
-    if (string.length > 0) {
-      return string
-    }
+  if (string === undefined) {
+    return defaultString
+  }
+  if (string === null) {
    return null
  }
-  return defaultString
+  if (string.length === 0) {
+    return null
+  }
+  return string
 }