Infrastructure/pingvin-share
0
Fork 0
mirror of https://github.com/stonith404/pingvin-share.git synced 2025-02-19 01:55:48 -05:00
Code Issues Activity

refactor: move guard checks to service

Browse source
This commit is contained in:
Elias Schneider 2023-01-31 13:53:23 +01:00
parent 233c26e5cf
commit cd9d828686
No known key found for this signature in database
GPG key ID: 07E623B294202B6C
3 changed files with 16 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
backend/src/share/guard/shareSecurity.guard.ts
View file

@ -34,12 +34,10 @@ export class ShareSecurityGuard implements CanActivate {
include: { security: true }, include: { security: true },
}); });
if ( const isExpired =
!share || moment().isAfter(share.expiration) && !moment(share.expiration).isSame(0);
(moment().isAfter(share.expiration) &&
moment(share.expiration).unix() !== 0) if (!share || isExpired) throw new NotFoundException("Share not found");
)
throw new NotFoundException("Share not found");
if (share.security?.password && !shareToken) if (share.security?.password && !shareToken)
throw new ForbiddenException( throw new ForbiddenException(

15
backend/src/share/guard/shareTokenSecurity.guard.ts
View file

@ -1,7 +1,6 @@
import { import {
CanActivate, CanActivate,
ExecutionContext, ExecutionContext,
ForbiddenException,
Injectable, Injectable,
NotFoundException, NotFoundException,
} from "@nestjs/common"; } from "@nestjs/common";
@ -27,18 +26,10 @@ export class ShareTokenSecurity implements CanActivate {
include: { security: true }, include: { security: true },
}); });
if ( const isExpired =
!share || moment().isAfter(share.expiration) && !moment(share.expiration).isSame(0);
(moment().isAfter(share.expiration) &&
!moment(share.expiration).isSame(0))
)
throw new NotFoundException("Share not found");
if (share.security?.maxViews && share.security.maxViews <= share.views) if (!share || isExpired) throw new NotFoundException("Share not found");
throw new ForbiddenException(
"Maximum views exceeded",
"share_max_views_exceeded"
);
return true; return true;
} }

10
backend/src/share/share.service.ts
View file

@ -273,8 +273,16 @@ export class ShareService {
if ( if (
share?.security?.password && share?.security?.password &&
!(await argon.verify(share.security.password, password)) !(await argon.verify(share.security.password, password))
) ) {
throw new ForbiddenException("Wrong password"); throw new ForbiddenException("Wrong password");
}
if (share.security?.maxViews && share.security.maxViews <= share.views) {
throw new ForbiddenException(
"Maximum views exceeded",
"share_max_views_exceeded"
);
}
const token = await this.generateShareToken(shareId); const token = await this.generateShareToken(shareId);
await this.increaseViewCount(share); await this.increaseViewCount(share);