UniqAI/hexabot
1
0
Fork 0
mirror of https://github.com/hexastack/hexabot synced 2024-11-24 13:05:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: improve code + add requested changes

Browse Source
This commit is contained in:
Emnaghz 2024-09-21 12:38:24 +01:00
parent 42cfc1fd30
commit 16f10c50f7
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
api/src/user/controllers/role.controller.ts
View File

@ -19,8 +19,8 @@ import {
Patch, Patch,
Query, Query,
UseInterceptors, UseInterceptors,
Session,
ForbiddenException, ForbiddenException,
Session,
} from '@nestjs/common'; } from '@nestjs/common';
import { CsrfCheck } from '@tekuconcept/nestjs-csrf'; import { CsrfCheck } from '@tekuconcept/nestjs-csrf';
import { Session as ExpressSession } from 'express-session'; import { Session as ExpressSession } from 'express-session';
@ -148,11 +148,16 @@ export class RoleController extends BaseController<Role, RoleStub> {
@Delete(':id') @Delete(':id')
@HttpCode(204) @HttpCode(204)
async deleteOne(@Param('id') id: string, @Session() session: ExpressSession) { async deleteOne(@Param('id') id: string, @Session() session: ExpressSession) {
const roles = ( const currentUser = await this.userService.findOneAndPopulate(
await this.userService.findOneAndPopulate(session.passport?.user?.id, [ session.passport.user.id,
'roles', ['roles'],
]) );
).roles.map((role) => role.id); if (!currentUser) {
throw new NotFoundException('User not found');
}
const roles = currentUser.roles.map((role) => role.id);
if (roles.includes(id)) { if (roles.includes(id)) {
throw new ForbiddenException("Your account's role can't be deleted"); throw new ForbiddenException("Your account's role can't be deleted");
} else { } else {