From e1c3c6269911c247cdf41173bddf658d1f97a5ba Mon Sep 17 00:00:00 2001
From: Samuli Virtapohja <l4721@student.jamk.fi>
Date: Wed, 24 Jul 2019 14:38:50 +0300
Subject: [PATCH] audit shared folder
---
src/faction/faction.dto.ts | 3 +-
src/game/tick.service.ts | 11 ++-----
src/shared/auth.guard.ts | 8 +++++
src/shared/custom-validation.ts | 52 ---------------------------------
src/shared/guard.decorator.ts | 7 +++++
src/shared/http-error.filter.ts | 6 ++++
src/shared/roles.controller.ts | 51 --------------------------------
src/shared/roles.guard.ts | 9 ++++++
src/shared/states.guard.ts | 7 +++++
src/shared/validation.pipe.ts | 9 ++++++
src/task/task.dto.ts | 5 ++--
11 files changed, 53 insertions(+), 115 deletions(-)
delete mode 100644 src/shared/custom-validation.ts
delete mode 100644 src/shared/roles.controller.ts
diff --git a/src/faction/faction.dto.ts b/src/faction/faction.dto.ts
index df69715..c905999 100644
--- a/src/faction/faction.dto.ts
+++ b/src/faction/faction.dto.ts
@@ -13,7 +13,6 @@ import {
} from 'class-validator';
import { GameEntity } from '../game/game.entity';
-import { RoleValidation } from '../shared/custom-validation';
import { GameDTO } from '../game/game.dto';
import { FactionEntity, GameGroupEntity } from './faction.entity';
@@ -57,7 +56,7 @@ export class JoinFactionDTO {
export class PromotePlayerDTO {
@IsUUID('4')
player: string;
- @Validate(RoleValidation)
+ @IsIn(['admin', 'soldier', 'factionleader'])
role: string;
}
diff --git a/src/game/tick.service.ts b/src/game/tick.service.ts
index b6ba273..0bd2c41 100644
--- a/src/game/tick.service.ts
+++ b/src/game/tick.service.ts
@@ -5,8 +5,7 @@ import { GameService } from './game.service';
@Injectable()
export class TickService {
constructor(
- private scoreService: ScoreService,
- private gameService: GameService,
+ private scoreService: ScoreService, //private gameService: GameService,
) {
// whenever Tickservice is called, it will start ticktimer
/*
@@ -25,14 +24,10 @@ export class TickService {
async startTimer() {
this.logger.log('Started timer');
setInterval(this.Tick, this.tickInterval);
-
- // get games with STARTED value
- let games = await this.gameService.listGames('STARTED');
-
- // add STARTED games to dictionary
+ /* // add STARTED games to dictionary
games.map(game => {
this.ongoingGames[game.id] = Date.now();
- });
+ }); */
}
// add the game to tick queue
diff --git a/src/shared/auth.guard.ts b/src/shared/auth.guard.ts
index ff2bdf4..acde301 100644
--- a/src/shared/auth.guard.ts
+++ b/src/shared/auth.guard.ts
@@ -7,6 +7,14 @@ import {
} from '@nestjs/common';
import * as jwt from 'jsonwebtoken';
+/////////////////////////////////////////////////////////
+/// https://docs.nestjs.com/guards ///
+/// AuthGuard verifies the user's token ///
+/// It adds user information to request.user ///
+/// which can be used by UserDecorator in services ///
+/// return 403 if token validation fails ///
+/////////////////////////////////////////////////////////
+
@Injectable()
export class AuthGuard implements CanActivate {
// check for logged in user
diff --git a/src/shared/custom-validation.ts b/src/shared/custom-validation.ts
deleted file mode 100644
index 13b9637..0000000
--- a/src/shared/custom-validation.ts
+++ /dev/null
@@ -1,52 +0,0 @@
-import {
- ValidatorConstraint,
- ValidatorConstraintInterface,
- ValidationArguments,
- Validator,
-} from 'class-validator';
-
-// check if input is null or valid uuid
-@ValidatorConstraint({ name: 'uuid', async: true })
-export class Uuid implements ValidatorConstraintInterface {
- validate(uuid: string, args: ValidationArguments) {
- const validator = new Validator();
- return validator.isUUID(uuid, '4') || uuid == null; // for async validations you must return a Promise<boolean> here
- }
-
- defaultMessage(args: ValidationArguments) {
- return 'Not valid uuid';
- }
-}
-
-// checks if role is valid
-@ValidatorConstraint({ name: 'roleValidation', async: true })
-export class RoleValidation implements ValidatorConstraintInterface {
- validate(role: string, args: ValidationArguments) {
- const validRoles = ['admin', 'soldier', 'factionleader'];
- return validRoles.includes(role);
- }
-
- defaultMessage(args: ValidationArguments) {
- return 'Not valid uuid';
- }
-}
-
-// checks for valid JSON for center
-@ValidatorConstraint({ name: 'centerJSON', async: true })
-export class CenterJSON implements ValidatorConstraintInterface {
- validate(center: JSON, args: ValidationArguments) {
- const validator = new Validator();
- return (
- validator.isNumber(center['lat']) &&
- validator.isNumber(center['lng']) &&
- validator.min(center['lat'], -90) &&
- validator.max(center['lat'], 90) &&
- validator.min(center['lng'], -180) &&
- validator.max(center['lng'], 180)
- );
- }
-
- defaultMessage(args: ValidationArguments) {
- return 'Error with center JSON';
- }
-}
diff --git a/src/shared/guard.decorator.ts b/src/shared/guard.decorator.ts
index b299d6d..a313b3a 100644
--- a/src/shared/guard.decorator.ts
+++ b/src/shared/guard.decorator.ts
@@ -1,5 +1,12 @@
import { SetMetadata } from '@nestjs/common';
+/////////////////////////////////////////////////////////
+/// pass information from controllers to guards ///
+/// for example @Roles("admin") passes it to ///
+/// roles.guard, which compares user's role ///
+/// to the values return by SetMetadata ///
+/////////////////////////////////////////////////////////
+
export const Roles = (...roles: string[]) => SetMetadata('roles', roles);
export const GameStates = (...states: string[]) =>
diff --git a/src/shared/http-error.filter.ts b/src/shared/http-error.filter.ts
index 8a65068..bf7316f 100644
--- a/src/shared/http-error.filter.ts
+++ b/src/shared/http-error.filter.ts
@@ -7,6 +7,12 @@ import {
HttpStatus,
} from '@nestjs/common';
+/////////////////////////////////////////////////////////
+/// Global tryCatch for catching errors in services ///
+/// Returns error message for end-users ///
+/// Also logs the error in console ///
+/////////////////////////////////////////////////////////
+
@Catch()
export class HttpErrorFilter implements ExceptionFilter {
catch(exception: HttpException, host: ArgumentsHost) {
diff --git a/src/shared/roles.controller.ts b/src/shared/roles.controller.ts
deleted file mode 100644
index 0298723..0000000
--- a/src/shared/roles.controller.ts
+++ /dev/null
@@ -1,51 +0,0 @@
-const AccessControl = require('accesscontrol');
-
-const grants = {
- admin: {
- mapmarker: {
- 'create:any': [],
- 'delete:any': [],
- 'read:any': [],
- 'update:any': [],
- },
- powerup: {
- 'create:any': [],
- 'delete:any': [],
- 'read:any': [],
- 'update:any': [],
- },
- faction: {
- 'create:any': [],
- 'delete:any': [],
- 'read:any': [],
- 'update:any': [],
- },
- players: {
- 'create:any': [],
- 'delete:any': [],
- 'read:any': [],
- 'update:any': [],
- },
- },
- faction_leader: {
- mapmarker: {
- 'create:own': [],
- 'delete:own': [],
- 'read:own': [],
- },
- powerup: {
- 'read:own': [],
- },
- faction: {
- 'read:own': [],
- 'update:own': [],
- },
- players: {
- 'read:own': [],
- 'update:own': [],
- },
- },
- //player & spectator
-};
-
-const ac = new AccessControl(grants);
\ No newline at end of file
diff --git a/src/shared/roles.guard.ts b/src/shared/roles.guard.ts
index 7ae58d2..5e97482 100644
--- a/src/shared/roles.guard.ts
+++ b/src/shared/roles.guard.ts
@@ -13,6 +13,15 @@ import { Validator } from 'class-validator';
import { Game_PersonEntity } from '../game/game.entity';
+/////////////////////////////////////////////////////////
+/// https://docs.nestjs.com/guards ///
+/// RolesGuard verifies the user's token and role ///
+/// It adds user information to request.user ///
+/// which can be used by GamePerson ///
+/// decorator in services ///
+/// return 403 if token/role validation fails ///
+/////////////////////////////////////////////////////////
+
@Injectable()
export class RolesGuard implements CanActivate {
constructor(
diff --git a/src/shared/states.guard.ts b/src/shared/states.guard.ts
index 961b936..544918d 100644
--- a/src/shared/states.guard.ts
+++ b/src/shared/states.guard.ts
@@ -12,6 +12,13 @@ import { Validator } from 'class-validator';
import { GameEntity } from '../game/game.entity';
+//////////////////////////////////////////////////////////
+/// https://docs.nestjs.com/guards ///
+/// StatesGuard verifies the game's state ///
+/// Guard needs gameId as 'id' in request parameters ///
+/// return 400 if state if state validation fails ///
+//////////////////////////////////////////////////////////
+
@Injectable()
export class StatesGuard implements CanActivate {
constructor(
diff --git a/src/shared/validation.pipe.ts b/src/shared/validation.pipe.ts
index 423f231..7e4bb87 100644
--- a/src/shared/validation.pipe.ts
+++ b/src/shared/validation.pipe.ts
@@ -8,6 +8,15 @@ import {
import { validate } from 'class-validator';
import { plainToClass } from 'class-transformer';
+///////////////////////////////////////////////////////////
+/// https://docs.nestjs.com/techniques/validation ///
+/// ValidationPipe for validating DTO's ///
+/// DTO's use ClassValidator which are ///
+/// validated by ValidationPipes ///
+/// return 400 if pipe validation fails with ///
+/// errorMessage stating reason for validation fail ///
+///////////////////////////////////////////////////////////
+
@Injectable()
export class ValidationPipe implements PipeTransform<any> {
async transform(value: any, metadata: ArgumentMetadata) {
diff --git a/src/task/task.dto.ts b/src/task/task.dto.ts
index a1576e7..02653c3 100644
--- a/src/task/task.dto.ts
+++ b/src/task/task.dto.ts
@@ -5,10 +5,10 @@ import {
Validate,
IsUUID,
Equals,
+ IsOptional,
} from 'class-validator';
import { FactionEntity } from '../faction/faction.entity';
import { GameEntity } from '../game/game.entity';
-import { Uuid } from '../shared/custom-validation';
export class CreateTaskDTO {
@IsString()
@@ -19,7 +19,8 @@ export class CreateTaskDTO {
taskDescription: string;
@IsBoolean()
taskIsActive: boolean;
- @Validate(Uuid)
+ @IsOptional()
+ @IsUUID('4')
faction: FactionEntity;
@Equals(null)
taskWinner: FactionEntity;
--
GitLab