1
0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2025-01-07 20:36:48 +01:00

feat(server): apply ValidationPipe on controllers (#2137)

This commit is contained in:
Michel Heusschen 2023-03-31 17:14:01 +02:00 committed by GitHub
parent 49f66be8af
commit 51785a1ead
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 39 additions and 45 deletions

View file

@ -1,6 +1,6 @@
import { AlbumService, AuthUserDto } from '@app/domain'; import { AlbumService, AuthUserDto } from '@app/domain';
import { GetAlbumsDto } from '@app/domain/album/dto/get-albums.dto'; import { GetAlbumsDto } from '@app/domain/album/dto/get-albums.dto';
import { Controller, Get, Query, ValidationPipe } from '@nestjs/common'; import { Controller, Get, Query, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger'; import { ApiTags } from '@nestjs/swagger';
import { GetAuthUser } from '../decorators/auth-user.decorator'; import { GetAuthUser } from '../decorators/auth-user.decorator';
import { Authenticated } from '../decorators/authenticated.decorator'; import { Authenticated } from '../decorators/authenticated.decorator';
@ -8,14 +8,12 @@ import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('Album') @ApiTags('Album')
@Controller('album') @Controller('album')
@Authenticated() @Authenticated()
@UsePipes(new ValidationPipe({ transform: true }))
export class AlbumController { export class AlbumController {
constructor(private service: AlbumService) {} constructor(private service: AlbumService) {}
@Get() @Get()
async getAllAlbums( async getAllAlbums(@GetAuthUser() authUser: AuthUserDto, @Query() query: GetAlbumsDto) {
@GetAuthUser() authUser: AuthUserDto,
@Query(new ValidationPipe({ transform: true })) query: GetAlbumsDto,
) {
return this.service.getAllAlbums(authUser, query); return this.service.getAllAlbums(authUser, query);
} }
} }

View file

@ -6,7 +6,7 @@ import {
APIKeyUpdateDto, APIKeyUpdateDto,
AuthUserDto, AuthUserDto,
} from '@app/domain'; } from '@app/domain';
import { Body, Controller, Delete, Get, Param, Post, Put, ValidationPipe } from '@nestjs/common'; import { Body, Controller, Delete, Get, Param, Post, Put, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger'; import { ApiTags } from '@nestjs/swagger';
import { GetAuthUser } from '../decorators/auth-user.decorator'; import { GetAuthUser } from '../decorators/auth-user.decorator';
import { Authenticated } from '../decorators/authenticated.decorator'; import { Authenticated } from '../decorators/authenticated.decorator';
@ -14,14 +14,12 @@ import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('API Key') @ApiTags('API Key')
@Controller('api-key') @Controller('api-key')
@Authenticated() @Authenticated()
@UsePipes(new ValidationPipe({ transform: true }))
export class APIKeyController { export class APIKeyController {
constructor(private service: APIKeyService) {} constructor(private service: APIKeyService) {}
@Post() @Post()
createKey( createKey(@GetAuthUser() authUser: AuthUserDto, @Body() dto: APIKeyCreateDto): Promise<APIKeyCreateResponseDto> {
@GetAuthUser() authUser: AuthUserDto,
@Body(ValidationPipe) dto: APIKeyCreateDto,
): Promise<APIKeyCreateResponseDto> {
return this.service.create(authUser, dto); return this.service.create(authUser, dto);
} }
@ -39,7 +37,7 @@ export class APIKeyController {
updateKey( updateKey(
@GetAuthUser() authUser: AuthUserDto, @GetAuthUser() authUser: AuthUserDto,
@Param('id') id: string, @Param('id') id: string,
@Body(ValidationPipe) dto: APIKeyUpdateDto, @Body() dto: APIKeyUpdateDto,
): Promise<APIKeyResponseDto> { ): Promise<APIKeyResponseDto> {
return this.service.update(authUser, id, dto); return this.service.update(authUser, id, dto);
} }

View file

@ -13,7 +13,7 @@ import {
UserResponseDto, UserResponseDto,
ValidateAccessTokenResponseDto, ValidateAccessTokenResponseDto,
} from '@app/domain'; } from '@app/domain';
import { Body, Controller, Ip, Post, Req, Res, ValidationPipe } from '@nestjs/common'; import { Body, Controller, Ip, Post, Req, Res, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiBadRequestResponse, ApiTags } from '@nestjs/swagger'; import { ApiBadRequestResponse, ApiTags } from '@nestjs/swagger';
import { Request, Response } from 'express'; import { Request, Response } from 'express';
import { GetAuthUser } from '../decorators/auth-user.decorator'; import { GetAuthUser } from '../decorators/auth-user.decorator';
@ -21,12 +21,13 @@ import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('Authentication') @ApiTags('Authentication')
@Controller('auth') @Controller('auth')
@UsePipes(new ValidationPipe({ transform: true }))
export class AuthController { export class AuthController {
constructor(private readonly service: AuthService) {} constructor(private readonly service: AuthService) {}
@Post('login') @Post('login')
async login( async login(
@Body(new ValidationPipe({ transform: true })) loginCredential: LoginCredentialDto, @Body() loginCredential: LoginCredentialDto,
@Ip() clientIp: string, @Ip() clientIp: string,
@Req() req: Request, @Req() req: Request,
@Res({ passthrough: true }) res: Response, @Res({ passthrough: true }) res: Response,
@ -38,9 +39,7 @@ export class AuthController {
@Post('admin-sign-up') @Post('admin-sign-up')
@ApiBadRequestResponse({ description: 'The server already has an admin' }) @ApiBadRequestResponse({ description: 'The server already has an admin' })
adminSignUp( adminSignUp(@Body() signUpCredential: SignUpDto): Promise<AdminSignupResponseDto> {
@Body(new ValidationPipe({ transform: true })) signUpCredential: SignUpDto,
): Promise<AdminSignupResponseDto> {
return this.service.adminSignUp(signUpCredential); return this.service.adminSignUp(signUpCredential);
} }

View file

@ -4,7 +4,7 @@ import {
DeviceInfoService, DeviceInfoService,
UpsertDeviceInfoDto as UpsertDto, UpsertDeviceInfoDto as UpsertDto,
} from '@app/domain'; } from '@app/domain';
import { Body, Controller, Put, ValidationPipe } from '@nestjs/common'; import { Body, Controller, Put, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger'; import { ApiTags } from '@nestjs/swagger';
import { GetAuthUser } from '../decorators/auth-user.decorator'; import { GetAuthUser } from '../decorators/auth-user.decorator';
import { Authenticated } from '../decorators/authenticated.decorator'; import { Authenticated } from '../decorators/authenticated.decorator';
@ -12,11 +12,12 @@ import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('Device Info') @ApiTags('Device Info')
@Controller('device-info') @Controller('device-info')
@Authenticated() @Authenticated()
@UsePipes(new ValidationPipe({ transform: true }))
export class DeviceInfoController { export class DeviceInfoController {
constructor(private readonly service: DeviceInfoService) {} constructor(private readonly service: DeviceInfoService) {}
@Put() @Put()
upsertDeviceInfo(@GetAuthUser() authUser: AuthUserDto, @Body(ValidationPipe) dto: UpsertDto): Promise<ResponseDto> { upsertDeviceInfo(@GetAuthUser() authUser: AuthUserDto, @Body() dto: UpsertDto): Promise<ResponseDto> {
return this.service.upsert(authUser, dto); return this.service.upsert(authUser, dto);
} }
} }

View file

@ -1,11 +1,12 @@
import { AllJobStatusResponseDto, JobCommandDto, JobIdDto, JobService } from '@app/domain'; import { AllJobStatusResponseDto, JobCommandDto, JobIdDto, JobService } from '@app/domain';
import { Body, Controller, Get, Param, Put, ValidationPipe } from '@nestjs/common'; import { Body, Controller, Get, Param, Put, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger'; import { ApiTags } from '@nestjs/swagger';
import { Authenticated } from '../decorators/authenticated.decorator'; import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('Job') @ApiTags('Job')
@Controller('jobs') @Controller('jobs')
@Authenticated({ admin: true }) @Authenticated({ admin: true })
@UsePipes(new ValidationPipe({ transform: true }))
export class JobController { export class JobController {
constructor(private service: JobService) {} constructor(private service: JobService) {}
@ -15,7 +16,7 @@ export class JobController {
} }
@Put('/:jobId') @Put('/:jobId')
sendJobCommand(@Param(ValidationPipe) { jobId }: JobIdDto, @Body(ValidationPipe) dto: JobCommandDto): Promise<void> { sendJobCommand(@Param() { jobId }: JobIdDto, @Body() dto: JobCommandDto): Promise<void> {
return this.service.handleCommand(jobId, dto); return this.service.handleCommand(jobId, dto);
} }
} }

View file

@ -7,7 +7,7 @@ import {
OAuthService, OAuthService,
UserResponseDto, UserResponseDto,
} from '@app/domain'; } from '@app/domain';
import { Body, Controller, Get, HttpStatus, Post, Redirect, Req, Res, ValidationPipe } from '@nestjs/common'; import { Body, Controller, Get, HttpStatus, Post, Redirect, Req, Res, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger'; import { ApiTags } from '@nestjs/swagger';
import { Request, Response } from 'express'; import { Request, Response } from 'express';
import { GetAuthUser } from '../decorators/auth-user.decorator'; import { GetAuthUser } from '../decorators/auth-user.decorator';
@ -15,6 +15,7 @@ import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('OAuth') @ApiTags('OAuth')
@Controller('oauth') @Controller('oauth')
@UsePipes(new ValidationPipe({ transform: true }))
export class OAuthController { export class OAuthController {
constructor(private service: OAuthService) {} constructor(private service: OAuthService) {}
@ -28,14 +29,14 @@ export class OAuthController {
} }
@Post('config') @Post('config')
generateConfig(@Body(ValidationPipe) dto: OAuthConfigDto): Promise<OAuthConfigResponseDto> { generateConfig(@Body() dto: OAuthConfigDto): Promise<OAuthConfigResponseDto> {
return this.service.generateConfig(dto); return this.service.generateConfig(dto);
} }
@Post('callback') @Post('callback')
async callback( async callback(
@Res({ passthrough: true }) res: Response, @Res({ passthrough: true }) res: Response,
@Body(ValidationPipe) dto: OAuthCallbackDto, @Body() dto: OAuthCallbackDto,
@Req() req: Request, @Req() req: Request,
): Promise<LoginResponseDto> { ): Promise<LoginResponseDto> {
const { response, cookie } = await this.service.login(dto, req.secure); const { response, cookie } = await this.service.login(dto, req.secure);
@ -45,7 +46,7 @@ export class OAuthController {
@Authenticated() @Authenticated()
@Post('link') @Post('link')
link(@GetAuthUser() authUser: AuthUserDto, @Body(ValidationPipe) dto: OAuthCallbackDto): Promise<UserResponseDto> { link(@GetAuthUser() authUser: AuthUserDto, @Body() dto: OAuthCallbackDto): Promise<UserResponseDto> {
return this.service.link(authUser, dto); return this.service.link(authUser, dto);
} }

View file

@ -6,7 +6,7 @@ import {
SearchResponseDto, SearchResponseDto,
SearchService, SearchService,
} from '@app/domain'; } from '@app/domain';
import { Controller, Get, Query, ValidationPipe } from '@nestjs/common'; import { Controller, Get, Query, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger'; import { ApiTags } from '@nestjs/swagger';
import { GetAuthUser } from '../decorators/auth-user.decorator'; import { GetAuthUser } from '../decorators/auth-user.decorator';
import { Authenticated } from '../decorators/authenticated.decorator'; import { Authenticated } from '../decorators/authenticated.decorator';
@ -14,14 +14,12 @@ import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('Search') @ApiTags('Search')
@Controller('search') @Controller('search')
@Authenticated() @Authenticated()
@UsePipes(new ValidationPipe({ transform: true }))
export class SearchController { export class SearchController {
constructor(private service: SearchService) {} constructor(private service: SearchService) {}
@Get() @Get()
search( search(@GetAuthUser() authUser: AuthUserDto, @Query() dto: SearchDto): Promise<SearchResponseDto> {
@GetAuthUser() authUser: AuthUserDto,
@Query(new ValidationPipe({ transform: true })) dto: SearchDto,
): Promise<SearchResponseDto> {
return this.service.search(authUser, dto); return this.service.search(authUser, dto);
} }

View file

@ -5,12 +5,13 @@ import {
ServerStatsResponseDto, ServerStatsResponseDto,
ServerVersionReponseDto, ServerVersionReponseDto,
} from '@app/domain'; } from '@app/domain';
import { Controller, Get } from '@nestjs/common'; import { Controller, Get, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger'; import { ApiTags } from '@nestjs/swagger';
import { Authenticated } from '../decorators/authenticated.decorator'; import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('Server Info') @ApiTags('Server Info')
@Controller('server-info') @Controller('server-info')
@UsePipes(new ValidationPipe({ transform: true }))
export class ServerInfoController { export class ServerInfoController {
constructor(private service: ServerInfoService) {} constructor(private service: ServerInfoService) {}

View file

@ -1,11 +1,12 @@
import { AuthUserDto, EditSharedLinkDto, SharedLinkResponseDto, ShareService } from '@app/domain'; import { AuthUserDto, EditSharedLinkDto, SharedLinkResponseDto, ShareService } from '@app/domain';
import { Body, Controller, Delete, Get, Param, Patch, ValidationPipe } from '@nestjs/common'; import { Body, Controller, Delete, Get, Param, Patch, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger'; import { ApiTags } from '@nestjs/swagger';
import { GetAuthUser } from '../decorators/auth-user.decorator'; import { GetAuthUser } from '../decorators/auth-user.decorator';
import { Authenticated } from '../decorators/authenticated.decorator'; import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('share') @ApiTags('share')
@Controller('share') @Controller('share')
@UsePipes(new ValidationPipe({ transform: true }))
export class ShareController { export class ShareController {
constructor(private readonly service: ShareService) {} constructor(private readonly service: ShareService) {}
@ -38,7 +39,7 @@ export class ShareController {
editSharedLink( editSharedLink(
@GetAuthUser() authUser: AuthUserDto, @GetAuthUser() authUser: AuthUserDto,
@Param('id') id: string, @Param('id') id: string,
@Body(ValidationPipe) dto: EditSharedLinkDto, @Body() dto: EditSharedLinkDto,
): Promise<SharedLinkResponseDto> { ): Promise<SharedLinkResponseDto> {
return this.service.edit(authUser, id, dto); return this.service.edit(authUser, id, dto);
} }

View file

@ -1,11 +1,12 @@
import { SystemConfigDto, SystemConfigService, SystemConfigTemplateStorageOptionDto } from '@app/domain'; import { SystemConfigDto, SystemConfigService, SystemConfigTemplateStorageOptionDto } from '@app/domain';
import { Body, Controller, Get, Put, ValidationPipe } from '@nestjs/common'; import { Body, Controller, Get, Put, UsePipes, ValidationPipe } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger'; import { ApiTags } from '@nestjs/swagger';
import { Authenticated } from '../decorators/authenticated.decorator'; import { Authenticated } from '../decorators/authenticated.decorator';
@ApiTags('System Config') @ApiTags('System Config')
@Controller('system-config') @Controller('system-config')
@Authenticated({ admin: true }) @Authenticated({ admin: true })
@UsePipes(new ValidationPipe({ transform: true }))
export class SystemConfigController { export class SystemConfigController {
constructor(private readonly service: SystemConfigService) {} constructor(private readonly service: SystemConfigService) {}
@ -20,7 +21,7 @@ export class SystemConfigController {
} }
@Put() @Put()
updateConfig(@Body(ValidationPipe) dto: SystemConfigDto): Promise<SystemConfigDto> { updateConfig(@Body() dto: SystemConfigDto): Promise<SystemConfigDto> {
return this.service.updateConfig(dto); return this.service.updateConfig(dto);
} }

View file

@ -11,9 +11,9 @@ import {
UseInterceptors, UseInterceptors,
UploadedFile, UploadedFile,
Response, Response,
ParseBoolPipe,
StreamableFile, StreamableFile,
Header, Header,
UsePipes,
} from '@nestjs/common'; } from '@nestjs/common';
import { UserService } from '@app/domain'; import { UserService } from '@app/domain';
import { Authenticated } from '../decorators/authenticated.decorator'; import { Authenticated } from '../decorators/authenticated.decorator';
@ -32,15 +32,13 @@ import { UserCountDto } from '@app/domain';
@ApiTags('User') @ApiTags('User')
@Controller('user') @Controller('user')
@UsePipes(new ValidationPipe({ transform: true }))
export class UserController { export class UserController {
constructor(private service: UserService) {} constructor(private service: UserService) {}
@Authenticated() @Authenticated()
@Get() @Get()
getAllUsers( getAllUsers(@GetAuthUser() authUser: AuthUserDto, @Query('isAll') isAll: boolean): Promise<UserResponseDto[]> {
@GetAuthUser() authUser: AuthUserDto,
@Query('isAll', ParseBoolPipe) isAll: boolean,
): Promise<UserResponseDto[]> {
return this.service.getAllUsers(authUser, isAll); return this.service.getAllUsers(authUser, isAll);
} }
@ -58,12 +56,12 @@ export class UserController {
@Authenticated({ admin: true }) @Authenticated({ admin: true })
@Post() @Post()
createUser(@Body(new ValidationPipe({ transform: true })) createUserDto: CreateUserDto): Promise<UserResponseDto> { createUser(@Body() createUserDto: CreateUserDto): Promise<UserResponseDto> {
return this.service.createUser(createUserDto); return this.service.createUser(createUserDto);
} }
@Get('/count') @Get('/count')
getUserCount(@Query(new ValidationPipe({ transform: true })) dto: UserCountDto): Promise<UserCountResponseDto> { getUserCount(@Query() dto: UserCountDto): Promise<UserCountResponseDto> {
return this.service.getUserCount(dto); return this.service.getUserCount(dto);
} }
@ -81,10 +79,7 @@ export class UserController {
@Authenticated() @Authenticated()
@Put() @Put()
updateUser( updateUser(@GetAuthUser() authUser: AuthUserDto, @Body() updateUserDto: UpdateUserDto): Promise<UserResponseDto> {
@GetAuthUser() authUser: AuthUserDto,
@Body(ValidationPipe) updateUserDto: UpdateUserDto,
): Promise<UserResponseDto> {
return this.service.updateUser(authUser, updateUserDto); return this.service.updateUser(authUser, updateUserDto);
} }