nestjs-query icon indicating copy to clipboard operation
nestjs-query copied to clipboard

Published 20 hours ago verified publisher icon doug-martin

@Authorize Invalid in value expected a non-empty array got

Open thehappycoder opened this issue 4 years ago • 1 comments

Discussed in https://github.com/doug-martin/nestjs-query/discussions/1307

Originally posted by thehappycoder August 25, 2021 My ApplicationDTO has an @Authorize:

@Authorize({
  authorize: async (context: any) => {
    const stUser: SharetribeUser = context.req.user
    const listingRepo = getRepository(Listing)
    const listings = await listingRepo.find({
      select: ['id'],
      where: { authorId: stUser.user.id },
    })
    const listingIds = listings.map((_) => _.id)

    if (listingIds.length) {
      return { listingId: { in: listingIds } }
    } else {
      // Workaround to deny access to this application
      return { listingId: {eq: '00000000-0000-0000-0000-000000000000'} }
    }
  },
})

Is there more elegant way to deny access to ApplicationDTO when user doesn't have access to any listings? Without this workaround, I am getting:

{"name":"Error","message":"Invalid in value expected a non-empty array got []","stack":"Error: Invalid in value expected a non-empty array got []\n    at SQLComparisonBuilder.checkNonEmptyArray 
```</div>

thehappycoder avatar Dec 01 '21 23:12 thehappycoder

Why not update auth to do the filter already like:

@Authorize({
  authorize: async (context: any) => {
    return {
      authorId: {
         eq: context.req.user.user.id
      }
    }
  },
})

TriPSs avatar Dec 12 '21 19:12 TriPSs