chore: update subproject commit reference and enhance error handling in schema files
- Updated the subproject commit reference in epess-database to the latest version. - Changed error messages in CollaborationSession and Document schemas for improved clarity and security. - Refactored error handling logic to ensure consistent user authentication checks across multiple schema files. - Enhanced GraphQL module configuration with new options for better performance and error response handling.
This commit is contained in:
Submodule epess-database updated: 7c509dc832...fab4b28b98
@@ -222,7 +222,7 @@ export class CollaborationSessionSchema extends PothosSchema {
|
|||||||
throw new Error('Not allowed')
|
throw new Error('Not allowed')
|
||||||
}
|
}
|
||||||
if (!ctx.http?.me?.id) {
|
if (!ctx.http?.me?.id) {
|
||||||
throw new Error('User not found')
|
throw new Error('Unauthorized')
|
||||||
}
|
}
|
||||||
// check if participantId is in meetingRoomCollaborators
|
// check if participantId is in meetingRoomCollaborators
|
||||||
const meetingRoomCollaborator = await this.prisma.meetingRoomCollaborator.findFirst({
|
const meetingRoomCollaborator = await this.prisma.meetingRoomCollaborator.findFirst({
|
||||||
|
|||||||
@@ -461,7 +461,10 @@ export class DocumentSchema extends PothosSchema {
|
|||||||
if (!document.isPublic) {
|
if (!document.isPublic) {
|
||||||
if (
|
if (
|
||||||
document.ownerId !== ctx.websocket?.me?.id &&
|
document.ownerId !== ctx.websocket?.me?.id &&
|
||||||
!document.collaborators.some((c) => c.userId === ctx.websocket?.me?.id && c.writable && c.readable)
|
!document.collaborators.some((c) =>
|
||||||
|
c.userId === ctx.websocket?.me?.id &&
|
||||||
|
(c.writable || c.readable)
|
||||||
|
)
|
||||||
) {
|
) {
|
||||||
throw new Error('User is not owner or collaborator of document')
|
throw new Error('User is not owner or collaborator of document')
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ import { PothosModule } from '@smatch-corp/nestjs-pothos'
|
|||||||
import { PothosApolloDriver } from '@smatch-corp/nestjs-pothos-apollo-driver'
|
import { PothosApolloDriver } from '@smatch-corp/nestjs-pothos-apollo-driver'
|
||||||
import { Request } from 'express'
|
import { Request } from 'express'
|
||||||
import { RedisPubSub } from 'graphql-redis-subscriptions'
|
import { RedisPubSub } from 'graphql-redis-subscriptions'
|
||||||
import { Context } from 'graphql-ws'
|
import { CloseCode, Context, WebSocket } from 'graphql-ws'
|
||||||
import { PersonalMilestoneModule } from 'src/PersonalMilestone/personalmilestone.module'
|
import { PersonalMilestoneModule } from 'src/PersonalMilestone/personalmilestone.module'
|
||||||
import { AdminNoteModule } from '../AdminNote/adminnote.module'
|
import { AdminNoteModule } from '../AdminNote/adminnote.module'
|
||||||
import { AnalyticModule } from '../Analytic/analytic.module'
|
import { AnalyticModule } from '../Analytic/analytic.module'
|
||||||
@@ -97,8 +97,10 @@ import { GraphqlService } from './graphql.service'
|
|||||||
inject: [GraphqlService, 'PUB_SUB_REDIS'],
|
inject: [GraphqlService, 'PUB_SUB_REDIS'],
|
||||||
useFactory: async (graphqlService: GraphqlService, pubsub: RedisPubSub) => ({
|
useFactory: async (graphqlService: GraphqlService, pubsub: RedisPubSub) => ({
|
||||||
path: process.env.API_PATH + '/graphql',
|
path: process.env.API_PATH + '/graphql',
|
||||||
debug: process.env.NODE_ENV === 'development' || false,
|
debug: true,
|
||||||
playground: false,
|
playground: false,
|
||||||
|
allowBatchedHttpRequests: true,
|
||||||
|
includeStacktraceInErrorResponses: false,
|
||||||
introspection: process.env.NODE_ENV === 'development' || false,
|
introspection: process.env.NODE_ENV === 'development' || false,
|
||||||
logger: {
|
logger: {
|
||||||
debug: (...args) => Logger.debug(...args, 'GraphqlModule'),
|
debug: (...args) => Logger.debug(...args, 'GraphqlModule'),
|
||||||
|
|||||||
File diff suppressed because one or more lines are too long
Reference in New Issue
Block a user