From 9732d7b9044b9845509a2db252aaf4aaa1d13d32 Mon Sep 17 00:00:00 2001
From: Ly Tuan Kiet <lyhung998877@gmail.com>
Date: Mon, 9 Dec 2024 19:08:25 +0700
Subject: [PATCH] feat: enhance message retrieval logic with context-based
 filtering

- Updated the MessageSchema to include context-aware filtering for notifications, allowing retrieval of messages based on recipientId when the context is NOTIFICATION.
- Improved the resolve function to handle subscription checks, ensuring that unauthorized access is properly managed.
- Added error handling for cases where the context is not allowed, enhancing overall robustness of the message retrieval process.
---
 src/Message/message.schema.ts           | 9 ++++++++-
 src/Quiz/quiz.schema.ts                 | 7 +------
 src/RefundTicket/refundticket.schema.ts | 1 +
 3 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/Message/message.schema.ts b/src/Message/message.schema.ts
index 3aaad03..4d46a8a 100644
--- a/src/Message/message.schema.ts
+++ b/src/Message/message.schema.ts
@@ -77,7 +77,14 @@ export class MessageSchema extends PothosSchema {
         type: [this.message()],
         description: 'Retrieve a list of messages with optional filtering, ordering, and pagination.',
         args: this.builder.generator.findManyArgs('Message'),
-        resolve: async (query, _root, args) => {
+        resolve: async (query, _root, args, ctx, _info) => {
+          if (ctx.isSubscription) {
+            throw new Error('Not allowed')
+          }
+          // if message.context is NOTIFICATION, filter by recipientId
+          if (args.filter?.context === MessageContextType.NOTIFICATION) {
+            args.filter.recipientId = ctx.http.me?.id
+          }
           return await this.prisma.message.findMany({
             ...query,
             skip: args.skip ?? undefined,
diff --git a/src/Quiz/quiz.schema.ts b/src/Quiz/quiz.schema.ts
index 13e71e2..5c2c2fb 100644
--- a/src/Quiz/quiz.schema.ts
+++ b/src/Quiz/quiz.schema.ts
@@ -207,12 +207,7 @@ export class QuizSchema extends PothosSchema {
         type: this.quiz(),
         args: {
           data: t.arg({
-            type: this.builder.generator.getCreateInput('Quiz', [
-              'id',
-              'centerMentorId',
-              'createdAt',
-              'updatedAt',
-            ]),
+            type: this.builder.generator.getCreateInput('Quiz', ['id', 'centerMentorId', 'createdAt', 'updatedAt']),
             required: true,
           }),
         },
diff --git a/src/RefundTicket/refundticket.schema.ts b/src/RefundTicket/refundticket.schema.ts
index 584ca43..4d6a19a 100644
--- a/src/RefundTicket/refundticket.schema.ts
+++ b/src/RefundTicket/refundticket.schema.ts
@@ -197,6 +197,7 @@ export class RefundTicketSchema extends PothosSchema {
             bankName = 'Center Mentor Refund Account'
           } else {
             // Existing bank lookup for customers
+            // biome-ignore lint/suspicious/noExplicitAny: <explanation>
             const bank = banks.data.find((bank: any) => bank.bin === bankBin)
             if (!bank) {
               throw new Error('Bank not found')