pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-03 09:16:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix error

Browse Source
This commit is contained in:
Owen Schwartz
2024-10-12 23:05:43 -04:00
parent 4facb91d7a
commit 62f94a7236
5 changed files with 53 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
server/routers/role/removeRoleResource.ts
View File

@@ -9,8 +9,11 @@ import createHttpError from 'http-errors';
import { ActionsEnum, checkUserActionPermission } from '@server/auth/actions';
import logger from '@server/logger';
const removeRoleResourceSchema = z.object({
const removeRoleResourceParamsSchema = z.object({
roleId: z.string().transform(Number).pipe(z.number().int().positive()),
});
const removeRoleResourceSchema = z.object({
resourceId: z.string(),
});
@@ -26,7 +29,19 @@ export async function removeRoleResource(req: Request, res: Response, next: Next
);
}
const { roleId, resourceId } = parsedParams.data;
const { resourceId } = parsedParams.data;
const parsedBody = removeRoleResourceParamsSchema.safeParse(req.body);
if (!parsedBody.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
parsedBody.error.errors.map(e => e.message).join(', ')
)
);
}
const { roleId } = parsedBody.data;
// Check if the user has permission to remove role resources
const hasPermission = await checkUserActionPermission(ActionsEnum.removeRoleResource, req);