Skip to content
This repository has been archived by the owner on Apr 19, 2023. It is now read-only.

Commit

Permalink
🐛 Ensure there is at least 1 owner in group
Browse files Browse the repository at this point in the history
  • Loading branch information
@AnandChowdhary
AnandChowdhary committed Nov 15, 2020
1 parent 1777332 commit 150f42f
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 2 deletions.
2 changes: 2 additions & 0 deletions src/errors/errors.constants.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ export const WHERE_PIPE_FORMAT = '400013: Invalid query format';
export const OPTIONAL_INT_PIPE_NUMBER = '400014: $key should be a number';
export const CURSOR_PIPE_FORMAT = '400015: Invalid cursor format';
export const EMAIL_DELETE_PRIMARY = '400016: Cannot delete primary email';
export const CANNOT_UPDATE_ROLE_SOLE_OWNER =
'400017: Cannot change the role of the only owner';

export const EMAIL_USER_CONFLICT =
'409001: User with this email already exists';
Expand Down
14 changes: 12 additions & 2 deletions src/modules/memberships/memberships.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,15 @@ import {
import {
CANNOT_DELETE_SOLE_MEMBER,
CANNOT_DELETE_SOLE_OWNER,
CANNOT_UPDATE_ROLE_SOLE_OWNER,
MEMBERSHIP_NOT_FOUND,
UNAUTHORIZED_RESOURCE,
} from '../../errors/errors.constants';
import { safeEmail } from '../../helpers/safe-email';
import { Expose } from '../../providers/prisma/prisma.interface';
import { AuthService } from '../auth/auth.service';
import { MailService } from '../../providers/mail/mail.service';
import { Expose } from '../../providers/prisma/prisma.interface';
import { PrismaService } from '../../providers/prisma/prisma.service';
import { AuthService } from '../auth/auth.service';
import { CreateMembershipInput } from './memberships.interface';

@Injectable()
Expand Down Expand Up @@ -111,6 +112,15 @@ export class MembershipsService {
if (!testMembership) throw new NotFoundException(MEMBERSHIP_NOT_FOUND);
if (testMembership.groupId !== groupId)
throw new UnauthorizedException(UNAUTHORIZED_RESOURCE);
if (testMembership.role === 'OWNER' && data.role !== 'OWNER') {
const otherOwners = (
await this.prisma.memberships.findMany({
where: { group: { id: groupId }, role: 'OWNER' },
})
).filter((i) => i.id !== id);
if (!otherOwners.length)
throw new BadRequestException(CANNOT_UPDATE_ROLE_SOLE_OWNER);
}
const membership = await this.prisma.memberships.update({
where: { id },
data,
Expand Down

0 comments on commit 150f42f

Please sign in to comment.