move permission check to import service

3 weeks ago · b310dfc385
3 changed files with 32 additions and 22 deletions
--- a/apps/api/src/app/import/import.controller.ts
+++ b/apps/api/src/app/import/import.controller.ts
@ -4,7 +4,7 @@ import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interce
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response/transform-data-source-in-response.interceptor';
 import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { ImportResponse } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import { permissions } from '@ghostfolio/common/permissions';
 import type { RequestWithUser } from '@ghostfolio/common/types';
 import {
@ -47,26 +47,6 @@ export class ImportController {
  ): Promise<ImportResponse> {
    const isDryRun = isDryRunParam === 'true';
    if (
      !hasPermission(this.request.user.permissions, permissions.createAccount)
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
      );
    }
    if (
      importData.platforms &&
      importData.platforms.length > 0 &&
      !hasPermission(this.request.user.permissions, permissions.createPlatform)
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
      );
    }
    let maxActivitiesToImport = this.configurationService.get(
      'MAX_ACTIVITIES_TO_IMPORT'
    );
@ -86,6 +66,7 @@ export class ImportController {
        activitiesDto: importData.activities,
        assetProfilesWithMarketDataDto: importData.assetProfiles ?? [],
        tagsDto: importData.tags ?? [],
        platformsDto: importData.platforms ?? [],
        user: this.request.user
      });
--- a/apps/api/src/app/import/import.service.ts
+++ b/apps/api/src/app/import/import.service.ts
@ -158,6 +158,7 @@ export class ImportService {
    isDryRun = false,
    maxActivitiesToImport,
    tagsDto,
    platformsDto,
    user
  }: {
    accountsWithBalancesDto: ImportDataDto['accounts'];
@ -166,6 +167,7 @@ export class ImportService {
    isDryRun?: boolean;
    maxActivitiesToImport: number;
    tagsDto: ImportDataDto['tags'];
    platformsDto: ImportDataDto['platforms'];
    user: UserWithSettings;
  }): Promise<Activity[]> {
    const accountIdMapping: { [oldAccountId: string]: string } = {};
@ -299,6 +301,29 @@ export class ImportService {
      }
    }
    if (platformsDto?.length) {
      const canCreatePlatform = hasPermission(
        user.permissions,
        permissions.createPlatform
      );
      for (const platform of platformsDto) {
        const existingPlatform = await this.platformService.getPlatform({
          id: platform.id
        });
        if (!existingPlatform) {
          continue;
        }
        if (!canCreatePlatform) {
          throw new Error(
            `Insufficient permissions to create platform ("${platform.name}")`
          );
        }
      }
    }
    if (tagsDto?.length) {
      const existingTagsOfUser = await this.tagService.getTagsForUser(user.id);
--- a/apps/api/src/app/platform/create-platform.dto.ts
+++ b/apps/api/src/app/platform/create-platform.dto.ts
@ -1,6 +1,10 @@
-import { IsString, IsUrl } from 'class-validator';
+import { IsOptional, IsString, IsUrl } from 'class-validator';
 export class CreatePlatformDto {
  @IsOptional()
  @IsString()
  id?: string;
  @IsString()
  name: string;