Mathis/memegoat
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Activity

feat(contents): add update method with user ownership validation

Browse Source 
- Introduced `update` method in contents service to allow partial updates.
- Implemented user ownership validation to ensure secure modifications.
- Added cache clearing logic after successful updates.
This commit is contained in:
Mathis HERRIOT
2026-01-21 13:42:56 +01:00
parent 10cc5a6d8d
commit 498f85d24e
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
backend/src/contents/contents.service.ts
View File

@@ -194,6 +194,25 @@ export class ContentsService {
return updated; return updated;
} }
async update(id: string, userId: string, data: any) {
this.logger.log(`Updating content ${id} for user ${userId}`);
// Vérifier que le contenu appartient à l'utilisateur
const existing = await this.contentsRepository.findOne(id, userId);
if (!existing || existing.userId !== userId) {
throw new BadRequestException(
"Contenu non trouvé ou vous n'avez pas la permission de le modifier.",
);
}
const updated = await this.contentsRepository.update(id, data);
if (updated) {
await this.clearContentsCache();
}
return updated;
}
async findOne(idOrSlug: string, userId?: string) { async findOne(idOrSlug: string, userId?: string) {
const content = await this.contentsRepository.findOne(idOrSlug, userId); const content = await this.contentsRepository.findOne(idOrSlug, userId);
if (!content) return null; if (!content) return null;