From 0ba8b52be3ea2bdfb0beab6ac9a49a9beadd32b9 Mon Sep 17 00:00:00 2001 From: Kevsl Date: Tue, 11 Jun 2024 09:52:47 +0200 Subject: [PATCH] added more security check rules in dtos --- src/auth/dto/auth.register.dto.ts | 18 +++++++++++++++++- src/crypto/dto/buy.crypto.dto.ts | 15 ++++++++++++++- src/crypto/dto/crypto.dto.ts | 20 +++++++++++++++++++- src/offer/dto/offer.dto.ts | 14 +++++++++++++- src/promoCode/dto/promoCode.dto.ts | 15 ++++++++++++++- src/role/dto/role.dto.ts | 4 +++- src/trade/dto/trade.dto.ts | 3 ++- 7 files changed, 82 insertions(+), 7 deletions(-) diff --git a/src/auth/dto/auth.register.dto.ts b/src/auth/dto/auth.register.dto.ts index e9eb1d7..cce72db 100644 --- a/src/auth/dto/auth.register.dto.ts +++ b/src/auth/dto/auth.register.dto.ts @@ -1,11 +1,20 @@ import { ApiProperty } from '@nestjs/swagger'; -import { IsEmail, IsNotEmpty, IsOptional, IsString } from 'class-validator'; +import { + IsEmail, + IsNotEmpty, + IsOptional, + IsString, + MaxLength, + MinLength, +} from 'class-validator'; export class AuthRegisterDto { @ApiProperty({ type: String, description: 'FirstName', example: 'Thomas', }) + @MinLength(1) + @MaxLength(50) @IsNotEmpty() @IsString() firstName: string; @@ -15,6 +24,8 @@ export class AuthRegisterDto { description: 'Last Name', example: 'Anderson', }) + @MinLength(1) + @MaxLength(50) @IsNotEmpty() @IsString() lastName: string; @@ -24,6 +35,8 @@ export class AuthRegisterDto { description: 'Pseudo', example: 'Néo', }) + @MinLength(1) + @MaxLength(50) @IsNotEmpty() @IsString() pseudo: string; @@ -33,6 +46,8 @@ export class AuthRegisterDto { description: 'User city', example: 'Aix les bains', }) + @MinLength(1) + @MaxLength(70) @IsNotEmpty() @IsString() city: string; @@ -42,6 +57,7 @@ export class AuthRegisterDto { description: 'email', example: 'neo@matrix.fr', }) + @MaxLength(255) @IsEmail() @IsNotEmpty() email: string; diff --git a/src/crypto/dto/buy.crypto.dto.ts b/src/crypto/dto/buy.crypto.dto.ts index fdd012d..4947dbc 100644 --- a/src/crypto/dto/buy.crypto.dto.ts +++ b/src/crypto/dto/buy.crypto.dto.ts @@ -1,12 +1,23 @@ import { ApiProperty } from '@nestjs/swagger'; -import { IsNumber, IsString } from 'class-validator'; +import { + IsNumber, + IsString, + IsUUID, + Max, + MaxLength, + Min, + MinLength, +} from 'class-validator'; export class BuyCryptoDto { @ApiProperty({ type: String, description: 'Cryptocurrency UUID', example: '12121-DSZD-E221212-2121221', }) + @MinLength(1) + @MaxLength(50) @IsString() + @IsUUID() id_crypto: string; @ApiProperty({ @@ -14,6 +25,8 @@ export class BuyCryptoDto { description: 'Amount of token traded', example: 2, }) + @Min(1) + @Max(1000) @IsNumber() amount: number; } diff --git a/src/crypto/dto/crypto.dto.ts b/src/crypto/dto/crypto.dto.ts index 5b9fdb8..5320e3e 100644 --- a/src/crypto/dto/crypto.dto.ts +++ b/src/crypto/dto/crypto.dto.ts @@ -1,11 +1,22 @@ import { ApiProperty } from '@nestjs/swagger'; -import { IsNumber, IsString, IsUrl } from 'class-validator'; +import { + IsNumber, + IsPositive, + IsString, + IsUrl, + Max, + MaxLength, + Min, + MinLength, +} from 'class-validator'; export class CryptoDto { @ApiProperty({ type: String, description: 'Cryptocurrency name', example: 'BTC', }) + @MaxLength(50) + @MinLength(1) @IsString() name: string; @@ -14,6 +25,9 @@ export class CryptoDto { description: 'Value for the cryptocurrency in $', example: 1, }) + @Min(1) + @Max(10000) + @IsPositive() @IsNumber() value: number; @@ -22,6 +36,9 @@ export class CryptoDto { description: 'Quantity of tokens available on the platform', example: 100, }) + @Min(1) + @Max(10000) + @IsPositive() @IsNumber() quantity: number; @@ -30,6 +47,7 @@ export class CryptoDto { description: 'Image for the cryptocurrency in ', example: 'https://myImage/com', }) + @MaxLength(255) @IsUrl() @IsString() image: string; diff --git a/src/offer/dto/offer.dto.ts b/src/offer/dto/offer.dto.ts index 70bbf7e..6f32232 100644 --- a/src/offer/dto/offer.dto.ts +++ b/src/offer/dto/offer.dto.ts @@ -1,12 +1,22 @@ import { ApiProperty } from '@nestjs/swagger'; -import { IsNumber, IsPositive, IsString } from 'class-validator'; +import { + IsNumber, + IsPositive, + IsString, + IsUUID, + Max, + MaxLength, + Min, +} from 'class-validator'; export class OfferDto { @ApiProperty({ type: String, description: 'Cryptocurrency UUID', example: '12121-DSZD-E221212-2121221', }) + @MaxLength(50) @IsString() + @IsUUID() id_crypto: string; @ApiProperty({ @@ -15,6 +25,8 @@ export class OfferDto { description: 'Amount traded ', example: 21, }) + @Min(1) + @Max(1000) @IsNumber() @IsPositive() amount: number; diff --git a/src/promoCode/dto/promoCode.dto.ts b/src/promoCode/dto/promoCode.dto.ts index 4f9ce7e..be05dbc 100644 --- a/src/promoCode/dto/promoCode.dto.ts +++ b/src/promoCode/dto/promoCode.dto.ts @@ -1,11 +1,21 @@ import { ApiProperty } from '@nestjs/swagger'; -import { IsNumber, IsString } from 'class-validator'; +import { + IsNumber, + IsPositive, + IsString, + Max, + MaxLength, + Min, + MinLength, +} from 'class-validator'; export class PromoCodeDto { @ApiProperty({ type: String, description: 'Name of the PromoCOde', example: 'FILOU10', }) + @MinLength(1) + @MaxLength(50) @IsString() name: string; @@ -14,6 +24,9 @@ export class PromoCodeDto { description: 'Dollars given for account creation when promoCode applied', example: 100, }) + @IsPositive() + @Min(1) + @Max(3000) @IsNumber() value: number; } diff --git a/src/role/dto/role.dto.ts b/src/role/dto/role.dto.ts index 74d1c56..c41fa02 100644 --- a/src/role/dto/role.dto.ts +++ b/src/role/dto/role.dto.ts @@ -1,11 +1,13 @@ import { ApiProperty } from '@nestjs/swagger'; -import { IsString } from 'class-validator'; +import { IsString, MaxLength, MinLength } from 'class-validator'; export class RoleDto { @ApiProperty({ type: String, description: 'Role Name', example: 'user', }) + @MinLength(1) + @MaxLength(50) @IsString() name: string; } diff --git a/src/trade/dto/trade.dto.ts b/src/trade/dto/trade.dto.ts index 7ffaaa3..212c248 100644 --- a/src/trade/dto/trade.dto.ts +++ b/src/trade/dto/trade.dto.ts @@ -1,11 +1,12 @@ import { ApiProperty } from '@nestjs/swagger'; -import { IsNotEmpty, IsString } from 'class-validator'; +import { IsNotEmpty, IsString, IsUUID } from 'class-validator'; export class TradeDto { @ApiProperty({ type: String, description: 'Offer UUID ', example: '121212-DSDZ1-21212DJDZ-31313', }) + @IsUUID() @IsNotEmpty() @IsString() id_offer: string;