WorkSimplon/brief-07-back
2
0
Fork 0
mirror of https://github.com/Kevsl/crypto-exchange-api.git synced 2026-02-06 10:36:12 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fixed security breach in offers creation

Browse Source
This commit is contained in:
Kevsl
2024-06-18 21:27:12 +02:00
parent 3d38030791
commit 4a32d2b07a
3 changed files with 21 additions and 385 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/offer/offer.service.ts
View File

@@ -42,6 +42,20 @@ export class OfferService {
throw new ForbiddenException('Insuficient tokens avaiblable');
}
const currentUserOffers = await this.prisma.offer.findMany({
where: {
id_user: userId,
id_crypto: dto.id_crypto,
},
});
let totalAmountsInOffers = 0;
currentUserOffers.forEach((offer) => {
totalAmountsInOffers += offer.amount;
});
if (totalAmountsInOffers > userAssets.amount) {
throw new ForbiddenException('Insuficient tokens avaiblable');
}
const offer = await this.prisma.offer.create({
data: {
id_crypto: dto.id_crypto,