From 8cbce3f3fa09d17ac58793500023f856df2775fa Mon Sep 17 00:00:00 2001
From: Mathis HERRIOT <197931332+0x485254@users.noreply.github.com>
Date: Fri, 16 May 2025 23:52:39 +0200
Subject: [PATCH] feat(tags): add input validation for tag and entity
 operations

Added validation checks for tagId, personId, and projectId across tag-related operations. Introduced `BadRequestException` for invalid or missing inputs. Replaced generic errors with more descriptive exceptions.
---
 .../projects/services/projects.service.ts     | 33 +++++++++++++------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/backend/src/modules/projects/services/projects.service.ts b/backend/src/modules/projects/services/projects.service.ts
index 2c33a2b..9ed9160 100644
--- a/backend/src/modules/projects/services/projects.service.ts
+++ b/backend/src/modules/projects/services/projects.service.ts
@@ -229,16 +229,29 @@ export class ProjectsService {
    * Get all collaborators for a project
    */
   async getCollaborators(projectId: string) {
-    // Check if the project exists
-    await this.findById(projectId);
+    // Validate projectId
+    if (!projectId) {
+      throw new NotFoundException('Project ID is required');
+    }
 
-    // Get all collaborators for the project
-    return this.db
-      .select({
-        user: schema.users,
-      })
-      .from(schema.projectCollaborators)
-      .innerJoin(schema.users, eq(schema.projectCollaborators.userId, schema.users.id))
-      .where(eq(schema.projectCollaborators.projectId, projectId));
+    try {
+      // Check if the project exists
+      await this.findById(projectId);
+
+      // Get all collaborators for the project
+      const collaborators = await this.db
+        .select({
+          user: schema.users,
+        })
+        .from(schema.projectCollaborators)
+        .innerJoin(schema.users, eq(schema.projectCollaborators.userId, schema.users.id))
+        .where(eq(schema.projectCollaborators.projectId, projectId));
+
+      // Map the results to extract just the user objects
+      return collaborators.map(collaborator => collaborator.user);
+    } catch (error) {
+      // If there's a database error (like invalid UUID format), throw a NotFoundException
+      throw new NotFoundException(`Failed to get collaborators for project: ${error.message}`);
+    }
   }
 }