archetecture security fix
This commit is contained in:
@@ -0,0 +1,34 @@
|
||||
"use strict";
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
exports.listPhotos = listPhotos;
|
||||
exports.uploadPhoto = uploadPhoto;
|
||||
exports.deletePhoto = deletePhoto;
|
||||
const prisma_1 = require("../../lib/prisma");
|
||||
const storage_1 = require("../../lib/storage");
|
||||
const errors_1 = require("../../http/errors");
|
||||
async function listPhotos(reservationId, companyId) {
|
||||
const reservation = await prisma_1.prisma.reservation.findFirst({ where: { id: reservationId, companyId }, select: { id: true } });
|
||||
if (!reservation)
|
||||
throw new errors_1.NotFoundError('Reservation not found');
|
||||
return prisma_1.prisma.reservationPhoto.findMany({
|
||||
where: { reservationId },
|
||||
orderBy: { createdAt: 'asc' },
|
||||
});
|
||||
}
|
||||
async function uploadPhoto(reservationId, companyId, type, buffer) {
|
||||
const reservation = await prisma_1.prisma.reservation.findFirst({ where: { id: reservationId, companyId }, select: { id: true } });
|
||||
if (!reservation)
|
||||
throw new errors_1.NotFoundError('Reservation not found');
|
||||
const url = await (0, storage_1.uploadImage)(buffer, `companies/${companyId}/reservations/${reservationId}/photos`);
|
||||
return prisma_1.prisma.reservationPhoto.create({ data: { reservationId, type, url } });
|
||||
}
|
||||
async function deletePhoto(photoId, reservationId, companyId) {
|
||||
const photo = await prisma_1.prisma.reservationPhoto.findFirst({
|
||||
where: { id: photoId, reservationId, reservation: { companyId } },
|
||||
});
|
||||
if (!photo)
|
||||
throw new errors_1.NotFoundError('Photo not found');
|
||||
await (0, storage_1.deleteImage)(photo.url);
|
||||
await prisma_1.prisma.reservationPhoto.delete({ where: { id: photoId } });
|
||||
}
|
||||
//# sourceMappingURL=reservation.photo.service.js.map
|
||||
Reference in New Issue
Block a user