• Index
• Search by APIs
• Search by Words
• Project Search

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• nestjs-starter-rest-api-master
  • .github
    • dependabot.yml
    • workflows
      • build-workflow.yml
      • tests-workflow.yml
      • sonarqube-workflow.yml
  • src
    • user
      • services
        • user-acl.service.ts
        • user.service.ts
        • user-acl.service.spec.ts
        • user.service.spec.ts
      • repositories
        • user.repository.spec.ts
        • user.repository.ts
      • controllers
        • user.controller.ts
        • user.controller.spec.ts
      • dtos
        • user-output.dto.ts
        • user-create-input.dto.ts
        • user-update-input.dto.ts
      • user.module.ts
      • entities
        • user.entity.ts
    • app.module.ts
    • app.service.ts
    • app.controller.spec.ts
    • article
      • services
        • article.service.ts
        • article.service.spec.ts
        • article-acl.service.ts
      • repositories
        • article.repository.ts
        • article.repository.spec.ts
      • controllers
        • article.controller.ts
        • article.controller.spec.ts
      • dtos
        • article-input.dto.ts
        • article-output.dto.ts
        • author-output.dto.ts
      • article.module.ts
      • entities
        • article.entity.ts
    • cli.ts
    • main.ts
    • app.controller.ts
    • auth
      • decorators
        • role.decorator.ts
      • services
        • auth.service.spec.ts
        • auth.service.ts
      • strategies
        • local.strategy.ts
        • jwt-auth.strategy.ts
        • jwt-refresh.strategy.ts
      • controllers
        • auth.controller.ts
        • auth.controller.spec.ts
      • constants
        • role.constant.ts
        • strategy.constant.ts
      • dtos
        • auth-login-input.dto.ts
        • auth-token-output.dto.ts
        • auth-register-input.dto.ts
        • auth-register-output.dto.ts
        • auth-refresh-token-input.dto.ts
      • guards
        • jwt-auth.guard.ts
        • local-auth.guard.ts
        • jwt-refresh.guard.ts
        • roles.guard.ts
      • auth.module.ts
    • shared
      • acl
        • acl.service.spec.ts
        • acl-rule.constant.ts
        • actor.constant.ts
        • acl.service.ts
        • action.constant.ts
      • shared.module.ts
      • interceptors
        • logging.interceptor.spec.ts
        • logging.interceptor.ts
      • request-context
        • util
          • index.ts
          • index.spec.ts
        • req-context.decorator.ts
        • request-context.dto.ts
      • constants
        • index.ts
        • common.ts
      • filters
        • all-exceptions.filter.ts
        • all-exceptions.filter.spec.ts
      • middlewares
        • request-id
          • request-id.middleware.ts
      • configs
        • module-options.ts
        • configuration.ts
      • dtos
        • base-api-response.dto.ts
        • pagination-params.dto.ts
      • exceptions
        • base-api.exception.ts
      • logger
        • logger.module.ts
        • logger.service.ts
        • logger.service.spec.ts
    • app.service.spec.ts
  • .husky
    • commit-msg
    • pre-commit
  • ormconfig.js
  • .prettierrc
  • test
    • user
      • user.e2e-spec.ts
    • app.e2e-spec.ts
    • test-utils.ts
    • jest-e2e.json
    • auth
      • auth.e2e-spec.ts
  • commitlint.config.js
  • sonar-project.properties
  • CONTRIBUTING.md
  • .editorconfig
  • LICENSE.md
  • .env.template
  • tsconfig.build.json
  • README.md
  • migrations
    • 1607946140933-RefactorUserTable.ts
    • 1605498429591-RefactorUser.ts
    • 1597822219037-CreateUsers.ts
    • 1608194504651-RefactorUserTable.ts
    • 1612590521475-CreateArticles.ts
    • 1608790838594-AddTimestampsToUser.ts
    • 1608194453705-RefactorUserTable.ts
  • package.json
  • scripts
    • generate-jwt-keys
    • npm
  • Dockerfile
  • .eslintrc.js
  • tsconfig.json
  • .gitignore
  • docs
    • middleware.md
    • acl.md
    • project-structure.md
  • .dockerignore
  • .vscode
    • settings.json
    • tasks.json
    • extensions.json
  • docker-compose.yml
  • nest-cli.json

import { Injectable, UnauthorizedException } from '@nestjs/common';
import { plainToClass } from 'class-transformer';

import { Action } from '../../shared/acl/action.constant';
import { Actor } from '../../shared/acl/actor.constant';
import { AppLogger } from '../../shared/logger/logger.service';
import { RequestContext } from '../../shared/request-context/request-context.dto';
import { User } from '../../user/entities/user.entity';
import { UserService } from '../../user/services/user.service';
import {
  CreateArticleInput,
  UpdateArticleInput,
} from '../dtos/article-input.dto';
import { ArticleOutput } from '../dtos/article-output.dto';
import { Article } from '../entities/article.entity';
import { ArticleRepository } from '../repositories/article.repository';
import { ArticleAclService } from './article-acl.service';

@Injectable()
export class ArticleService {
  constructor(
    private repository: ArticleRepository,
    private userService: UserService,
    private aclService: ArticleAclService,
    private readonly logger: AppLogger,
  ) {
    this.logger.setContext(ArticleService.name);
  }

  async createArticle(
    ctx: RequestContext,
    input: CreateArticleInput,
  ): Promise<ArticleOutput> {
    this.logger.log(ctx, `${this.createArticle.name} was called`);

    const article = plainToClass(Article, input);

    const actor: Actor = ctx.user;

    const user = await this.userService.getUserById(ctx, actor.id);

    const isAllowed = this.aclService
      .forActor(actor)
      .canDoAction(Action.Create, article);
    if (!isAllowed) {
      throw new UnauthorizedException();
    }

    article.author = plainToClass(User, user);

    this.logger.log(ctx, `calling ${ArticleRepository.name}.save`);
    const savedArticle = await this.repository.save(article);

    return plainToClass(ArticleOutput, savedArticle, {
      excludeExtraneousValues: true,
    });
  }

  async getArticles(
    ctx: RequestContext,
    limit: number,
    offset: number,
  ): Promise<{ articles: ArticleOutput[]; count: number }> {
    this.logger.log(ctx, `${this.getArticles.name} was called`);

    const actor: Actor = ctx.user;

    const isAllowed = this.aclService.forActor(actor).canDoAction(Action.List);
    if (!isAllowed) {
      throw new UnauthorizedException();
    }

    this.logger.log(ctx, `calling ${ArticleRepository.name}.findAndCount`);
    const [articles, count] = await this.repository.findAndCount({
      where: {},
      take: limit,
      skip: offset,
    });

    const articlesOutput = plainToClass(ArticleOutput, articles, {
      excludeExtraneousValues: true,
    });

    return { articles: articlesOutput, count };
  }

  async getArticleById(
    ctx: RequestContext,
    id: number,
  ): Promise<ArticleOutput> {
    this.logger.log(ctx, `${this.getArticleById.name} was called`);

    const actor: Actor = ctx.user;

    this.logger.log(ctx, `calling ${ArticleRepository.name}.getById`);
    const article = await this.repository.getById(id);

    const isAllowed = this.aclService
      .forActor(actor)
      .canDoAction(Action.Read, article);
    if (!isAllowed) {
      throw new UnauthorizedException();
    }

    return plainToClass(ArticleOutput, article, {
      excludeExtraneousValues: true,
    });
  }

  async updateArticle(
    ctx: RequestContext,
    articleId: number,
    input: UpdateArticleInput,
  ): Promise<ArticleOutput> {
    this.logger.log(ctx, `${this.updateArticle.name} was called`);

    this.logger.log(ctx, `calling ${ArticleRepository.name}.getById`);
    const article = await this.repository.getById(articleId);

    const actor: Actor = ctx.user;

    const isAllowed = this.aclService
      .forActor(actor)
      .canDoAction(Action.Update, article);
    if (!isAllowed) {
      throw new UnauthorizedException();
    }

    const updatedArticle: Article = {
      ...article,
      ...plainToClass(Article, input),
    };

    this.logger.log(ctx, `calling ${ArticleRepository.name}.save`);
    const savedArticle = await this.repository.save(updatedArticle);

    return plainToClass(ArticleOutput, savedArticle, {
      excludeExtraneousValues: true,
    });
  }

  async deleteArticle(ctx: RequestContext, id: number): Promise<void> {
    this.logger.log(ctx, `${this.deleteArticle.name} was called`);

    this.logger.log(ctx, `calling ${ArticleRepository.name}.getById`);
    const article = await this.repository.getById(id);

    const actor: Actor = ctx.user;

    const isAllowed = this.aclService
      .forActor(actor)
      .canDoAction(Action.Delete, article);
    if (!isAllowed) {
      throw new UnauthorizedException();
    }

    this.logger.log(ctx, `calling ${ArticleRepository.name}.remove`);
    await this.repository.remove(article);
  }
}