Merged PR 655: 外部連携以外のAPIバリデータ見直し(/accounts/*以外)

## 概要 [Task3285: 外部連携以外のAPIバリデータ見直し](https://paruru.nds-tyo.co.jp:8443/tfs/ReciproCollection/fa4924a4-d079-4fab-9fb5-a9a11eb205f0/_workitems/edit/3285) - バリデータが不足していた部分について、バリデータを追加 ## レビューポイント - 現行の動きが変更されるようなバリデータが設定されていないか - `AUTHORの時のみ省略不可能` 等のバリデータが設定されているプロパティに関しては、`hogehoge` や `"or ‘1’=’1’"` が設定されたリクエストが来てもバリデータで弾けないが許容可能そうか ## 動作確認状況 - npm run build / npm run test 成功
2023-12-25 05:22:01 +00:00 · 2023-12-25 05:22:01 +00:00 · 95c058265e
commit 95c058265e
parent 6deaa37df7
4 changed files with 35 additions and 1 deletions
--- a/dictation_server/src/features/licenses/types/types.ts
+++ b/dictation_server/src/features/licenses/types/types.ts
@ -6,6 +6,7 @@ import {
  LICENSE_EXPIRATION_TIME_WITH_TIMEZONE,
  TRIAL_LICENSE_EXPIRATION_DAYS,
 } from '../../../constants';
+import { Type } from 'class-transformer';

 export class CreateOrdersRequest {
  @ApiProperty()
@ -13,6 +14,7 @@ export class CreateOrdersRequest {
  poNumber: string;

  @ApiProperty()
+  @Type(() => Number)
  @IsInt()
  @Min(1)
  @Max(9999)
@ -23,6 +25,7 @@ export class CreateOrdersResponse {}

 export class IssueCardLicensesRequest {
  @ApiProperty()
+  @Type(() => Number)
  @IsInt()
  @Min(1)
  @Max(9999)
--- a/dictation_server/src/features/tasks/types/types.ts
+++ b/dictation_server/src/features/tasks/types/types.ts
@ -67,6 +67,7 @@ export class TasksRequest {
  paramName?: string;
 }

+// TODO: RequestでもResponseでも使われているので、Requestに使用される箇所のみバリデータでチェックが行われる状態になっている
 export class Assignee {
  @ApiProperty({
    required: false,
--- a/dictation_server/src/features/users/types/types.ts
+++ b/dictation_server/src/features/users/types/types.ts
@ -1,5 +1,5 @@
 import { ApiProperty } from '@nestjs/swagger';
-import { IsEmail, IsIn } from 'class-validator';
+import { IsBoolean, IsEmail, IsIn, IsInt, MaxLength } from 'class-validator';
 import {
  TASK_LIST_SORTABLE_ATTRIBUTES,
  USER_LICENSE_STATUS,
@ -10,6 +10,7 @@ import {
  IsPasswordvalid,
 } from '../../../common/validators/encryptionPassword.validator';
 import { IsRoleAuthorDataValid } from '../../../common/validators/roleAuthor.validator';
+import { Type } from 'class-transformer';

 export class ConfirmRequest {
  @ApiProperty()
@ -92,12 +93,18 @@ export class SignupRequest {
  email: string;

  @ApiProperty()
+  @Type(() => Boolean)
+  @IsBoolean()
  autoRenew: boolean;

  @ApiProperty()
+  @Type(() => Boolean)
+  @IsBoolean()
  licenseAlert: boolean;

  @ApiProperty()
+  @Type(() => Boolean)
+  @IsBoolean()
  notification: boolean;

  @ApiProperty({ required: false })
@ -209,6 +216,8 @@ export class GetSortCriteriaResponse {

 export class PostUpdateUserRequest {
  @ApiProperty()
+  @Type(() => Number)
+  @IsInt()
  id: number;

  @ApiProperty({ description: 'none/author/typist' })
@ -220,12 +229,18 @@ export class PostUpdateUserRequest {
  authorId?: string;

  @ApiProperty()
+  @Type(() => Boolean)
+  @IsBoolean()
  autoRenew: boolean;

  @ApiProperty()
+  @Type(() => Boolean)
+  @IsBoolean()
  licenseAlart: boolean;

  @ApiProperty()
+  @Type(() => Boolean)
+  @IsBoolean()
  notification: boolean;

  @ApiProperty({ required: false })
@ -245,8 +260,12 @@ export class PostUpdateUserResponse {}

 export class AllocateLicenseRequest {
  @ApiProperty({ description: 'ユーザーID' })
+  @Type(() => Number)
+  @IsInt()
  userId: number;
  @ApiProperty({ description: '割り当てるライセンスのID' })
+  @Type(() => Number)
+  @IsInt()
  newLicenseId: number;
 }

@ -254,6 +273,8 @@ export class AllocateLicenseResponse {}

 export class DeallocateLicenseRequest {
  @ApiProperty({ description: 'ユーザーID' })
+  @Type(() => Number)
+  @IsInt()
  userId: number;
 }

@ -263,10 +284,13 @@ export class UpdateAcceptedVersionRequest {
  @ApiProperty({ description: 'IDトークン' })
  idToken: string;
  @ApiProperty({ description: '更新バージョン（EULA）' })
+  @MaxLength(255)
  acceptedEULAVersion: string;
  @ApiProperty({ description: '更新バージョン（PrivacyNotice）' })
+  @MaxLength(255)
  acceptedPrivacyNoticeVersion: string;
  @ApiProperty({ description: '更新バージョン（DPA）', required: false })
+  @MaxLength(255)
  acceptedDPAVersion?: string;
 }

--- a/dictation_server/src/features/workflows/types/types.ts
+++ b/dictation_server/src/features/workflows/types/types.ts
@ -44,8 +44,14 @@ export class GetWorkflowsResponse {

 export class WorkflowTypist {
  @ApiProperty({ description: 'タイピストユーザーの内部ID', required: false })
+  @IsOptional()
+  @IsInt()
+  @Type(() => Number)
  typistId?: number;
  @ApiProperty({ description: 'タイピストグループの内部ID', required: false })
+  @IsOptional()
+  @IsInt()
+  @Type(() => Number)
  typistGroupId?: number;
 }