MediaController: Double-check that req.user is defined

TokenAuthGuard ensures that req.user is always
defined, but thanks to strict mode we have to check again.

In the future, we may add a custom Request type and
a custom param decorator to centralize the check.

Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
David Mehren 2021-04-29 16:44:27 +02:00
parent ace1b7fad6
commit 16ed12bfd7
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3

View file

@ -94,6 +94,10 @@ export class MediaController {
@UploadedFile() file: MulterFile,
@Headers('HedgeDoc-Note') noteId: string,
): Promise<MediaUploadUrlDto> {
if (!req.user) {
// We should never reach this, as the TokenAuthGuard handles missing user info
throw new InternalServerErrorException('Request did not specify user');
}
const username = req.user.userName;
this.logger.debug(
`Recieved filename '${file.originalname}' for note '${noteId}' from user '${username}'`,
@ -130,6 +134,10 @@ export class MediaController {
@Req() req: Request,
@Param('filename') filename: string,
): Promise<void> {
if (!req.user) {
// We should never reach this, as the TokenAuthGuard handles missing user info
throw new InternalServerErrorException('Request did not specify user');
}
const username = req.user.userName;
try {
this.logger.debug(