This extracts the note inserted with the get note interceptor into the request to be used by the controller service.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This is necessary, because of the order of operations in nestjs, the validation pipe is not able to get the note as the noteIdOrAlias will be transformed by the get note pipe after the validation did run.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Because the rejection now happens automatically in the permissions guard it does not get to the controller method and does not report the Content-Type to text/markdown
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Because the rejection now happens automatically in the permissions guard it now returns a 403 instead of 401
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit removes all previous calls to the permissions service at the beginning of the controller methods to the permissions guard. This should make the code a bit cleaner and remove boilerplate code.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This guard protects resources and let's users only access them if they hold the correct permission
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This enum makes it possible which permissions a user needs to hold to access a specific resource
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The parameters of the permission checking methods were missing a null value for not set user. This is the case if user is not logged in and operating as guest.
Signed-off-by: Yannick Bungers <git@innay.de>
To make the create method easier to use in conjunction
with the authentication framework, this commit changes the type of
the `owner` parameter from `User | undefined` to `User | null`.
Signed-off-by: David Mehren <git@herrmehren.de>
To make the create method more consistent with the
guidelines,
this commit removes the default value from the `primary` parameter.
Signed-off-by: David Mehren <git@herrmehren.de>
To make the create method more consistent with the
guidelines,
this commit removes the default value from the `syncSource` parameter.
An Identity will be created as sync source,
when the associated account is created using an external provider.
Signed-off-by: David Mehren <git@herrmehren.de>
To make the create method more consistent with the
guidelines, this commit adds the `special` flag to
the parameters.
As this function will only be used to create the two hard-coded groups
and to handle API requests at one or two places, adding the parameter
should not be too problematic.
Signed-off-by: David Mehren <git@herrmehren.de>
This was done to give better typings to the function signatures of entities `create` methods.
It also ensures that each field that should be set to `null` is set to `null` and doesn't leave that up to the typeorm handlers.
See: #1641
Signed-off-by: Philip Molares <philip.molares@udo.edu>
