IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor transaction list query, do not allow user id an only creations as args any more. this query only return the transactions of the logged in user

Browse Source
This commit is contained in:
Moriz Wahl 2022-03-17 10:46:29 +01:00
parent b44ef71756
commit 577ca00c46
3 changed files with 5 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
backend/src/graphql/arg/Paginated.ts
View File

@ -11,10 +11,4 @@ export default class Paginated {
@Field(() => Order, { nullable: true }) @Field(() => Order, { nullable: true })
order?: Order order?: Order
@Field(() => Boolean, { nullable: true })
onlyCreations?: boolean
@Field(() => Int, { nullable: true })
userId?: number
} }

19
backend/src/graphql/resolver/TransactionResolver.ts
View File

@ -17,7 +17,6 @@ import Paginated from '@arg/Paginated'
import { Order } from '@enum/Order' import { Order } from '@enum/Order'
import { UserRepository } from '@repository/User'
import { TransactionRepository } from '@repository/Transaction' import { TransactionRepository } from '@repository/Transaction'
import { TransactionLinkRepository } from '@repository/TransactionLink' import { TransactionLinkRepository } from '@repository/TransactionLink'
@ -131,22 +130,11 @@ export class TransactionResolver {
@Query(() => TransactionList) @Query(() => TransactionList)
async transactionList( async transactionList(
@Args() @Args()
{ { currentPage = 1, pageSize = 25, order = Order.DESC }: Paginated,
currentPage = 1,
pageSize = 25,
order = Order.DESC,
onlyCreations = false,
userId,
}: Paginated,
@Ctx() context: any, @Ctx() context: any,
): Promise<TransactionList> { ): Promise<TransactionList> {
const now = new Date() const now = new Date()
// find user const user = context.user
const userRepository = getCustomRepository(UserRepository)
// TODO: separate those usecases - this is a security issue
const user = userId
? await userRepository.findOneOrFail({ id: userId }, { withDeleted: true })
: await userRepository.findByPubkeyHex(context.pubKey)
// find current balance // find current balance
const lastTransaction = await dbTransaction.findOne( const lastTransaction = await dbTransaction.findOne(
@ -182,7 +170,6 @@ export class TransactionResolver {
pageSize, pageSize,
offset, offset,
order, order,
onlyCreations,
) )
// find involved users; I am involved // find involved users; I am involved
@ -208,7 +195,7 @@ export class TransactionResolver {
await transactionLinkRepository.summary(user.id, now) await transactionLinkRepository.summary(user.id, now)
// decay & link transactions // decay & link transactions
if (!onlyCreations && currentPage === 1 && order === Order.DESC) { if (currentPage === 1 && order === Order.DESC) {
transactions.push( transactions.push(
virtualDecayTransaction(lastTransaction.balance, lastTransaction.balanceDate, now, self), virtualDecayTransaction(lastTransaction.balance, lastTransaction.balanceDate, now, self),
) )

14
frontend/src/graphql/queries.js
View File

@ -43,18 +43,8 @@ export const logout = gql`
` `
export const transactionsQuery = gql` export const transactionsQuery = gql`
query( query($currentPage: Int = 1, $pageSize: Int = 25, $order: Order = DESC) {
$currentPage: Int = 1 transactionList(currentPage: $currentPage, pageSize: $pageSize, order: $order) {
$pageSize: Int = 25
$order: Order = DESC
$onlyCreations: Boolean = false
) {
transactionList(
currentPage: $currentPage
pageSize: $pageSize
order: $order
onlyCreations: $onlyCreations
) {
balanceGDT balanceGDT
count count
linkCount linkCount