refactor transaction list query, do not allow user id an only creations as args any more. this query only return the transactions of the logged in user

backend/src/graphql/arg/Paginated.ts

@@ -11,10 +11,4 @@ export default class Paginated {
 
   @Field(() => Order, { nullable: true })
   order?: Order
-
-  @Field(() => Boolean, { nullable: true })
-  onlyCreations?: boolean
-
-  @Field(() => Int, { nullable: true })
-  userId?: number
 }

backend/src/graphql/resolver/TransactionResolver.ts

@@ -17,7 +17,6 @@ import Paginated from '@arg/Paginated'
 
 import { Order } from '@enum/Order'
 
-import { UserRepository } from '@repository/User'
 import { TransactionRepository } from '@repository/Transaction'
 import { TransactionLinkRepository } from '@repository/TransactionLink'
 
@@ -131,22 +130,11 @@ export class TransactionResolver {
   @Query(() => TransactionList)
   async transactionList(
     @Args()
-    {
-      currentPage = 1,
-      pageSize = 25,
-      order = Order.DESC,
-      onlyCreations = false,
-      userId,
-    }: Paginated,
+    { currentPage = 1, pageSize = 25, order = Order.DESC }: Paginated,
     @Ctx() context: any,
   ): Promise<TransactionList> {
     const now = new Date()
-    // find user
-    const userRepository = getCustomRepository(UserRepository)
-    // TODO: separate those usecases - this is a security issue
-    const user = userId
-      ? await userRepository.findOneOrFail({ id: userId }, { withDeleted: true })
-      : await userRepository.findByPubkeyHex(context.pubKey)
+    const user = context.user
 
     // find current balance
     const lastTransaction = await dbTransaction.findOne(
@@ -182,7 +170,6 @@ export class TransactionResolver {
       pageSize,
       offset,
       order,
-      onlyCreations,
     )
 
     // find involved users; I am involved
@@ -208,7 +195,7 @@ export class TransactionResolver {
       await transactionLinkRepository.summary(user.id, now)
 
     // decay & link transactions
-    if (!onlyCreations && currentPage === 1 && order === Order.DESC) {
+    if (currentPage === 1 && order === Order.DESC) {
       transactions.push(
         virtualDecayTransaction(lastTransaction.balance, lastTransaction.balanceDate, now, self),
       )

frontend/src/graphql/queries.js

@@ -43,18 +43,8 @@ export const logout = gql`
 `
 
 export const transactionsQuery = gql`
-  query(
-    $currentPage: Int = 1
-    $pageSize: Int = 25
-    $order: Order = DESC
-    $onlyCreations: Boolean = false
-  ) {
-    transactionList(
-      currentPage: $currentPage
-      pageSize: $pageSize
-      order: $order
-      onlyCreations: $onlyCreations
-    ) {
+  query($currentPage: Int = 1, $pageSize: Int = 25, $order: Order = DESC) {
+    transactionList(currentPage: $currentPage, pageSize: $pageSize, order: $order) {
       balanceGDT
       count
       linkCount