feat: checkNoteIdOrAlias in more alias service methods

This should prevent any interaction by a forbidden id Signed-off-by: Philip Molares <philip.molares@udo.edu>
2025-06-06 09:31:35 -04:00 · 2022-02-06 22:09:22 +01:00 · 2022-02-06 22:09:22 +01:00 · c891a95588
commit c891a95588
parent 6269c7f7bc
4 changed files with 17 additions and 17 deletions
--- a/src/api/public/alias/alias.controller.ts
+++ b/src/api/public/alias/alias.controller.ts
@ -16,11 +16,11 @@ import {
  UseGuards,
 } from '@nestjs/common';
 import {
+  ApiBadRequestResponse,
  ApiNoContentResponse,
  ApiOkResponse,
  ApiSecurity,
  ApiTags,
-  ApiUnprocessableEntityResponse,
 } from '@nestjs/swagger';

 import { TokenAuthGuard } from '../../../auth/token.strategy';
@ -32,7 +32,7 @@ import { AliasService } from '../../../notes/alias.service';
 import { NotesService } from '../../../notes/notes.service';
 import { PermissionsService } from '../../../permissions/permissions.service';
 import { User } from '../../../users/user.entity';
-import { unprocessableEntityDescription } from '../../utils/descriptions';
+import { badRequestDescription } from '../../utils/descriptions';
 import { FullApi } from '../../utils/fullapi-decorator';
 import { RequestUser } from '../../utils/request-user.decorator';

@ -103,8 +103,8 @@ export class AliasController {
    description: 'The alias was deleted',
  })
  @FullApi
-  @ApiUnprocessableEntityResponse({
-    description: unprocessableEntityDescription,
+  @ApiBadRequestResponse({
+    description: badRequestDescription,
  })
  async removeAlias(
    @RequestUser() user: User,