prohibit users from creating cards in another user's decks

2025-12-27 05:09:26 +00:00 · 2023-08-07 15:00:42 +02:00
parent 39cdfffe19
commit 8c5b09889a
3 changed files with 13 additions and 4 deletions
--- a/src/modules/cards/use-cases/delete-card-by-id-use-case.ts
+++ b/src/modules/cards/use-cases/delete-card-by-id-use-case.ts
@@ -1,4 +1,4 @@
-import { BadRequestException, NotFoundException } from '@nestjs/common'
+import { ForbiddenException, NotFoundException } from '@nestjs/common'
 import { CommandHandler, ICommandHandler } from '@nestjs/cqrs'

 import { CardsRepository } from '../infrastructure/cards.repository'
@@ -16,7 +16,7 @@ export class DeleteCardByIdHandler implements ICommandHandler<DeleteCardByIdComm

    if (!card) throw new NotFoundException(`Card with id ${command.id} not found`)
    if (card.userId !== command.userId) {
-      throw new BadRequestException(`You can't delete a card that you don't own`)
+      throw new ForbiddenException(`You can't delete a card that you don't own`)
    }

    await this.cardsRepository.deleteCardById(command.id)
--- a/src/modules/cards/use-cases/update-card-use-case.ts
+++ b/src/modules/cards/use-cases/update-card-use-case.ts
@@ -1,4 +1,4 @@
-import { BadRequestException, NotFoundException } from '@nestjs/common'
+import { ForbiddenException, NotFoundException } from '@nestjs/common'
 import { CommandHandler, ICommandHandler } from '@nestjs/cqrs'

 import { FileUploadService } from '../../../infrastructure/file-upload-service/file-upload.service'
@@ -29,7 +29,7 @@ export class UpdateCardHandler implements ICommandHandler<UpdateCardCommand> {
    if (!card) throw new NotFoundException(`Card with id ${command.cardId} not found`)

    if (card.userId !== command.userId) {
-      throw new BadRequestException(`You can't change a card that you don't own`)
+      throw new ForbiddenException(`You can't change a card that you don't own`)
    }

    let questionImg, answerImg