From 604b9916db36569050ba80d2673fb6484818d1cc Mon Sep 17 00:00:00 2001 From: "sweep-ai[bot]" <128439645+sweep-ai[bot]@users.noreply.github.com> Date: Thu, 25 Jan 2024 13:06:48 +0000 Subject: [PATCH 1/2] feat: Updated src/app/components/rack-parts/rack-d --- .../rack-parts/rack-detail-data.service.ts | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/src/app/components/rack-parts/rack-detail-data.service.ts b/src/app/components/rack-parts/rack-detail-data.service.ts index f5b5d168..ee8b206d 100644 --- a/src/app/components/rack-parts/rack-detail-data.service.ts +++ b/src/app/components/rack-parts/rack-detail-data.service.ts @@ -279,7 +279,23 @@ export class RackDetailDataService extends SubManager { // on rack delete, ask for confirmation and delete rack on backend this.deleteRack$ .pipe( - switchMap(x => { + withLatestFrom(this.singleRackData$), + switchMap(([x, rack]) => { + // Authorization and validation check + if (!this.isAuthorizedToDelete(rack) || !this.isValidRackId(rack.id)) { + this.snackBar.open('Unauthorized or invalid rack ID', null, {duration: 2000}); + return throwError('Unauthorized or invalid rack ID'); + } + + // Confirmation dialog update + const data: ConfirmDialogDataInModel = { + title: 'Confirm Deletion', + description: 'Deleting a rack is irreversible.\nAre you absolutely sure you want to delete this rack?', + positive: {label: 'Confirm Delete'}, + negative: {label: 'Cancel'} + }; + + return this.dialog.open(ConfirmDialogComponent, {data, disableClose: true}) const data: ConfirmDialogDataInModel = { title: 'Deletion', From c07cde77076b2fb3307930b35fbde16dfb28708f Mon Sep 17 00:00:00 2001 From: "sweep-ai[bot]" <128439645+sweep-ai[bot]@users.noreply.github.com> Date: Thu, 25 Jan 2024 13:18:14 +0000 Subject: [PATCH 2/2] feat: Updated src/app/components/rack-parts/rack-d --- .../rack-parts/rack-detail-data.service.ts | 30 ++++++++++++++++--- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/src/app/components/rack-parts/rack-detail-data.service.ts b/src/app/components/rack-parts/rack-detail-data.service.ts index ee8b206d..9e83386b 100644 --- a/src/app/components/rack-parts/rack-detail-data.service.ts +++ b/src/app/components/rack-parts/rack-detail-data.service.ts @@ -364,10 +364,18 @@ export class RackDetailDataService extends SubManager { // add module from bottom picker this.addModuleToRack$ .pipe( - switchMap(module => this.backend.add.rackModule( - module.id, - this.singleRackData$.value.id - )), + withLatestFrom(this.userService.loggedUser$, this.singleRackData$), + switchMap(([module, user, rack]) => { + if (!this.isAuthorizedToAddModule(user, rack)) { + this.snackBar.open('Unauthorized to add module to rack', null, {duration: 2000}); + return throwError('Unauthorized to add module to rack'); + } + if (!this.isValidModuleId(module.id) || !this.isValidRackId(rack.id)) { + this.snackBar.open('Invalid module or rack ID', null, {duration: 2000}); + return throwError('Invalid module or rack ID'); + } + return this.backend.add.rackModule(module.id, rack.id); + }), takeUntil(this.destroyEvent$) ) .subscribe(moduleToAdd => { @@ -397,6 +405,20 @@ export class RackDetailDataService extends SubManager { private createNewRackOnBackendForCurrentUser() { return this.backend.add.rack( { +private isAuthorizedToAddModule(user: User, rack: Rack): boolean { + // Replace with actual authorization logic + return user && rack && user.id === rack.author.id; +} + +private isValidModuleId(moduleId: number): boolean { + // Replace with actual validation logic + return typeof moduleId === 'number' && moduleId > 0; +} + +private isValidRackId(rackId: number): boolean { + // Replace with actual validation logic + return typeof rackId === 'number' && rackId > 0; +} authorid: this.backend.getUser().id, name: this.bumpUpVersionInNameOfOfRack(), hp: this.singleRackData$.value.hp,