From 58503ed85a7b92c44261b4590c69e733a1f97cb2 Mon Sep 17 00:00:00 2001
From: Alan Le Ruyet <alan.leruyet@free.fr>
Date: Mon, 18 Dec 2023 18:38:19 +0100
Subject: [PATCH] fix: somes sec fixes (#927)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fix: ressource inutile ici

* fix: destructuration à revoir

* chore: cleaning
---
 server/src/services/formulaire.service.ts | 2 +-
 shared/routes/formulaire.route.ts         | 4 +---
 shared/routes/v1Jobs.routes.ts            | 2 +-
 3 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/server/src/services/formulaire.service.ts b/server/src/services/formulaire.service.ts
index 01e4a026cb..06217976cc 100644
--- a/server/src/services/formulaire.service.ts
+++ b/server/src/services/formulaire.service.ts
@@ -69,7 +69,7 @@ export const getOffreAvecInfoMandataire = async (id: string | ObjectId): Promise
  * @param {number} payload.limit
  */
 export const getFormulaires = async (query: FilterQuery<IRecruiter>, select: object, { page, limit }: { page?: number; limit?: number }) => {
-  const response = await Recruiter.paginate({ query, ...select, page, limit, lean: true })
+  const response = await Recruiter.paginate({ query, select, page, limit, lean: true })
 
   return {
     pagination: {
diff --git a/shared/routes/formulaire.route.ts b/shared/routes/formulaire.route.ts
index 09184344b6..4da7a973d5 100644
--- a/shared/routes/formulaire.route.ts
+++ b/shared/routes/formulaire.route.ts
@@ -34,9 +34,7 @@ export const zFormulaireRoute = {
       securityScheme: {
         auth: "access-token",
         access: null,
-        resources: {
-          recruiter: [{ establishment_id: { type: "params", key: "establishment_id" } }],
-        },
+        resources: {},
       },
     },
     "/formulaire/offre/f/:jobId": {
diff --git a/shared/routes/v1Jobs.routes.ts b/shared/routes/v1Jobs.routes.ts
index 86c4a2fd04..bc7edc7f0d 100644
--- a/shared/routes/v1Jobs.routes.ts
+++ b/shared/routes/v1Jobs.routes.ts
@@ -61,7 +61,7 @@ export const zV1JobsRoutes = {
     "/v1/jobs/bulk": {
       method: "get",
       path: "/v1/jobs/bulk",
-      // TODO_SECURITY_FIX il faut faire quelque chose car sinon nous allons claquer des fesses
+      // TODO_SECURITY_FIX
       querystring: z
         .object({
           query: z