Feature/improve value redaction interceptor (#1495)

* Improve value redaction interceptor * Update changelog
2022-12-07 17:48:46 +01:00 · 2022-12-07 17:48:46 +01:00 · 2efb331370
commit 2efb331370
parent f521fe99c5
4 changed files with 38 additions and 21 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed
 - Improved the value redaction interceptor (including `comment`)
 - Improved the language localization for Español (`es`)
 - Upgraded `prisma` from version `4.6.1` to `4.7.1`
--- a/apps/api/src/app/order/interfaces/activities.interface.ts
+++ b/apps/api/src/app/order/interfaces/activities.interface.ts
@ -6,5 +6,6 @@ export interface Activities {
 export interface Activity extends OrderWithAccount {
  feeInBaseCurrency: number;
  value: number;
  valueInBaseCurrency: number;
 }
--- a/apps/api/src/app/order/order.controller.ts
+++ b/apps/api/src/app/order/order.controller.ts
@ -1,5 +1,3 @@
 import { UserService } from '@ghostfolio/api/app/user/user.service';
 import { nullifyValuesInObjects } from '@ghostfolio/api/helper/object.helper';
 import { RedactValuesInResponseInterceptor } from '@ghostfolio/api/interceptors/redact-values-in-response.interceptor';
 import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
 import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
@ -39,8 +37,7 @@ export class OrderController {
    private readonly apiService: ApiService,
    private readonly impersonationService: ImpersonationService,
    private readonly orderService: OrderService,
-    @Inject(REQUEST) private readonly request: RequestWithUser,
+    @Inject(REQUEST) private readonly request: RequestWithUser
    private readonly userService: UserService
  ) {}
  @Delete(':id')
@ -87,7 +84,7 @@ export class OrderController {
      );
    const userCurrency = this.request.user.Settings.settings.baseCurrency;
-    let activities = await this.orderService.getOrders({
+    const activities = await this.orderService.getOrders({
      filters,
      userCurrency,
      includeDrafts: true,
@ -95,20 +92,6 @@ export class OrderController {
      withExcludedAccounts: true
    });
    if (
      impersonationUserId ||
      this.userService.isRestrictedView(this.request.user)
    ) {
      activities = nullifyValuesInObjects(activities, [
        'fee',
        'feeInBaseCurrency',
        'quantity',
        'unitPrice',
        'value',
        'valueInBaseCurrency'
      ]);
    }
    return { activities };
  }
--- a/apps/api/src/interceptors/redact-values-in-response.interceptor.ts
+++ b/apps/api/src/interceptors/redact-values-in-response.interceptor.ts
@ -1,4 +1,5 @@
 import { Activity } from '@ghostfolio/api/app/order/interfaces/activities.interface';
 import { UserService } from '@ghostfolio/api/app/user/user.service';
 import {
  CallHandler,
  ExecutionContext,
@ -12,7 +13,7 @@ import { map } from 'rxjs/operators';
 export class RedactValuesInResponseInterceptor<T>
  implements NestInterceptor<T, any>
 {
-  public constructor() {}
+  public constructor(private userService: UserService) {}
  public intercept(
    context: ExecutionContext,
@ -23,7 +24,10 @@ export class RedactValuesInResponseInterceptor<T>
        const request = context.switchToHttp().getRequest();
        const hasImpersonationId = !!request.headers?.['impersonation-id'];
-        if (hasImpersonationId) {
+        if (
          hasImpersonationId ||
          this.userService.isRestrictedView(request.user)
        ) {
          if (data.accounts) {
            for (const accountId of Object.keys(data.accounts)) {
              if (data.accounts[accountId]?.balance !== undefined) {
@ -38,6 +42,34 @@ export class RedactValuesInResponseInterceptor<T>
                activity.Account.balance = null;
              }
              if (activity.comment !== undefined) {
                activity.comment = null;
              }
              if (activity.fee !== undefined) {
                activity.fee = null;
              }
              if (activity.feeInBaseCurrency !== undefined) {
                activity.feeInBaseCurrency = null;
              }
              if (activity.quantity !== undefined) {
                activity.quantity = null;
              }
              if (activity.unitPrice !== undefined) {
                activity.unitPrice = null;
              }
              if (activity.value !== undefined) {
                activity.value = null;
              }
              if (activity.valueInBaseCurrency !== undefined) {
                activity.valueInBaseCurrency = null;
              }
              return activity;
            });
          }