Nachklang/API
2
0
Fork 0
Code Issues 2 Pull Requests 1 Packages Projects Releases Wiki Activity

Add claude init file + refactor some security issues

Browse Source
This commit is contained in:
Patrick Müller
2026-05-02 12:22:03 +02:00
parent dc65b49219
commit da85d1487c
8 changed files with 177 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/models/calendar/events/events.service.ts
+5 -9
View File
@@ -133,12 +133,13 @@ export const getAllEventsAdmin = async (calendarId: number): Promise<Event[]> =>
export const createEvent = async (event: Event): Promise<number> => {
let conn = await NachklangCalendarDB.getConnection();
try {
await conn.beginTransaction();
let eventUUID = Guid.create().toString();
const eventsQuery = 'INSERT INTO events (calendar_id, uuid, created_by_id) VALUES (?,?,?) RETURNING event_id';
const eventsRes = await conn.execute(eventsQuery, [event.calendarId, eventUUID, event.createdById]);
const versionQuery = 'INSERT INTO event_versions (event_id, name, description, start_datetime, end_datetime, whole_day, repeat_frequency, location, url, status, version_created_by_id) VALUES (?,?,?,?,?,?,?,?,?,?,?);'
const versionRes = await conn.execute(versionQuery, [eventsRes[0].event_id, event.name, event.description, event.startDateTime, event.endDateTime, event.wholeDay, event.repeatFrequency, event.location, event.url, event.status, event.createdById]);
await conn.execute(versionQuery, [eventsRes[0].event_id, event.name, event.description, event.startDateTime, event.endDateTime, event.wholeDay, event.repeatFrequency, event.location, event.url, event.status, event.createdById]);
await conn.commit();
@@ -147,8 +148,6 @@ export const createEvent = async (event: Event): Promise<number> => {
await conn.rollback();
throw err;
} finally {
// Return connection
await conn.commit();
await conn.end();
}
};
@@ -160,6 +159,7 @@ export const createEvent = async (event: Event): Promise<number> => {
export const updateEvent = async (event: Event): Promise<number> => {
let conn = await NachklangCalendarDB.getConnection();
try {
await conn.beginTransaction();
const versionQuery = 'INSERT INTO event_versions (event_id, name, description, start_datetime, end_datetime, whole_day, repeat_frequency, location, url, status, version_created_by_id) VALUES (?,?,?,?,?,?,?,?,?,?,?);'
const versionRes = await conn.execute(versionQuery, [event.eventId, event.name, event.description, event.startDateTime, event.endDateTime, event.wholeDay, event.repeatFrequency, event.location, event.url, event.status, event.createdById]);
@@ -170,8 +170,6 @@ export const updateEvent = async (event: Event): Promise<number> => {
await conn.rollback();
throw err;
} finally {
// Return connection
await conn.commit();
await conn.end();
}
};
@@ -183,6 +181,7 @@ export const updateEvent = async (event: Event): Promise<number> => {
export const deleteEvent = async (event: Event): Promise<boolean> => {
let conn = await NachklangCalendarDB.getConnection();
try {
await conn.beginTransaction();
const versionQuery = 'INSERT INTO event_versions (event_id, status, version_created_by_id) VALUES (?,?,?);'
const versionRes = await conn.execute(versionQuery, [event.eventId, 'DELETED', event.createdById]);
@@ -193,8 +192,6 @@ export const deleteEvent = async (event: Event): Promise<boolean> => {
await conn.rollback();
throw err;
} finally {
// Return connection
await conn.commit();
await conn.end();
}
};
@@ -206,6 +203,7 @@ export const deleteEvent = async (event: Event): Promise<boolean> => {
export const moveEvent = async (event: Event): Promise<boolean> => {
let conn = await NachklangCalendarDB.getConnection();
try {
await conn.beginTransaction();
const eventQuery = 'UPDATE events SET calendar_id = ? WHERE event_id = ?';
const eventRes = await conn.execute(eventQuery, [event.calendarId, event.eventId]);
@@ -216,8 +214,6 @@ export const moveEvent = async (event: Event): Promise<boolean> => {
await conn.rollback();
throw err;
} finally {
// Return connection
await conn.commit();
await conn.end();
}
}