@chevre/domain 21.20.0-alpha.75 → 21.20.0-alpha.76
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -114,7 +114,7 @@ function authorize(params) {
|
|
|
114
114
|
exports.authorize = authorize;
|
|
115
115
|
function validateCreateRequest(params) {
|
|
116
116
|
return (repos) => __awaiter(this, void 0, void 0, function* () {
|
|
117
|
-
var _a, _b;
|
|
117
|
+
var _a, _b, _c;
|
|
118
118
|
const transaction = yield repos.transaction.findInProgressById({
|
|
119
119
|
typeOf: factory.transactionType.PlaceOrder,
|
|
120
120
|
id: params.transaction.id
|
|
@@ -122,7 +122,11 @@ function validateCreateRequest(params) {
|
|
|
122
122
|
if (transaction.agent.id !== params.agent.id) {
|
|
123
123
|
throw new factory.errors.Forbidden('Transaction not yours');
|
|
124
124
|
}
|
|
125
|
-
|
|
125
|
+
// クライアント検証(2024-02-07~)
|
|
126
|
+
if (((_a = transaction.object.clientUser) === null || _a === void 0 ? void 0 : _a.client_id) !== params.store.id) {
|
|
127
|
+
throw new factory.errors.Forbidden('client not match that of the transaction');
|
|
128
|
+
}
|
|
129
|
+
if (typeof ((_b = params.object.reservationFor) === null || _b === void 0 ? void 0 : _b.id) !== 'string' || params.object.reservationFor.id.length === 0) {
|
|
126
130
|
throw new factory.errors.ArgumentNull('object.reservationFor.id');
|
|
127
131
|
}
|
|
128
132
|
// イベント取得属性最適化(2023-01-23~)
|
|
@@ -130,7 +134,7 @@ function validateCreateRequest(params) {
|
|
|
130
134
|
const event = yield repos.event.findMinimizedIndividualEventById({
|
|
131
135
|
id: params.object.reservationFor.id
|
|
132
136
|
});
|
|
133
|
-
let offeredThrough = (
|
|
137
|
+
let offeredThrough = (_c = event.offers) === null || _c === void 0 ? void 0 : _c.offeredThrough;
|
|
134
138
|
if (offeredThrough === undefined) {
|
|
135
139
|
offeredThrough = { typeOf: 'WebAPI', identifier: factory.service.webAPI.Identifier.Chevre };
|
|
136
140
|
}
|
|
@@ -38,6 +38,12 @@ export declare function authorize(params: {
|
|
|
38
38
|
transaction: {
|
|
39
39
|
id: string;
|
|
40
40
|
};
|
|
41
|
+
store: {
|
|
42
|
+
/**
|
|
43
|
+
* 販売アプリケーションID
|
|
44
|
+
*/
|
|
45
|
+
id: string;
|
|
46
|
+
};
|
|
41
47
|
result: {
|
|
42
48
|
requestBody: factory.action.authorize.offer.eventService.IRequestBody<WebAPIIdentifier.COA>;
|
|
43
49
|
responseBody: factory.action.authorize.offer.eventService.IResponseBody<WebAPIIdentifier.COA>;
|
|
@@ -22,6 +22,7 @@ exports.WebAPIIdentifier = factory.service.webAPI.Identifier;
|
|
|
22
22
|
function authorize(params) {
|
|
23
23
|
// tslint:disable-next-line:max-func-body-length
|
|
24
24
|
return (repos) => __awaiter(this, void 0, void 0, function* () {
|
|
25
|
+
var _a;
|
|
25
26
|
const transaction = yield repos.transaction.findInProgressById({
|
|
26
27
|
typeOf: factory.transactionType.PlaceOrder,
|
|
27
28
|
id: params.transaction.id
|
|
@@ -29,6 +30,10 @@ function authorize(params) {
|
|
|
29
30
|
if (transaction.agent.id !== params.agent.id) {
|
|
30
31
|
throw new factory.errors.Forbidden('Transaction not yours');
|
|
31
32
|
}
|
|
33
|
+
// クライアント検証(2024-02-07~)
|
|
34
|
+
if (((_a = transaction.object.clientUser) === null || _a === void 0 ? void 0 : _a.client_id) !== params.store.id) {
|
|
35
|
+
throw new factory.errors.Forbidden('client not match that of the transaction');
|
|
36
|
+
}
|
|
32
37
|
let screeningEvent;
|
|
33
38
|
let acceptedOffers;
|
|
34
39
|
const pendingTransaction = {
|
package/package.json
CHANGED