Skip to content

Commit 5397b70

Browse files
joshunraujoshunrau
committed
fix: omit hashedPassword for all user results
1 parent 1abe60e commit 5397b70

File tree

1 file changed

+21
-0
lines changed

1 file changed

+21
-0
lines changed

apps/api/src/users/users.service.ts

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,12 +58,18 @@ export class UsersService {
5858
lastName,
5959
sex,
6060
username: username
61+
},
62+
omit: {
63+
hashedPassword: true
6164
}
6265
});
6366
}
6467

6568
async deleteById(id: string, { ability }: EntityOperationOptions = {}) {
6669
return this.userModel.delete({
70+
omit: {
71+
hashedPassword: true
72+
},
6773
where: { AND: [accessibleQuery(ability, 'delete', 'User')], id }
6874
});
6975
}
@@ -72,12 +78,18 @@ export class UsersService {
7278
async deleteByUsername(username: string, { ability }: EntityOperationOptions = {}) {
7379
const user = await this.findByUsername(username);
7480
return this.userModel.delete({
81+
omit: {
82+
hashedPassword: true
83+
},
7584
where: { AND: [accessibleQuery(ability, 'delete', 'User')], id: user.id }
7685
});
7786
}
7887

7988
async find({ groupId }: { groupId?: string } = {}, { ability }: EntityOperationOptions = {}) {
8089
return this.userModel.findMany({
90+
omit: {
91+
hashedPassword: true
92+
},
8193
where: {
8294
AND: [accessibleQuery(ability, 'read', 'User'), { groupIds: groupId ? { has: groupId } : undefined }]
8395
}
@@ -86,6 +98,9 @@ export class UsersService {
8698

8799
async findById(id: string, { ability }: EntityOperationOptions = {}) {
88100
const user = await this.userModel.findFirst({
101+
omit: {
102+
hashedPassword: true
103+
},
89104
where: { AND: [accessibleQuery(ability, 'read', 'User')], id }
90105
});
91106
if (!user) {
@@ -97,6 +112,9 @@ export class UsersService {
97112
async findByUsername(username: string, { ability }: EntityOperationOptions = {}) {
98113
const user = await this.userModel.findFirst({
99114
include: { groups: true },
115+
omit: {
116+
hashedPassword: true
117+
},
100118
where: { AND: [accessibleQuery(ability, 'read', 'User'), { username }] }
101119
});
102120
if (!user) {
@@ -113,6 +131,9 @@ export class UsersService {
113131
connect: groupIds?.map((id) => ({ id }))
114132
}
115133
},
134+
omit: {
135+
hashedPassword: true
136+
},
116137
where: { AND: [accessibleQuery(ability, 'update', 'User')], id }
117138
});
118139
}

0 commit comments

Comments
 (0)