fix: prevent transaction to throw an error

chertik77 · chertik77 · commit 536e8a2bdac9 · 2024-11-27T09:31:18.000Z
diff --git a/app/app.ts b/app/app.ts
@@ -1,7 +1,6 @@
 import type { NextFunction, Request, Response } from 'express'
 
 import express from 'express'
-import cors from 'cors'
 import logger from 'morgan'
 import swaggerUi from 'swagger-ui-express'
 
@@ -34,7 +33,7 @@ app.listen(Number(process.env.PORT) || 5432, () => {
 const appRouter = express.Router()
 
 app.use(logger('dev'))
-app.use(cors({ origin: process.env.ALLOWED_ORIGINS }))
+// app.use(cors({ origin: process.env.ALLOWED_ORIGINS }))
 app.use(express.json())
 app.disable('x-powered-by')
 
diff --git a/app/routes/api/board.ts b/app/routes/api/board.ts
@@ -32,9 +32,7 @@ boardRouter.get(
     const board = await prisma.board.findFirst({
       where: { id: params.boardId, userId: user.id },
       include: {
-        columns: {
-          include: { cards: { orderBy: { order: 'asc' } } }
-        }
+        columns: { include: { cards: { orderBy: { order: 'asc' } } } }
       }
     })
 
diff --git a/app/routes/api/card.ts b/app/routes/api/card.ts
@@ -79,16 +79,27 @@ cardRouter.patch(
   '/:columnId/order',
   validateRequestParams(ColumnParamsSchema),
   validateRequestBody(UpdateCardOrderSchema),
-  async ({ params, body }, res) => {
+  async ({ params, body }, res, next) => {
+    const column = await prisma.column.findFirst({
+      where: { id: params.columnId }
+    })
+
+    if (!column) {
+      return next(createHttpError(404, 'Column not found'))
+    }
+
     const transaction = body.ids.map((id, order) =>
       prisma.card.update({
         where: { id },
         data: { order, columnId: params.columnId }
       })
     )
 
-    const updatedCards = await prisma.$transaction(transaction)
-
-    res.json(updatedCards)
+    try {
+      const updatedCards = await prisma.$transaction(transaction)
+      res.json(updatedCards)
+    } catch {
+      return next(createHttpError(400, 'Invalid order'))
+    }
   }
 )
