chingu-x · cherylli · Feb 16, 2025 · Dec 7, 2024 · Dec 7, 2024 · Dec 8, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,6 +14,12 @@
 > PATCH version when you make backward compatible bug fixes <br/>
 
 ## [Unreleased]
+
+
+### Added
+- Added version release link to Swagger docs ([#218](https://github.com/chingu-x/chingu-dashboard-be/pull/231))
+
+### Changed
 - Updated readme for installation part ([#225])(https://github.com/chingu-x/chingu-dashboard-be/pull/225)
 - Updated nestjs packages to latest version ([#233])(https://github.com/chingu-x/chingu-dashboard-be/pull/233)
 - Refactoring of email service + unit tests ([#232](https://github.com/chingu-x/chingu-dashboard-be/pull/232))
@@ -24,6 +30,7 @@
 ### Changed
 
 ### Fixed
+- Bug when user attempts to access a non-public endpoint after database reseed ([#230])(https://github.com/chingu-x/chingu-dashboard-be/pull/230)
 
 
 - fixed POST voyages/teams/{teamId}/techs bug , verify that categoryId is owned by correct team ([#229](https://github.com/chingu-x/chingu-dashboard-be/pull/229))
@@ -60,6 +67,7 @@
 
 ### Fixed
 
+
 ### Removed
 
 ## [v1.0.2-alpha]

diff --git a/src/auth/strategies/at.strategy.ts b/src/auth/strategies/at.strategy.ts
@@ -34,20 +34,24 @@ export class AtStrategy extends PassportStrategy(Strategy, "jwt-at") {
     }
 
     async validate(payload: any) {
-        const userInDb = await this.usersService.getUserRolesById(payload.sub);
+        //Get user roles
+        const userRoles = await this.usersService.getUserRolesById(payload.sub);
 
         // Note: Update global/types/CustomRequest when updating this
-        return {
-            userId: payload.sub,
-            email: payload.email,
-            roles: userInDb.roles,
-            isVerified: userInDb.emailVerified,
-            voyageTeams: userInDb.voyageTeamMembers?.map((t) => {
-                return {
-                    teamId: t.voyageTeamId,
-                    memberId: t.id,
-                };
-            }),
-        };
+        //Check if userRoles actually returns user details before returning
+        if (userRoles) {
+            return {
+                userId: payload.sub,
+                email: payload.email,
+                roles: userRoles.roles,
+                isVerified: userRoles.emailVerified,
+                voyageTeams: userRoles.voyageTeamMembers?.map((t) => {
+                    return {
+                        teamId: t.voyageTeamId,
+                        memberId: t.id,
+                    };
+                }),
+            };
+        }
     }
 }
diff --git a/src/users/users.service.spec.ts b/src/users/users.service.spec.ts
@@ -99,7 +99,7 @@ describe("UsersService", () => {
         it("should be defined", () => {
             expect(usersService.getUserRolesById).toBeDefined();
         });
-        it("should return user roles by id", async () => {
+        it("should return user roles by id when user exists", async () => {
             const userWithRoles = {
                 ...userOne,
                 roles: [{ role: { name: "admin" } }],
@@ -119,6 +119,23 @@ describe("UsersService", () => {
                 },
             });
         });
+        it("should return undefined if userId does not exist", async () => {
+            prismaMock.user.findUnique.mockResolvedValue(null);
+            const result =
+                await usersService.getUserRolesById("inexistentUserId");
+            expect(result).toBeUndefined();
+            expect(formatUserSpy).not.toHaveBeenCalledWith();
+            expect(prismaMock.user.findUnique).toHaveBeenCalledWith({
+                where: { id: "inexistentUserId" },
+                select: {
+                    roles: { select: { role: { select: { name: true } } } },
+                    voyageTeamMembers: {
+                        select: { id: true, voyageTeamId: true },
+                    },
+                    emailVerified: true,
+                },
+            });
+        });
     });
     describe("findAll", () => {
         it("should be defined", () => {

diff --git a/src/users/users.service.ts b/src/users/users.service.ts
@@ -34,31 +34,33 @@ export class UsersService {
     }
 
     async getUserRolesById(userId: string) {
-        return this.formatUser(
-            await this.prisma.user.findUnique({
-                where: {
-                    id: userId,
-                },
-                select: {
-                    roles: {
-                        select: {
-                            role: {
-                                select: {
-                                    name: true,
-                                },
+        //Return user roles only when userDd actually exists
+        const user = await this.prisma.user.findUnique({
+            where: {
+                id: userId,
+            },
+            select: {
+                roles: {
+                    select: {
+                        role: {
+                            select: {
+                                name: true,
                             },
                         },
                     },
-                    voyageTeamMembers: {
-                        select: {
-                            id: true,
-                            voyageTeamId: true,
-                        },
+                },
+                voyageTeamMembers: {
+                    select: {
+                        id: true,
+                        voyageTeamId: true,
                     },
-                    emailVerified: true,
                 },
-            }),
-        );
+                emailVerified: true,
+            },
+        });
+        if (user) {
+            return this.formatUser(user);
+        }
     }
 
     async findAll() {