From 4104d9ccb25276c85b5363f85e14b3093e64df85 Mon Sep 17 00:00:00 2001 From: Rares Stefan Date: Sat, 8 Apr 2023 21:09:13 +0200 Subject: [PATCH] fix(medusa-plugin-economic,medusa-plugin-mailchimp,medusa-plugin-restock-notification,medusa-plugin-sendgrid,medusa-plugin-wishlist): Temporarily remove payload validation in some plugins (#3763) * Temporarily remove payload validation in some plugins * Add changeset * chore: Remove commented out code * Revert discount generator plugin --------- Co-authored-by: olivermrbl Co-authored-by: Oliver Windall Juhl <59018053+olivermrbl@users.noreply.github.com> --- .changeset/polite-lamps-suffer.md | 10 ++ .../src/api/routes/book-invoice.js | 19 +-- .../src/api/routes/create-draft-invoice.js | 19 +-- .../src/api/routes/subscribe-newsletter.js | 26 +--- .../src/api/routes/add-email.js | 15 +- .../src/api/routes/send-email.js | 34 ++--- .../src/api/store/customers.js | 128 +++++++----------- 7 files changed, 79 insertions(+), 172 deletions(-) create mode 100644 .changeset/polite-lamps-suffer.md diff --git a/.changeset/polite-lamps-suffer.md b/.changeset/polite-lamps-suffer.md new file mode 100644 index 0000000000..74ea5dca34 --- /dev/null +++ b/.changeset/polite-lamps-suffer.md @@ -0,0 +1,10 @@ +--- +"medusa-plugin-discount-generator": patch +"medusa-plugin-economic": patch +"medusa-plugin-mailchimp": patch +"medusa-plugin-restock-notification": patch +"medusa-plugin-sendgrid": patch +"medusa-plugin-wishlist": patch +--- + +fix(plugin-discount-generator,plugin-economic,plugin-mailchimp,plugin-restock-notification,plugin-sendgrid,plugin-wishlist): Temporarily remove payload validation in some plugins diff --git a/packages/medusa-plugin-economic/src/api/routes/book-invoice.js b/packages/medusa-plugin-economic/src/api/routes/book-invoice.js index 2f635d4aaf..c3d8db93d9 100644 --- a/packages/medusa-plugin-economic/src/api/routes/book-invoice.js +++ b/packages/medusa-plugin-economic/src/api/routes/book-invoice.js @@ -1,18 +1,5 @@ export default async (req, res) => { - const schema = Validator.object().keys({ - orderId: Validator.string().required(), - }) - - const { value, error } = schema.validate(req.body) - if (error) { - throw new MedusaError(MedusaError.Types.INVALID_DATA, error.details) - } - - try { - const economicService = req.scope.resolve("economicService") - await economicService.bookEconomicInvoice(value.orderId) - res.sendStatus(200) - } catch (error) { - throw error - } + const economicService = req.scope.resolve("economicService") + await economicService.bookEconomicInvoice(req.body.orderId) + res.sendStatus(200) } diff --git a/packages/medusa-plugin-economic/src/api/routes/create-draft-invoice.js b/packages/medusa-plugin-economic/src/api/routes/create-draft-invoice.js index 0374ca12f3..4a478d3ca9 100644 --- a/packages/medusa-plugin-economic/src/api/routes/create-draft-invoice.js +++ b/packages/medusa-plugin-economic/src/api/routes/create-draft-invoice.js @@ -1,18 +1,5 @@ export default async (req, res) => { - const schema = Validator.object().keys({ - orderId: Validator.string().required(), - }) - - const { value, error } = schema.validate(req.body) - if (error) { - throw new MedusaError(MedusaError.Types.INVALID_DATA, error.details) - } - - try { - const economicService = req.scope.resolve("economicService") - await economicService.draftEconomicInvoice(value.orderId) - res.sendStatus(200) - } catch (error) { - throw error - } + const economicService = req.scope.resolve("economicService") + await economicService.draftEconomicInvoice(req.body.orderId) + res.sendStatus(200) } diff --git a/packages/medusa-plugin-mailchimp/src/api/routes/subscribe-newsletter.js b/packages/medusa-plugin-mailchimp/src/api/routes/subscribe-newsletter.js index 2662ef1f14..4cbeff346a 100644 --- a/packages/medusa-plugin-mailchimp/src/api/routes/subscribe-newsletter.js +++ b/packages/medusa-plugin-mailchimp/src/api/routes/subscribe-newsletter.js @@ -1,22 +1,8 @@ -import { Validator, MedusaError } from "medusa-core-utils" - export default async (req, res) => { - const schema = Validator.object().keys({ - email: Validator.string().required(), - data: Validator.object().default({}), - }) - - const { value, error } = schema.validate(req.body) - if (error) { - throw new MedusaError(MedusaError.Types.INVALID_DATA, error.details) - } - console.log(value) - - try { - const mailchimpService = req.scope.resolve("mailchimpService") - await mailchimpService.subscribeNewsletter(value.email, value.data) - res.sendStatus(200) - } catch (err) { - throw err - } + const mailchimpService = req.scope.resolve("mailchimpService") + await mailchimpService.subscribeNewsletter( + req.body.email, + req.body.data || {} + ) + res.sendStatus(200) } diff --git a/packages/medusa-plugin-restock-notification/src/api/routes/add-email.js b/packages/medusa-plugin-restock-notification/src/api/routes/add-email.js index de8800dcf2..1a2e5c9774 100644 --- a/packages/medusa-plugin-restock-notification/src/api/routes/add-email.js +++ b/packages/medusa-plugin-restock-notification/src/api/routes/add-email.js @@ -1,23 +1,10 @@ -import { Validator, MedusaError } from "medusa-core-utils" - export default async (req, res) => { const { variant_id } = req.params - - const schema = Validator.object().keys({ - email: Validator.string().required(), - }) - - const { value, error } = schema.validate(req.body) - if (error) { - res.status(400).json({ message: error.message }) - return - } - try { const restockNotificationService = req.scope.resolve( "restockNotificationService" ) - await restockNotificationService.addEmail(variant_id, value.email) + await restockNotificationService.addEmail(variant_id, req.body.email) res.sendStatus(201) } catch (err) { res.status(400).json({ message: err.message }) diff --git a/packages/medusa-plugin-sendgrid/src/api/routes/send-email.js b/packages/medusa-plugin-sendgrid/src/api/routes/send-email.js index 0cda9f6a88..314e4a37da 100644 --- a/packages/medusa-plugin-sendgrid/src/api/routes/send-email.js +++ b/packages/medusa-plugin-sendgrid/src/api/routes/send-email.js @@ -1,28 +1,10 @@ -import { Validator, MedusaError } from "medusa-core-utils" - export default async (req, res) => { - const schema = Validator.object().keys({ - template_id: Validator.string().required(), - from: Validator.string().required(), - to: Validator.string().required(), - data: Validator.object().optional().default({}), - }) - - const { value, error } = schema.validate(req.body) - if (error) { - throw new MedusaError(MedusaError.Types.INVALID_DATA, error.details) - } - - try { - const sendgridService = req.scope.resolve("sendgridService") - await sendgridService.sendEmail( - value.template_id, - value.from, - value.to, - value.data - ) - res.sendStatus(200) - } catch (err) { - throw err - } + const sendgridService = req.scope.resolve("sendgridService") + await sendgridService.sendEmail( + req.body.template_id, + req.body.from, + req.body.to, + req.body.data || {} + ) + res.sendStatus(200) } diff --git a/packages/medusa-plugin-wishlist/src/api/store/customers.js b/packages/medusa-plugin-wishlist/src/api/store/customers.js index f9de96f32a..3d54c52c39 100644 --- a/packages/medusa-plugin-wishlist/src/api/store/customers.js +++ b/packages/medusa-plugin-wishlist/src/api/store/customers.js @@ -1,7 +1,7 @@ -import { Router } from "express" import bodyParser from "body-parser" -import { Validator, MedusaError } from "medusa-core-utils" +import { Router } from "express" import jwt from "jsonwebtoken" +import { MedusaError } from "medusa-core-utils" const JWT_SECRET = process.env.JWT_SECRET || "" @@ -9,99 +9,67 @@ export default () => { const app = Router() app.delete("/:id/wishlist", bodyParser.json(), async (req, res) => { - const schema = Validator.object().keys({ - index: Validator.number().required(), + const customerService = req.scope.resolve("customerService") + + let customer = await customerService.retrieve(req.params.id) + const wishlist = (customer.metadata && customer.metadata.wishlist) || [] + + const newWishlist = [...wishlist] + newWishlist.splice(req.body.index, 1) + + customer = await customerService.update(customer.id, { + metadata: { wishlist: newWishlist }, }) - const { value, error } = schema.validate(req.body) - if (error) { - throw new MedusaError(MedusaError.Types.INVALID_DATA, error.details) - } - - try { - const customerService = req.scope.resolve("customerService") - - let customer = await customerService.retrieve(req.params.id) - const wishlist = (customer.metadata && customer.metadata.wishlist) || [] - - const newWishlist = [...wishlist] - newWishlist.splice(value.index, 1) - - customer = await customerService.update(customer.id, { - metadata: { wishlist: newWishlist }, - }) - - res.json({ customer }) - } catch (err) { - throw err - } + res.json({ customer }) }) app.post("/:id/wishlist", bodyParser.json(), async (req, res) => { - const schema = Validator.object().keys({ - variant_id: Validator.string().required(), - quantity: Validator.number().required(), - metadata: Validator.object().optional(), - }) + const lineItemService = req.scope.resolve("lineItemService") + const customerService = req.scope.resolve("customerService") + const regionService = req.scope.resolve("regionService") - const { value, error } = schema.validate(req.body) - if (error) { - throw new MedusaError(MedusaError.Types.INVALID_DATA, error.details) + let customer = await customerService.retrieve(req.params.id) + + const regions = await regionService.list() + if (regions.length) { + const lineItem = await lineItemService.generate( + req.body.variant_id, + regions[0].id, + req.body.quantity, + { metadata: req.body.metadata } + ) + + const wishlist = (customer.metadata && customer.metadata.wishlist) || [] + customer = await customerService.update(customer.id, { + metadata: { wishlist: [...wishlist, lineItem] }, + }) } - try { - const lineItemService = req.scope.resolve("lineItemService") - const customerService = req.scope.resolve("customerService") - const regionService = req.scope.resolve("regionService") - - let customer = await customerService.retrieve(req.params.id) - - const regions = await regionService.list() - if (regions.length) { - const lineItem = await lineItemService.generate( - value.variant_id, - regions[0].id, - value.quantity, - { metadata: value.metadata } - ) - - const wishlist = (customer.metadata && customer.metadata.wishlist) || [] - customer = await customerService.update(customer.id, { - metadata: { wishlist: [...wishlist, lineItem] }, - }) - } - - res.json({ customer }) - } catch (err) { - throw err - } + res.json({ customer }) }) app.post("/:id/wishlist/share-token", bodyParser.json(), async (req, res) => { - try { - const customerService = req.scope.resolve("customerService") + const customerService = req.scope.resolve("customerService") - let customer = await customerService.retrieve(req.params.id) + const customer = await customerService.retrieve(req.params.id) - // check customer has wishlist else throw 400 bad request - if (!customer?.metadata?.wishlist) { - throw new MedusaError( - Medusa.Types.INVALID_DATA, - "Invalid data - Customer doesn't have a wishlist" - ) - } - - const token = jwt.sign( - { - customer_id: customer.id, - }, - JWT_SECRET + // check customer has wishlist else throw 400 bad request + if (!customer?.metadata?.wishlist) { + throw new MedusaError( + MedusaError.Types.INVALID_DATA, + "Invalid data - Customer doesn't have a wishlist" ) - - res.json({ share_token: token }) - } catch (err) { - throw err } + + const token = jwt.sign( + { + customer_id: customer.id, + }, + JWT_SECRET + ) + + res.json({ share_token: token }) }) return app