fix: validate request org id existance in guards

2026-02-15 20:30:33 +00:00 · 2025-10-25 15:15:13 +02:00
parent 2b4772a070
commit 1bccba572a
3 changed files with 23 additions and 5 deletions
--- a/packages/server/src/modules/Tenancy/EnsureTenantIsInitialized.guard.ts
+++ b/packages/server/src/modules/Tenancy/EnsureTenantIsInitialized.guard.ts
@@ -18,7 +18,7 @@ export class EnsureTenantIsInitializedGuard implements CanActivate {
  constructor(
    private readonly tenancyContext: TenancyContext,
    private reflector: Reflector,
-  ) {}
+  ) { }

  /**
   * Validate the tenant of the current request is initialized..
@@ -41,6 +41,12 @@ export class EnsureTenantIsInitializedGuard implements CanActivate {
    }
    const tenant = await this.tenancyContext.getTenant();

+    if (!tenant) {
+      throw new UnauthorizedException({
+        message: 'Tenant not found.',
+        errors: [{ type: 'TENANT.NOT.FOUND' }],
+      });
+    }
    if (!tenant?.initializedAt) {
      throw new UnauthorizedException({
        statusCode: 400,
--- a/packages/server/src/modules/Tenancy/EnsureTenantIsSeeded.guards.ts
+++ b/packages/server/src/modules/Tenancy/EnsureTenantIsSeeded.guards.ts
@@ -19,7 +19,7 @@ export class EnsureTenantIsSeededGuard implements CanActivate {
  constructor(
    private readonly tenancyContext: TenancyContext,
    private reflector: Reflector,
-  ) {}
+  ) { }

  /**
   * Validate the tenant of the current request is seeded.
@@ -41,6 +41,12 @@ export class EnsureTenantIsSeededGuard implements CanActivate {
    }
    const tenant = await this.tenancyContext.getTenant();

+    if (!tenant) {
+      throw new UnauthorizedException({
+        message: 'Tenant not found.',
+        errors: [{ type: 'TENANT.NOT.FOUND' }],
+      });
+    }
    if (!tenant.seededAt) {
      throw new UnauthorizedException({
        message: 'Tenant database is not seeded with initial data yet.',
--- a/packages/server/src/modules/Tenancy/TenancyContext.service.ts
+++ b/packages/server/src/modules/Tenancy/TenancyContext.service.ts
@@ -2,6 +2,7 @@ import { Inject, Injectable } from '@nestjs/common';
 import { ClsService } from 'nestjs-cls';
 import { SystemUser } from '../System/models/SystemUser';
 import { TenantModel } from '../System/models/TenantModel';
+import { ServiceError } from '../Items/ServiceError';

@Injectable()
 export class TenancyContext {
@@ -13,14 +14,14 @@ export class TenancyContext {

    @Inject(TenantModel.name)
    private readonly systemTenantModel: typeof TenantModel,
-  ) {}
+  ) { }

  /**
   * Get the current tenant.
   * @param {boolean} withMetadata - If true, the tenant metadata will be fetched.
   * @returns
   */
-  getTenant(withMetadata: boolean = false) {
+  async getTenant(withMetadata: boolean = false) {
    // Get the tenant from the request headers.
    const organizationId = this.cls.get('organizationId');

@@ -32,7 +33,12 @@ export class TenancyContext {
    if (withMetadata) {
      query.withGraphFetched('metadata');
    }
-    return query;
+    const queryResult = await query;
+
+    if (!queryResult) {
+      throw new ServiceError('TENANT_NOT_FOUND', 'Tenant not found');
+    }
+    return queryResult;
  }

  async getTenantMetadata() {