nhcarrigan/library
9
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests 54 Actions Releases 3 Activity
Files
7e47e87d85c8b6cfed92dfeec347c20661bd3fdc
library/api/src/app/services/book.service.ts
T
naomi 7e47e87d85
Node.js CI / CI (pull_request) Successful in 1m21s
Details
Security Scan and Upload / Security & DefectDojo Upload (pull_request) Successful in 1m28s
Details
fix: correct enum value in books
2026-02-20 16:43:59 -08:00

223 lines
6.2 KiB
TypeScript
Raw Blame History

/**
* @copyright 2026 NHCarrigan
* @license Naomi's Public License
* @author Naomi Carrigan
*/
import { Book, BookStatus, CreateBookDto, UpdateBookDto } from "@library/shared-types";
import { prisma } from "../lib/prisma";
import {
validateUrl,
validateRating,
validateStringLength,
validateDataUrl,
MAX_LENGTHS,
} from "../utils/validation";
export class BookService {
private prisma = prisma;
constructor() {}
/**
* Validate book data for security.
*/
private validateBookData(data: CreateBookDto | UpdateBookDto): void {
// Validate string lengths
if (!validateStringLength(data.title, MAX_LENGTHS.TITLE)) {
throw new Error(`Title must be ${MAX_LENGTHS.TITLE} characters or less.`);
}
if (!validateStringLength(data.author, MAX_LENGTHS.AUTHOR)) {
throw new Error(`Author must be ${MAX_LENGTHS.AUTHOR} characters or less.`);
}
if (!validateStringLength(data.isbn, MAX_LENGTHS.ISBN)) {
throw new Error(`ISBN must be ${MAX_LENGTHS.ISBN} characters or less.`);
}
if (!validateStringLength(data.notes, MAX_LENGTHS.NOTES)) {
throw new Error(`Notes must be ${MAX_LENGTHS.NOTES} characters or less.`);
}
if (!validateStringLength(data.coverImage, MAX_LENGTHS.URL)) {
throw new Error(`Cover image URL must be ${MAX_LENGTHS.URL} characters or less.`);
}
// Validate rating
if (!validateRating(data.rating)) {
throw new Error("Rating must be an integer between 0 and 10.");
}
if (data.coverImage) {
if (data.coverImage.startsWith("data:")) {
const sizeInBytes = data.coverImage.length * 0.75;
if (sizeInBytes > MAX_LENGTHS.DATA_URL) {
throw new Error("Cover image must be under 5MB.");
}
if (!validateDataUrl(data.coverImage)) {
throw new Error("Invalid image data URL.");
}
} else {
if (!validateStringLength(data.coverImage, MAX_LENGTHS.URL)) {
throw new Error(`Cover image URL must be ${MAX_LENGTHS.URL} characters or less.`);
}
if (!validateUrl(data.coverImage)) {
throw new Error("Invalid cover image URL. Only http and https URLs are allowed.");
}
}
}
// Validate tags
if (data.tags) {
for (const tag of data.tags) {
if (!validateStringLength(tag, MAX_LENGTHS.TAGS)) {
throw new Error(`Each tag must be ${MAX_LENGTHS.TAGS} characters or less.`);
}
}
}
// Validate link URLs
if (data.links) {
for (const link of data.links) {
if (!validateUrl(link.url)) {
throw new Error(`Invalid link URL: ${link.title}. Only http and https URLs are allowed.`);
}
if (!validateStringLength(link.title, MAX_LENGTHS.TITLE)) {
throw new Error(`Link title must be ${MAX_LENGTHS.TITLE} characters or less.`);
}
if (!validateStringLength(link.url, MAX_LENGTHS.URL)) {
throw new Error(`Link URL must be ${MAX_LENGTHS.URL} characters or less.`);
}
}
}
}
/**
* Get all books.
*/
async getAllBooks(): Promise<Book[]> {
const books = await this.prisma.book.findMany({
orderBy: { updatedAt: "desc" },
});
return books.map((book) => ({
...book,
status: book.status as unknown as BookStatus,
dateAdded: book.dateAdded,
dateStarted: book.dateStarted || undefined,
dateFinished: book.dateFinished || undefined,
tags: book.tags ?? [],
links: book.links ?? [],
createdAt: book.createdAt,
updatedAt: book.updatedAt,
}));
}
/**
* Get book by ID.
*/
async getBookById(id: string): Promise<Book | null> {
const book = await this.prisma.book.findUnique({
where: { id },
});
if (!book) return null;
return {
...book,
status: book.status as unknown as BookStatus,
dateAdded: book.dateAdded,
dateStarted: book.dateStarted || undefined,
dateFinished: book.dateFinished || undefined,
tags: book.tags ?? [],
links: book.links ?? [],
createdAt: book.createdAt,
updatedAt: book.updatedAt,
};
}
/**
* Get all books in a series, ordered by seriesOrder.
*/
async getBooksBySeries(seriesName: string): Promise<Book[]> {
const books = await this.prisma.book.findMany({
where: { series: seriesName },
orderBy: { seriesOrder: "asc" },
});
return books.map((book) => ({
...book,
status: book.status as unknown as BookStatus,
dateAdded: book.dateAdded,
dateStarted: book.dateStarted || undefined,
dateFinished: book.dateFinished || undefined,
tags: book.tags ?? [],
links: book.links ?? [],
createdAt: book.createdAt,
updatedAt: book.updatedAt,
}));
}
/**
* Create new book.
*/
async createBook(data: CreateBookDto): Promise<Book> {
// Validate input
this.validateBookData(data);
const book = await this.prisma.book.create({
data: {
...data,
status: data.status.toUpperCase() as any,
},
});
return {
...book,
status: book.status as unknown as BookStatus,
dateAdded: book.dateAdded,
dateStarted: book.dateStarted || undefined,
dateFinished: book.dateFinished || undefined,
tags: book.tags ?? [],
links: book.links ?? [],
createdAt: book.createdAt,
updatedAt: book.updatedAt,
};
}
/**
* Update book by ID.
*/
async updateBook(id: string, data: UpdateBookDto): Promise<Book> {
// Validate input
this.validateBookData(data);
const updateData = { ...data };
if (updateData.status) {
updateData.status = updateData.status.toUpperCase() as any;
}
const book = await this.prisma.book.update({
where: { id },
data: updateData,
});
return {
...book,
status: book.status as unknown as BookStatus,
dateAdded: book.dateAdded,
dateStarted: book.dateStarted || undefined,
dateFinished: book.dateFinished || undefined,
tags: book.tags ?? [],
links: book.links ?? [],
createdAt: book.createdAt,
updatedAt: book.updatedAt,
};
}
/**
* Delete book by ID.
*/
async deleteBook(id: string): Promise<void> {
await this.prisma.book.delete({
where: { id },
});
}
}
Reference in New Issue View Git Blame Copy Permalink