Merge branch 'main' into filip-refactor-user-module

Author: sodic

opensaas-sh/app_diff/src/file-upload/operations.ts.diff

@@ -1,8 +1,8 @@
 --- template/app/src/file-upload/operations.ts
 +++ opensaas-sh/app/src/file-upload/operations.ts
-@@ -18,6 +18,18 @@
-     throw new HttpError(401);
-   }
+@@ -25,6 +25,18 @@
+ 
+   const { fileType, fileName } = ensureArgsSchemaOrThrowHttpError(createFileInputSchema, rawArgs);
 
 +  const numberOfFilesByUser = await context.entities.File.count({
 +    where: {
@@ -16,6 +16,6 @@
 +    throw new HttpError(403, 'Thanks for trying Open SaaS. This demo only allows 2 file uploads per user.');
 +  }
 +
-   const userInfo = context.user.id;
- 
-   const { uploadUrl, key } = await getUploadFileSignedURLFromS3({ fileType, userInfo });
+   const { uploadUrl, key } = await getUploadFileSignedURLFromS3({
+     fileType,
+     fileName,

opensaas-sh/app_diff/src/payment/plans.ts.diff

@@ -1,8 +1,8 @@
 --- template/app/src/user/operations.ts
 +++ opensaas-sh/app/src/user/operations.ts
-@@ -38,7 +38,10 @@
-   subscriptionStatus?: SubscriptionStatus[];
+@@ -41,7 +41,10 @@
  };
+ 
  type GetPaginatedUsersOutput = {
 -  users: Pick<User, 'id' | 'email' | 'username' | 'subscriptionStatus' | 'paymentProcessorUserId'>[];
 +  users: Pick<
@@ -12,28 +12,15 @@
    totalPages: number;
  };
 
-@@ -51,8 +54,10 @@
-   }
- 
-   const allSubscriptionStatusOptions = args.subscriptionStatus as Array<string | null> | undefined;
--  const hasNotSubscribed = allSubscriptionStatusOptions?.find((status) => status === null) 
--  let subscriptionStatusStrings = allSubscriptionStatusOptions?.filter((status) => status !== null) as string[] | undefined
-+  const hasNotSubscribed = allSubscriptionStatusOptions?.find((status) => status === null);
-+  let subscriptionStatusStrings = allSubscriptionStatusOptions?.filter((status) => status !== null) as
-+    | string[]
-+    | undefined;
- 
-   const queryResults = await context.entities.User.findMany({
-     skip: args.skip,
-@@ -65,6 +70,7 @@
+@@ -85,6 +88,7 @@
              mode: 'insensitive',
            },
-           isAdmin: args.isAdmin,
+           isAdmin,
 +          isMockUser: true,
          },
          {
            OR: [
-@@ -88,7 +94,7 @@
+@@ -108,7 +112,7 @@
        username: true,
        isAdmin: true,
        subscriptionStatus: true,
@@ -42,10 +29,10 @@
      },
      orderBy: {
        id: 'desc',
-@@ -104,6 +110,7 @@
+@@ -124,6 +128,7 @@
              mode: 'insensitive',
            },
-           isAdmin: args.isAdmin,
+           isAdmin,
 +          isMockUser: true,
          },
          {

opensaas-sh/app_diff/src/user/operations.ts.diff

@@ -1,3 +1,4 @@
+import * as z from 'zod';
 import type { Task, GptResponse } from 'wasp/entities';
 import type {
   GenerateGptResponse,
@@ -10,6 +11,7 @@ import type {
 import { HttpError } from 'wasp/server';
 import { GeneratedSchedule } from './schedule';
 import OpenAI from 'openai';
+import { ensureArgsSchemaOrThrowHttpError } from '../server/validation';
 
 const openai = setupOpenAI();
 function setupOpenAI() {
@@ -20,15 +22,23 @@ function setupOpenAI() {
 }
 
 //#region Actions
-type GptPayload = {
-  hours: string;
-};
 
-export const generateGptResponse: GenerateGptResponse<GptPayload, GeneratedSchedule> = async ({ hours }, context) => {
+const generateGptResponseInputSchema = z.object({
+  hours: z.string().regex(/^\d+(\.\d+)?$/, 'Hours must be a number'),
+});
+
+type GenerateGptResponseInput = z.infer<typeof generateGptResponseInputSchema>;
+
+export const generateGptResponse: GenerateGptResponse<GenerateGptResponseInput, GeneratedSchedule> = async (
+  rawArgs,
+  context
+) => {
   if (!context.user) {
     throw new HttpError(401);
   }
 
+  const { hours } = ensureArgsSchemaOrThrowHttpError(generateGptResponseInputSchema, rawArgs);
+
   const tasks = await context.entities.Task.findMany({
     where: {
       user: {
@@ -181,11 +191,19 @@ export const generateGptResponse: GenerateGptResponse<GptPayload, GeneratedSched
   }
 };
 
-export const createTask: CreateTask<Pick<Task, 'description'>, Task> = async ({ description }, context) => {
+const createTaskInputSchema = z.object({
+  description: z.string().nonempty(),
+});
+
+type CreateTaskInput = z.infer<typeof createTaskInputSchema>;
+
+export const createTask: CreateTask<CreateTaskInput, Task> = async (rawArgs, context) => {
   if (!context.user) {
     throw new HttpError(401);
   }
 
+  const { description } = ensureArgsSchemaOrThrowHttpError(createTaskInputSchema, rawArgs);
+
   const task = await context.entities.Task.create({
     data: {
       description,
@@ -196,11 +214,21 @@ export const createTask: CreateTask<Pick<Task, 'description'>, Task> = async ({
   return task;
 };
 
-export const updateTask: UpdateTask<Partial<Task>, Task> = async ({ id, isDone, time }, context) => {
+const updateTaskInputSchema = z.object({
+  id: z.string().nonempty(),
+  isDone: z.boolean().optional(),
+  time: z.string().optional(),
+});
+
+type UpdateTaskInput = z.infer<typeof updateTaskInputSchema>;
+
+export const updateTask: UpdateTask<UpdateTaskInput, Task> = async (rawArgs, context) => {
   if (!context.user) {
     throw new HttpError(401);
   }
 
+  const { id, isDone, time } = ensureArgsSchemaOrThrowHttpError(updateTaskInputSchema, rawArgs);
+
   const task = await context.entities.Task.update({
     where: {
       id,
@@ -214,11 +242,19 @@ export const updateTask: UpdateTask<Partial<Task>, Task> = async ({ id, isDone,
   return task;
 };
 
-export const deleteTask: DeleteTask<Pick<Task, 'id'>, Task> = async ({ id }, context) => {
+const deleteTaskInputSchema = z.object({
+  id: z.string().nonempty(),
+});
+
+type DeleteTaskInput = z.infer<typeof deleteTaskInputSchema>;
+
+export const deleteTask: DeleteTask<DeleteTaskInput, Task> = async (rawArgs, context) => {
   if (!context.user) {
     throw new HttpError(401);
   }
 
+  const { id } = ensureArgsSchemaOrThrowHttpError(deleteTaskInputSchema, rawArgs);
+
   const task = await context.entities.Task.delete({
     where: {
       id,

template/app/src/demo-ai-app/operations.ts

@@ -2,15 +2,21 @@ import { cn } from '../client/cn';
 import { useState, useEffect, FormEvent } from 'react';
 import type { File } from 'wasp/entities';
 import { useQuery, getAllFilesByUser, getDownloadFileSignedURL } from 'wasp/client/operations';
-import { type FileUploadError, uploadFileWithProgress, validateFile, ALLOWED_FILE_TYPES } from './fileUploading';
+import {
+  type FileWithValidType,
+  type FileUploadError,
+  validateFile,
+  uploadFileWithProgress,
+} from './fileUploading';
+import { ALLOWED_FILE_TYPES } from './validation';
 
 export default function FileUploadPage() {
   const [fileKeyForS3, setFileKeyForS3] = useState<File['key']>('');
   const [uploadProgressPercent, setUploadProgressPercent] = useState<number>(0);
   const [uploadError, setUploadError] = useState<FileUploadError | null>(null);
 
   const allUserFiles = useQuery(getAllFilesByUser, undefined, {
-    // We disable automatic refetching because otherwise files would be refetched after `createFile` is called and the S3 URL is returned, 
+    // We disable automatic refetching because otherwise files would be refetched after `createFile` is called and the S3 URL is returned,
     // which happens before the file is actually fully uploaded. Instead, we manually (re)fetch on mount and after the upload is complete.
     enabled: false,
   });
@@ -64,13 +70,13 @@ export default function FileUploadPage() {
         return;
       }
 
-      const validationError = validateFile(file);
-      if (validationError) {
-        setUploadError(validationError);
+      const fileValidationError = validateFile(file);
+      if (fileValidationError !== null) {
+        setUploadError(fileValidationError);
         return;
       }
 
-      await uploadFileWithProgress({ file, setUploadProgressPercent });
+      await uploadFileWithProgress({ file: file as FileWithValidType, setUploadProgressPercent });
       formElement.reset();
       allUserFiles.refetch();
     } catch (error) {
@@ -117,11 +123,11 @@ export default function FileUploadPage() {
                   <>
                     <span>Uploading {uploadProgressPercent}%</span>
                     <div
-                      role="progressbar"
+                      role='progressbar'
                       aria-valuenow={uploadProgressPercent}
                       aria-valuemin={0}
                       aria-valuemax={100}
-                      className="absolute bottom-0 left-0 h-1 bg-yellow-500 transition-all duration-300 ease-in-out rounded-b-md"
+                      className='absolute bottom-0 left-0 h-1 bg-yellow-500 transition-all duration-300 ease-in-out rounded-b-md'
                       style={{ width: `${uploadProgressPercent}%` }}
                     ></div>
                   </>

template/app/src/file-upload/FileUploadPage.tsx

@@ -1,30 +1,18 @@
 import { Dispatch, SetStateAction } from 'react';
 import { createFile } from 'wasp/client/operations';
 import axios from 'axios';
+import { ALLOWED_FILE_TYPES, MAX_FILE_SIZE } from './validation';
 
+export type FileWithValidType = Omit<File, 'type'> & { type: AllowedFileType };
+type AllowedFileType = (typeof ALLOWED_FILE_TYPES)[number];
 interface FileUploadProgress {
-  file: File;
+  file: FileWithValidType;
   setUploadProgressPercent: Dispatch<SetStateAction<number>>;
 }
 
-export interface FileUploadError {
-  message: string;
-  code: 'NO_FILE' | 'INVALID_FILE_TYPE' | 'FILE_TOO_LARGE' | 'UPLOAD_FAILED';
-}
-
-export const MAX_FILE_SIZE = 5 * 1024 * 1024; // Set this to the max file size you want to allow (currently 5MB).
-export const ALLOWED_FILE_TYPES = [
-  'image/jpeg',
-  'image/png',
-  'application/pdf',
-  'text/*',
-  'video/quicktime',
-  'video/mp4',
-];
-
 export async function uploadFileWithProgress({ file, setUploadProgressPercent }: FileUploadProgress) {
-  const { uploadUrl } = await createFile({ fileType: file.type, name: file.name });
-  return await axios.put(uploadUrl, file, {
+  const { uploadUrl } = await createFile({ fileType: file.type, fileName: file.name });
+  return axios.put(uploadUrl, file, {
     headers: {
       'Content-Type': file.type,
     },
@@ -37,18 +25,29 @@ export async function uploadFileWithProgress({ file, setUploadProgressPercent }:
   });
 }
 
-export function validateFile(file: File): FileUploadError | null {
+export interface FileUploadError {
+  message: string;
+  code: 'NO_FILE' | 'INVALID_FILE_TYPE' | 'FILE_TOO_LARGE' | 'UPLOAD_FAILED';
+}
+
+export function validateFile(file: File) {
   if (file.size > MAX_FILE_SIZE) {
     return {
       message: `File size exceeds ${MAX_FILE_SIZE / 1024 / 1024}MB limit.`,
-      code: 'FILE_TOO_LARGE',
+      code: 'FILE_TOO_LARGE' as const,
     };
   }
-  if (!ALLOWED_FILE_TYPES.includes(file.type)) {
+
+  if (!isAllowedFileType(file.type)) {
     return {
       message: `File type '${file.type}' is not supported.`,
-      code: 'INVALID_FILE_TYPE',
+      code: 'INVALID_FILE_TYPE' as const,
     };
   }
+
   return null;
 }
+
+function isAllowedFileType(fileType: string): fileType is AllowedFileType {
+  return (ALLOWED_FILE_TYPES as readonly string[]).includes(fileType);
+}

template/app/src/file-upload/fileUploading.ts

@@ -1,3 +1,4 @@
+import * as z from 'zod';
 import { HttpError } from 'wasp/server';
 import { type File } from 'wasp/entities';
 import {
@@ -7,24 +8,32 @@ import {
 } from 'wasp/server/operations';
 
 import { getUploadFileSignedURLFromS3, getDownloadFileSignedURLFromS3 } from './s3Utils';
+import { ensureArgsSchemaOrThrowHttpError } from '../server/validation';
+import { ALLOWED_FILE_TYPES } from './validation';
 
-type FileDescription = {
-  fileType: string;
-  name: string;
-};
+const createFileInputSchema = z.object({
+  fileType: z.enum(ALLOWED_FILE_TYPES),
+  fileName: z.string().nonempty(),
+});
+
+type CreateFileInput = z.infer<typeof createFileInputSchema>;
 
-export const createFile: CreateFile<FileDescription, File> = async ({ fileType, name }, context) => {
+export const createFile: CreateFile<CreateFileInput, File> = async (rawArgs, context) => {
   if (!context.user) {
     throw new HttpError(401);
   }
 
-  const userInfo = context.user.id;
+  const { fileType, fileName } = ensureArgsSchemaOrThrowHttpError(createFileInputSchema, rawArgs);
 
-  const { uploadUrl, key } = await getUploadFileSignedURLFromS3({ fileType, userInfo });
+  const { uploadUrl, key } = await getUploadFileSignedURLFromS3({
+    fileType,
+    fileName,
+    userId: context.user.id,
+  });
 
   return await context.entities.File.create({
     data: {
-      name,
+      name: fileName,
       key,
       uploadUrl,
       type: fileType,
@@ -49,9 +58,14 @@ export const getAllFilesByUser: GetAllFilesByUser<void, File[]> = async (_args,
   });
 };
 
-export const getDownloadFileSignedURL: GetDownloadFileSignedURL<{ key: string }, string> = async (
-  { key },
-  _context
-) => {
+const getDownloadFileSignedURLInputSchema = z.object({ key: z.string().nonempty() });
+
+type GetDownloadFileSignedURLInput = z.infer<typeof getDownloadFileSignedURLInputSchema>;
+
+export const getDownloadFileSignedURL: GetDownloadFileSignedURL<
+  GetDownloadFileSignedURLInput,
+  string
+> = async (rawArgs, _context) => {
+  const { key } = ensureArgsSchemaOrThrowHttpError(getDownloadFileSignedURLInputSchema, rawArgs);
   return await getDownloadFileSignedURLFromS3({ key });
 };