mirror of
https://github.com/wasp-lang/wasp.git
synced 2024-12-30 20:45:47 +03:00
Gave it examples on what to avoid regarding update() and findUnique().
This commit is contained in:
parent
634995792c
commit
4f8a448dc9
@ -109,8 +109,24 @@ generateOperation operationType newProjectDetails entityPlans operationPlan = do
|
|||||||
Also, make sure to use full import statement for `fn:`: `import { getTasks } from "@server/actions.js"`,
|
Also, make sure to use full import statement for `fn:`: `import { getTasks } from "@server/actions.js"`,
|
||||||
don't provide just the file path.
|
don't provide just the file path.
|
||||||
- In NodeJS implementation, you will typically want to check if user is authenticated, by doing `if (!context.user) { throw new HttpError(401) }` at the start of the operation.
|
- In NodeJS implementation, you will typically want to check if user is authenticated, by doing `if (!context.user) { throw new HttpError(401) }` at the start of the operation.
|
||||||
- Don't specify more than one field in the `where` clause of `update()` and `findUnique()` Prisma methods.
|
- DO NOT specify more than one field in the `where` clause of `update()` and `findUnique()` Prisma methods.
|
||||||
Unlike other Prisma methods, these two can accept only one, unique field in their `where` clause.
|
Unlike other Prisma methods, these two can accept only one, unique field in their `where` clause.
|
||||||
|
WRONG:
|
||||||
|
```js
|
||||||
|
const task = await context.entities.Task.findUnique({
|
||||||
|
where: {
|
||||||
|
id: args.id,
|
||||||
|
userId: context.user.id
|
||||||
|
}
|
||||||
|
});
|
||||||
|
```
|
||||||
|
CORRECT:
|
||||||
|
```js
|
||||||
|
const task = await context.entities.Task.findUnique({
|
||||||
|
where: { id: args.id }
|
||||||
|
});
|
||||||
|
if (task.userId !== context.user.id) { throw new HttpError(403) };
|
||||||
|
```
|
||||||
|
|
||||||
${appDescriptionStartMarkerLine}
|
${appDescriptionStartMarkerLine}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user