feat: domain exceptions admin auth asset validation owner nfts#374
Merged
Conversation
…ptions-admin-auth-asset-validation-owner-nfts
- Add custom error classes extending HttpException for better error discrimination: - SorobanContractError (ContractError) for contract execution failures - SorobanRpcError (SorobanRpcError) for RPC service issues - InsufficientBalanceError (InsufficientBalanceError) for balance errors - InvalidSignatureError (InvalidSignatureError) for signature validation - TransactionFailedError (TransactionFailedError) for transaction failures - Update withRetry helper to preserve HttpException types when re-throwing - Replace handleContractError with proper domain-specific exception mapping - Add proper error logging before throwing domain exceptions - Wrap getEventsSince error handling with typed exception mapping - Remove all throw new Error() statements in favor of HttpException subclasses - Export error classes for use in other modules This ensures StellarErrorInterceptor can properly map errors using ERROR_MAP based on error names, returning correct HTTP status codes and error codes.
…xception - Replace PaymentRequiredException with HttpException(402) as it doesn't exist in @nestjs/common - Add HttpException to imports for InsufficientBalanceError - Remove duplicate export block at bottom of file (classes already exported at top) - Fix TypeScript compilation errors (TS2305, TS2323, TS2484)
- Add GqlRolesGuard for GraphQL-specific role-based authorization - Add role field to GraphqlUser interface and JWT strategy - Update JwtStrategy to include role and stellarAddress from payload - Update GqlAuthGuard handleRequest to preserve role in user object - Apply @roles(ADMIN, MODERATOR) to salesAnalytics query - Remove TODO comment and implement proper admin authorization - Add security audit logging for unauthorized access attempts - Fix handleRequest signature with missing context parameter - Improve type safety in GqlRolesGuard with RequestUser interface
…agement - Add supported_assets_key helper function for persistent storage - Initialize empty asset whitelist during contract initialization - Add get_supported_assets view function to query whitelist - Add add_supported_asset admin function with duplicate detection - Add remove_supported_asset admin function with existence check - Replace empty Vec with storage-backed whitelist in create_sale - Replace empty Vec with storage-backed whitelist in create_auction - Replace empty Vec with storage-backed whitelist in create_bundle - Enforce asset validation against admin-managed whitelist
- Add NFT types (NFT, NFTAttribute, NFTPaginationResponse, NFTQueryParams) - Create NFTService with getOwnerNFTs and getNFT methods - Implement NFTGrid component with loading, empty, and error states - Build full My NFTs page with pagination, search, and wallet integration - Add user support to wallet store with WalletUser interface - Add convenience selectors for wallet store access - Replace placeholder Coming Soon page with fully functional NFT gallery - Include debounced search, pagination controls, and responsive grid layout
- Add asset to supported assets list before creating bundle - Register NFT contract in test setup - Use proper asset variable instead of underscore - Add newline at end of settlement_core.rs
|
@titilayo967 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implement domain exceptions, admin authorization, asset validation, and owner NFT integration
Overview
This PR replaces generic Error throws with domain-specific exceptions in marketplace-settlement, implements real admin authorization checks in GraphQL resolvers, enforces asset whitelist validation in smart contracts, and integrates owner NFT fetching with pagination.
Changes
Domain Exceptions in Marketplace Settlement (#294)
throw new Error()statements with typed NestJS HttpException subclassescodefield for client-side handlingAdmin Authorization in Order Resolver (#293)
@Roles(UserRole.ADMIN, UserRole.MODERATOR)decorator to salesAnalytics resolverReal Asset Validation in Smart Contract (#242)
My NFTs Integration (#221)
Files Added
Files Modified
Closes #294
Closes #293
Closes #242
Closes #221