feat: introduce Joi validation schemas and integrate them across various controllers for categories, lessons, courses, chapters, announcements, and admin course approvals.

2026-02-18 15:59:40 +07:00 · 2026-02-18 15:59:40 +07:00 · b56f604890
commit b56f604890
parent c5aa195b13
14 changed files with 553 additions and 28 deletions
--- a/Backend/src/controllers/AdminCourseApprovalController.ts
+++ b/Backend/src/controllers/AdminCourseApprovalController.ts
@ -1,6 +1,7 @@
 import { Body, Get, Path, Post, Request, Response, Route, Security, SuccessResponse, Tags } from 'tsoa';
 import { ValidationError } from '../middleware/errorHandler';
 import { AdminCourseApprovalService } from '../services/AdminCourseApproval.service';
+import { ApproveCourseValidator, RejectCourseValidator } from '../validators/AdminCourseApproval.validator';
 import {
    ListPendingCoursesResponse,
    GetCourseDetailForAdminResponse,
@ -65,6 +66,13 @@ export class AdminCourseApprovalController {
    ): Promise<ApproveCourseResponse> {
        const token = request.headers.authorization?.replace('Bearer ', '');
        if (!token) throw new ValidationError('No token provided');
+
+        // Validate body if provided
+        if (body) {
+            const { error } = ApproveCourseValidator.validate(body);
+            if (error) throw new ValidationError(error.details[0].message);
+        }
+
        return await AdminCourseApprovalService.approveCourse(token, courseId, body?.comment);
    }

@ -87,6 +95,11 @@ export class AdminCourseApprovalController {
    ): Promise<RejectCourseResponse> {
        const token = request.headers.authorization?.replace('Bearer ', '');
        if (!token) throw new ValidationError('No token provided');
+
+        // Validate body
+        const { error } = RejectCourseValidator.validate(body);
+        if (error) throw new ValidationError(error.details[0].message);
+
        return await AdminCourseApprovalService.rejectCourse(token, courseId, body.comment);
    }
 }