nucleo000/planilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: restrict id routes

Browse Source
This commit is contained in:
josedario87
2025-06-05 02:29:19 -06:00
parent db91734106
commit 85c51e7355
4 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
api/routes/asistencias/asistencias.js
View File

@@ -15,7 +15,7 @@ router.get('/', async (req, res) => {
}); });
// GET asistencia by ID // GET asistencia by ID
router.get('/:id', async (req, res) => { router.get('/:id(\\d+)', async (req, res) => {
const { id } = req.params; const { id } = req.params;
try { try {
const asistencia = await prisma.asistencia.findUnique({ const asistencia = await prisma.asistencia.findUnique({
@@ -79,7 +79,7 @@ router.post('/', async (req, res) => {
}); });
// PUT actualizar asistencia // PUT actualizar asistencia
router.put('/:id', async (req, res) => { router.put('/:id(\\d+)', async (req, res) => {
const { id } = req.params; const { id } = req.params;
const { const {
empleado_id, empleado_id,
@@ -131,7 +131,7 @@ router.put('/:id', async (req, res) => {
}); });
// DELETE asistencia // DELETE asistencia
router.delete('/:id', async (req, res) => { router.delete('/:id(\\d+)', async (req, res) => {
const { id } = req.params; const { id } = req.params;
try { try {
await prisma.asistencia.delete({ await prisma.asistencia.delete({

6
api/routes/empleados/empleados.js
View File

@@ -19,7 +19,7 @@ router.get('/', async (_req, res) => {
}) })
// ───── GET empleado por ID ───── // ───── GET empleado por ID ─────
router.get('/:id', async (req, res) => { router.get('/:id(\\d+)', async (req, res) => {
const id = BigInt(req.params.id) const id = BigInt(req.params.id)
try { try {
const empleado = await prisma.cliente.findFirst({ where: { id, empleado: true } }) const empleado = await prisma.cliente.findFirst({ where: { id, empleado: true } })
@@ -70,7 +70,7 @@ router.post('/', async (req, res) => {
}) })
// ───── PUT actualizar empleado ───── // ───── PUT actualizar empleado ─────
router.put('/:id', async (req, res) => { router.put('/:id(\\d+)', async (req, res) => {
const id = BigInt(req.params.id) const id = BigInt(req.params.id)
const { const {
name, name,
@@ -115,7 +115,7 @@ router.put('/:id', async (req, res) => {
}) })
// ───── DELETE eliminar empleado ───── // ───── DELETE eliminar empleado ─────
router.delete('/:id', async (req, res) => { router.delete('/:id(\\d+)', async (req, res) => {
const id = BigInt(req.params.id) const id = BigInt(req.params.id)
try { try {
const existe = await prisma.cliente.findFirst({ where: { id, empleado: true } }) const existe = await prisma.cliente.findFirst({ where: { id, empleado: true } })

4
api/routes/planillas/planillas.js
View File

@@ -151,7 +151,7 @@ router.post('/', async (req, res) => {
}); });
// PUT update planilla by ID // PUT update planilla by ID
router.put('/:id', async (req, res) => { router.put('/:id(\\d+)', async (req, res) => {
const { id } = req.params; const { id } = req.params;
const { const {
empleado_id, empleado_id,
@@ -195,7 +195,7 @@ router.put('/:id', async (req, res) => {
}); });
// DELETE planilla by ID // DELETE planilla by ID
router.delete('/:id', async (req, res) => { router.delete('/:id(\\d+)', async (req, res) => {
const { id } = req.params; const { id } = req.params;
try { try {
log('delete planilla', id); log('delete planilla', id);

6
api/routes/tareas/tareas.js
View File

@@ -15,7 +15,7 @@ router.get('/', async (req, res) => {
}); });
// GET tarea by ID // GET tarea by ID
router.get('/:id', async (req, res) => { router.get('/:id(\\d+)', async (req, res) => {
const { id } = req.params; const { id } = req.params;
try { try {
const tarea = await prisma.tareaRealizada.findUnique({ const tarea = await prisma.tareaRealizada.findUnique({
@@ -89,7 +89,7 @@ router.post('/', async (req, res) => {
}); });
// PUT update tarea by ID // PUT update tarea by ID
router.put('/:id', async (req, res) => { router.put('/:id(\\d+)', async (req, res) => {
const { id } = req.params; const { id } = req.params;
const { const {
empleado_id, empleado_id,
@@ -143,7 +143,7 @@ router.put('/:id', async (req, res) => {
}); });
// DELETE tarea by ID // DELETE tarea by ID
router.delete('/:id', async (req, res) => { router.delete('/:id(\\d+)', async (req, res) => {
const { id } = req.params; const { id } = req.params;
try { try {
await prisma.tareaRealizada.delete({ await prisma.tareaRealizada.delete({