From 064e116e2c016622f43797dc4da1689c3eb5f412 Mon Sep 17 00:00:00 2001
From: bhavanakarwade <bhavana.karwade@ayanworks.com>
Date: Tue, 6 Feb 2024 17:12:54 +0530
Subject: [PATCH 1/2] resolved imageurl issue

Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
---
 apps/api-gateway/src/connection/dtos/connection.dto.ts | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/apps/api-gateway/src/connection/dtos/connection.dto.ts b/apps/api-gateway/src/connection/dtos/connection.dto.ts
index b8733f149..a24fb116b 100644
--- a/apps/api-gateway/src/connection/dtos/connection.dto.ts
+++ b/apps/api-gateway/src/connection/dtos/connection.dto.ts
@@ -19,7 +19,7 @@ export class CreateConnectionDto {
     @ApiPropertyOptional()
     @IsOptional()
     @IsNotEmpty({ message: 'please provide valid imageUrl' })
-    @IsUrl({}, { message: 'Invalid imageUrl format' })
+    @IsString({ message: 'imageUrl must be a string' })
     imageUrl: string;
 
     @ApiPropertyOptional()
@@ -141,7 +141,6 @@ class ReceiveInvitationCommonDto {
     @IsOptional()
     @IsString({ message: 'imageUrl must be a string' })
     @IsNotEmpty({ message: 'please provide valid imageUrl' })
-    @IsUrl({}, { message: 'Invalid imageUrl format' })
     imageUrl: string;
 
     @ApiPropertyOptional()
@@ -175,7 +174,7 @@ export class ReceiveInvitationUrlDto extends ReceiveInvitationCommonDto {
     @IsOptional()
     @IsString({ message: 'invitationUrl must be a string' })
     @IsNotEmpty({ message: 'please provide valid invitationUrl' })
-    @IsUrl({}, { message: 'Invalid imageUrl format' })
+    @IsUrl({}, { message: 'Invalid invitationUrl format' })
     invitationUrl: string;
 }
 
@@ -261,7 +260,6 @@ class InvitationDto {
     @IsString()
     @IsOptional()
     @IsNotEmpty({ message: 'please provide valid imageUrl' })
-    @IsUrl({}, { message: 'Invalid imageUrl format' })
     imageUrl?: string;
 }
 

From 622a1b92bbf036983f4ec549c2ebb6443fbac24a Mon Sep 17 00:00:00 2001
From: bhavanakarwade <bhavana.karwade@ayanworks.com>
Date: Tue, 6 Feb 2024 17:17:06 +0530
Subject: [PATCH 2/2] resolved imageurl issue

Signed-off-by: bhavanakarwade <bhavana.karwade@ayanworks.com>
---
 .../src/authz/guards/org-roles.guard.ts        |  8 +++++++-
 .../src/connection/dtos/connection.dto.ts      |  2 ++
 libs/common/src/response-messages/index.ts     | 18 +++++++++---------
 3 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/apps/api-gateway/src/authz/guards/org-roles.guard.ts b/apps/api-gateway/src/authz/guards/org-roles.guard.ts
index 335781682..b4e71fb26 100644
--- a/apps/api-gateway/src/authz/guards/org-roles.guard.ts
+++ b/apps/api-gateway/src/authz/guards/org-roles.guard.ts
@@ -81,6 +81,12 @@ export class OrgRolesGuard implements CanActivate {
       throw new HttpException('organization is required', HttpStatus.BAD_REQUEST);
     }
 
-    return requiredRoles.some((role) => user.selectedOrg?.orgRoles.includes(role));
+    // Sending user friendly message if a user attempts to access an API that is inaccessible to their role
+    const roleAccess = requiredRoles.some((role) => user.selectedOrg?.orgRoles.includes(role));
+    if (!roleAccess) {
+      throw new ForbiddenException(ResponseMessages.organisation.error.roleNotMatch, { cause: new Error(), description: ResponseMessages.errorMessages.forbidden });
+    }
+
+    return roleAccess;
   }
 }
\ No newline at end of file
diff --git a/apps/api-gateway/src/connection/dtos/connection.dto.ts b/apps/api-gateway/src/connection/dtos/connection.dto.ts
index a24fb116b..f0b47c8d6 100644
--- a/apps/api-gateway/src/connection/dtos/connection.dto.ts
+++ b/apps/api-gateway/src/connection/dtos/connection.dto.ts
@@ -141,6 +141,7 @@ class ReceiveInvitationCommonDto {
     @IsOptional()
     @IsString({ message: 'imageUrl must be a string' })
     @IsNotEmpty({ message: 'please provide valid imageUrl' })
+    @IsString()
     imageUrl: string;
 
     @ApiPropertyOptional()
@@ -260,6 +261,7 @@ class InvitationDto {
     @IsString()
     @IsOptional()
     @IsNotEmpty({ message: 'please provide valid imageUrl' })
+    @IsString()
     imageUrl?: string;
 }
 
diff --git a/libs/common/src/response-messages/index.ts b/libs/common/src/response-messages/index.ts
index d786187c1..fa520d414 100644
--- a/libs/common/src/response-messages/index.ts
+++ b/libs/common/src/response-messages/index.ts
@@ -81,7 +81,7 @@ export const ResponseMessages = {
         error: {
             exists: 'An organization name is already exist',
             orgProfileNotFound: 'Organization public profile not found',
-            orgSlugIsRequired: 'orgslug is required',
+            orgSlugIsRequired: 'orgSlug is required',
             invitationIdIsRequired:'Invitation Id is required',
             userIdIsRequired:'UserId is required',
             rolesNotExist: 'Provided roles not exists in the platform',
@@ -101,20 +101,20 @@ export const ResponseMessages = {
             clientIdRequired:'clientId is required',
             notExistClientCred: 'Organization does not have client credentials',          
             invalidUserId:'Invalid format of userId',
-            invalidInvitationId:'Invalid format for invitaion id',
-            ecosystemIdIsRequired:'ecosystemId is required'
-            
+            invalidInvitationId:'Invalid format for invitation id',
+            ecosystemIdIsRequired:'ecosystemId is required',
+            roleNotMatch: 'User does not have access'
         }
     },
 
     fido: {
         success: {
             RegistrationOption: 'Registration option created successfully',
-            verifyRegistration: 'Verify registration sucessfully',
+            verifyRegistration: 'Verify registration successfully',
             updateUserDetails: 'User details updated successfully',
             generateAuthenticationOption: 'Authentication option generated successfully',
-            deleteDevice: 'Device deleted sucessfully',
-            updateDeviceName: 'Device name updated sucessfully',
+            deleteDevice: 'Device deleted successfully',
+            updateDeviceName: 'Device name updated successfully',
             login: 'User login successfully'
         },
         error: {
@@ -276,7 +276,7 @@ export const ResponseMessages = {
             notFound: 'Organization agent not found',
             agentUrlNotFound: 'agent url not found',
             schemaIdNotFound: 'Schema Id is required',
-            predicatesValueNotNumber: 'The attribuite value is not a number',
+            predicatesValueNotNumber: 'Attribute value is not a number',
             proofPresentationNotFound: 'Proof presentations not found',
             verifiedProofNotFound: 'Proof presentation not found',
             proofNotFound: 'Proof presentation not found',
@@ -304,7 +304,7 @@ export const ResponseMessages = {
             DeclineEndorsementTransaction: 'Endorsement request declined',
             AutoEndorsementTransaction: 'The flag for transactions has been successfully set',
             fetchMembers: 'Ecosystem members fetched successfully',
-            allschema: 'Schema details fetched sucessfully',
+            allschema: 'Schema details fetched successfully',
             AutoSignAndSubmit: 'Endorsement request approved & submitted to ledger'
         },
         error: {