From b33fdfd34be1068b92ccb08b803f9532ef93e4e4 Mon Sep 17 00:00:00 2001
From: StefanWout <stefanwoutersen@gmail.com>
Date: Thu, 7 Nov 2024 17:44:38 +0000
Subject: [PATCH] integrated zod parameter verification into the PUT function
 for updating the settings on the portfolio settings page

---
 src/app/api/portfolio/[portfolioId]/route.ts  | 27 +++++++++++++++++--
 .../settings/PortfolioSettings.tsx            |  2 ++
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/src/app/api/portfolio/[portfolioId]/route.ts b/src/app/api/portfolio/[portfolioId]/route.ts
index a3a474d..d0705c5 100644
--- a/src/app/api/portfolio/[portfolioId]/route.ts
+++ b/src/app/api/portfolio/[portfolioId]/route.ts
@@ -13,15 +13,38 @@ import {
   propertyDetailsEpc,
   property,
 } from "@/app/db/schema/property";
-import { eq, inArray } from "drizzle-orm";
+import { eq, inArray, Name } from "drizzle-orm";
 import { z } from "zod";
 
+const UpdateBodySchema = z.object({
+  name: z.optional(z.string()),
+  budget: z.optional(z.number()),
+  goal: z.optional(z.string()),
+  status: z.optional(z.string()),
+});
+
 export async function PUT(
   request: NextRequest,
   { params }: { params: { portfolioId: string } }
 ) {
   const body = await request.json();
+  let validatedBody;
+
+  try {
+    validatedBody = UpdateBodySchema.parse(body);
+  } catch (error) {
+    console.error("Invalid input: ", error);
+    return new NextResponse(JSON.stringify({ msg: "Invalid input" }), {
+      status: 400,
+    });
+  }
+
   const portfolioId = params.portfolioId;
+  const name = validatedBody.name;
+  const budget = validatedBody.budget;
+  const goal = validatedBody.goal;
+  const status = validatedBody.status;
+  
 
   await db
     .update(portfolio)
@@ -43,7 +66,7 @@ export async function DELETE(
 
     // 1) Fetch the portfolio ids
     // 2) Fetch the recommendation ids
-    // 3) Delete all entries from RecommendationMaterials for these recommendations
+    // 3) Delete all entries from RecommendationMaterials for these recommendationsP
     // 4) Delete all entries from PlanRecommendations that reference plans in the portfolio
     // 5) Delete all Plans associated with the portfolio
     // 6) Delete all Scenarios associated with the portfolio
diff --git a/src/app/portfolio/[slug]/(portfolio)/settings/PortfolioSettings.tsx b/src/app/portfolio/[slug]/(portfolio)/settings/PortfolioSettings.tsx
index eec3be5..ae222c6 100644
--- a/src/app/portfolio/[slug]/(portfolio)/settings/PortfolioSettings.tsx
+++ b/src/app/portfolio/[slug]/(portfolio)/settings/PortfolioSettings.tsx
@@ -135,6 +135,8 @@ const updateSettings = async ({
       "Content-Type": "application/json",
     },
     body: requestBody,
+
+    
   });
 
   if (!response.ok) {