#ValidationPipe mishandled input data

When using ValidationPipe to turn on the transformer option, the Query annotation will produce wrong behavior

app.useGlobalPipes(
    new ValidationPipe({
      transform: false,
      whitelist: true,
      forbidNonWhitelisted: true,
    }),
  );

// controller
   @Get("role")
  getUserRole(@Query("uid") uid: number) {
    return this.userService.userIsExitsts(uid).then((exists) => {
      if (!exists) {
        throw new NotFoundException(`can not found this user ${uid}`);
      }
      return this.userService.getUserInforByUID(uid).then((userinfor) => {
        return userinfor.role;
      });
    });
  }

if transformis true, then uid will be NaN.

"dependencies": {
    "@nestjs/common": "^9.0.0",
    "@nestjs/core": "^9.0.0",
    "@nestjs/mapped-types": "^1.2.0",
    "@nestjs/passport": "^9.0.0",
    "@nestjs/platform-express": "^9.0.0",
    "@nestjs/platform-fastify": "^9.2.1",
    "@nestjs/swagger": "^6.1.4",
    "@nestjs/throttler": "^3.1.0",
    "@nestjs/typeorm": "^9.0.1",
    "class-transformer": "^0.5.1"
}

Don't use @Query('parameter ') of you want to do validation. You should make a DTO for the query parameter(s)

maybe should use @Post?

Why?

you say dto

Yes, as in a class that defines what you expect. You expect certain values, certain data, to be sent via the query parameters, correct? That data is transferred and this class is the object that represents it. Just because it's a DTO doesn't mean it has to be used with only posts

ok, i will be try

like this?

still has wrong

[Nest] 17612  - 2023/01/06 11:49:07   ERROR [ExceptionsHandler] ER_BAD_FIELD_ERROR: Unknown column 'NaN' in 'where clause'

You still need to decorate it with the proper decisions

Also, wouldn't a uid be a string?

this user entity,I expect their types to be consistent

Ah, okay. Normally uids are not numbers in my experience

👀

Okay. So add the @IsNumber() decorator to the dto

I did it before you said it

but useless

Then validation isn't happening, and that's a problem. As this is from a query, you may need @Type(() => Number)

Which pack is the type decorator in?

Class-transformer

same result

500 error

Can you provide a reproduction then? This should be working

A git repo please

is private

Make a reproduction that can be public then?

https://github.com/UPorphyrio/forums-backend

have you tried it with both @IsNumber() and @Type(() => Number)?

You can look at the chat records, jmcdo29 has already told me this method

have you tried it with both of them enabled?

one is for validation, the other is for parsing (kinda)

yes

can you add console.log(user) in the first line of the getUserRole and show us what did you get?
I want to see if that has nothing to do with the validation pipe

oh nvm

the issue is that you're not invoking that route

@Get(":uid") declaration should appear after @Get("role"), otherwise you'll always hit the GET /:uid whereas uid will be the string "role"

then just move the getUserInfor method to end of the UserController class instead.

I added an infor path and it works now

I never thought the problem could be solved so easily