Bug: Database query built from user-controlled sources

a3ryk · a3ryk · commit fd7db66f3d5f · 2025-05-22T20:10:31.000+05:30
diff --git a/src/controllers/v4/internal/notification.js b/src/controllers/v4/internal/notification.js
@@ -66,7 +66,7 @@ const markNotificationAsRead = async (req, res) => {
         return res.status(400).json({ message: 'User ID is required' });
       }
       // Check if the global notification exists
-      const notificationExists = await Notification.exists({ _id: id });
+      const notificationExists = await Notification.exists({ _id: { $eq: id } });
       if (!notificationExists) {
         return res.status(404).json({ message: 'Global notification not found' });
       }
@@ -79,7 +79,7 @@ const markNotificationAsRead = async (req, res) => {
       );
     } else {
       // Update read status for user-specific notifications
-      await UserNotification.findOneAndUpdate({ _id: id }, { read: true });
+      await UserNotification.findOneAndUpdate({ _id: { $eq: id } }, { read: true });
     }
 
     return res.status(200).json({ message: 'Notification marked as read' });
@@ -111,7 +111,7 @@ const markNotificationAsDeleted = async (req, res) => {
         return res.status(400).json({ message: 'User ID is required' });
       }
       // Check if the global notification exists
-      const notificationExists = await Notification.exists({ _id: id });
+      const notificationExists = await Notification.exists({ _id: { $eq: id } });
       if (!notificationExists) {
         return res.status(404).json({ message: 'Global notification not found' });
       }
@@ -124,7 +124,7 @@ const markNotificationAsDeleted = async (req, res) => {
       );
     } else {
       // Update deleted status for user-specific notifications
-      await UserNotification.findOneAndUpdate({ _id: id }, { deleted: true });
+      await UserNotification.findOneAndUpdate({ _id: { $eq: id } }, { deleted: true });
     }
 
     return res.status(200).json({ message: 'Notification marked as deleted' });

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ const markNotificationAsRead = async (req, res) => {`
`66`	`66`	`return res.status(400).json({ message: 'User ID is required' });`
`67`	`67`	`}`
`68`	`68`	`// Check if the global notification exists`
`69`		`- const notificationExists = await Notification.exists({ _id: id });`
	`69`	`+ const notificationExists = await Notification.exists({ _id: { $eq: id } });`
`70`	`70`	`if (!notificationExists) {`
`71`	`71`	`return res.status(404).json({ message: 'Global notification not found' });`
`72`	`72`	`}`
`@@ -79,7 +79,7 @@ const markNotificationAsRead = async (req, res) => {`
`79`	`79`	`);`
`80`	`80`	`} else {`
`81`	`81`	`// Update read status for user-specific notifications`
`82`		`- await UserNotification.findOneAndUpdate({ _id: id }, { read: true });`
	`82`	`+ await UserNotification.findOneAndUpdate({ _id: { $eq: id } }, { read: true });`
`83`	`83`	`}`
`84`	`84`
`85`	`85`	`return res.status(200).json({ message: 'Notification marked as read' });`
`@@ -111,7 +111,7 @@ const markNotificationAsDeleted = async (req, res) => {`
`111`	`111`	`return res.status(400).json({ message: 'User ID is required' });`
`112`	`112`	`}`
`113`	`113`	`// Check if the global notification exists`
`114`		`- const notificationExists = await Notification.exists({ _id: id });`
	`114`	`+ const notificationExists = await Notification.exists({ _id: { $eq: id } });`
`115`	`115`	`if (!notificationExists) {`
`116`	`116`	`return res.status(404).json({ message: 'Global notification not found' });`
`117`	`117`	`}`
`@@ -124,7 +124,7 @@ const markNotificationAsDeleted = async (req, res) => {`
`124`	`124`	`);`
`125`	`125`	`} else {`
`126`	`126`	`// Update deleted status for user-specific notifications`
`127`		`- await UserNotification.findOneAndUpdate({ _id: id }, { deleted: true });`
	`127`	`+ await UserNotification.findOneAndUpdate({ _id: { $eq: id } }, { deleted: true });`
`128`	`128`	`}`
`129`	`129`
`130`	`130`	`return res.status(200).json({ message: 'Notification marked as deleted' });`