💬 Chat Validator Blocks
Chat validator blocks provide validation functions for chat-related operations in Nodeblocks applications. These validators ensure proper access control and data validation for chat channels, messages, and conversations.
🎯 Overview
Chat validator blocks are designed to:
- Validate channel access based on ownership and permissions
- Ensure proper message access for chat operations
- Support multiple access patterns (owner, admin, member)
- Handle chat-specific validation logic for secure operations
- Provide reusable validation for chat workflows
📋 Chat Validator Types
Access Control Validators
Validators that check user permissions for chat resources.
🔧 Available Chat Validators
validateChannelAccess
Validates channel access based on allowed subjects and token information.
Purpose: Ensures users have proper channel ownership and permissions
Parameters:
allowedSubjects:string[]- Array of allowed user types/subjectsauthenticate:Authenticator- Authentication function (optional, defaults to getBearerTokenInfo)payload:RouteHandlerPayload- Contains request context and data
Returns: void - Passes through if user has appropriate permissions
Throws:
- NodeblocksError (401) with message "App token is not valid" or "User token is not valid" for invalid tokens
- NodeblocksError (400) with message "must have ownerId when creating a new channel" for missing ownerId on new channels
- NodeblocksError (403) with message "Channel has no owner" for channels without owner
- NodeblocksError (403) with message "User is not authorized to access this channel" for unauthorized access
- NodeblocksError (404) with message "Channel not found" if channel doesn't exist
- NodeblocksError (401) with message "Token does not have a valid access type" for invalid token types
Supported Subjects:
'owner'- Channel owner access
Channel ID Sources (checked in order):
payload.context.data.channelIdpayload.params.requestParams.channelIdpayload.params.requestQuery.channelIdpayload.params.requestBody.channelId
Owner ID Sources (for new channels):
payload.context.data.ownerIdpayload.params.requestBody.ownerId
Usage:
import { validators } from '@nodeblocks/backend-sdk';
const { validateChannelAccess } = validators;
// Channel owner access
compose(validateChannelAccess(['owner']), channelHandler);
// Channel owner or admin access
compose(validateChannelAccess(['owner', 'admin']), channelHandler);
validateMessageAccess
Validates message access based on allowed subjects and token information.
Purpose: Ensures users have proper message ownership and permissions
Parameters:
allowedSubjects:string[]- Array of allowed user types/subjectsauthenticate:Authenticator- Authentication function (optional, defaults to getBearerTokenInfo)payload:RouteHandlerPayload- Contains request context and data
Returns: void - Passes through if user has appropriate permissions
Throws:
- NodeblocksError (401) with message "App token is not valid" or "User token is not valid" for invalid tokens
- NodeblocksError (400) with message "must have senderId when creating a new message" for missing senderId on new messages
- NodeblocksError (403) with message "Message has no sender" for messages without sender
- NodeblocksError (403) with message "User is not authorized to access this message" for unauthorized access
- NodeblocksError (404) with message "Message not found" if message doesn't exist
- NodeblocksError (401) with message "Token does not have a valid access type" for invalid token types
Supported Subjects:
'owner'- Message sender access
Message ID Sources (checked in order):
payload.context.data.messageIdpayload.params.requestParams.messageIdpayload.params.requestQuery.messageIdpayload.params.requestBody.messageId
Sender ID Sources (for new messages):
payload.context.data.senderIdpayload.params.requestBody.senderId
Usage:
import { validators } from '@nodeblocks/backend-sdk';
const { validateMessageAccess } = validators;
// Message sender access
compose(validateMessageAccess(['owner']), messageHandler);
// Message sender or admin access
compose(validateMessageAccess(['owner', 'admin']), messageHandler);
🔗 Related Documentation
- Chat Schema Blocks - Chat data validation and contracts
- Chat Handler Blocks - Chat business logic functions
- Chat Route Blocks - Chat HTTP endpoint definitions
- Chat Feature Blocks - Chat composed features