diff --git a/src/controllers/clans.controller.js b/src/controllers/clans.controller.js index b7a94ac..d282037 100644 --- a/src/controllers/clans.controller.js +++ b/src/controllers/clans.controller.js @@ -98,7 +98,10 @@ module.exports.updateClan = asyncHandler(async (req, res, next) => { if (req.payload.id !== clan.author.id) { return next(new ErrorResponse("Unauthorized", 401, "Authentication required.")); } - Object.assign(clan, req.body.clan); + const UPDATABLE_FIELDS = ['country', 'description', 'disbanding', 'frameId', 'flag', 'level', 'membersCount', 'minLevel', 'ownerId', 'serverId', 'title', 'topActivity', 'topDungeon']; + UPDATABLE_FIELDS.forEach(field => { + if (typeof req.body.clan[field] !== 'undefined') clan[field] = req.body.clan[field]; + }); let data = await ClanService.updateClan(clan); res.status(200).json({ message: 'Clan updated successfully.', diff --git a/src/controllers/members.controller.js b/src/controllers/members.controller.js index fa17d43..07cbff8 100644 --- a/src/controllers/members.controller.js +++ b/src/controllers/members.controller.js @@ -96,7 +96,10 @@ module.exports.updateMember = asyncHandler(async (req, res, next) => { if (req.payload.id !== member.author.id) { return next(new ErrorResponse("Unauthorized", 401, "Authentication required.")); } - Object.assign(member, req.body.member); + const UPDATABLE_FIELDS = ['name', 'lastLoginTime', 'serverId', 'level', 'clanId', 'clanRole', 'commander', 'avatarId', 'isChatModerator', 'frameId', 'leagueId', 'clanTitle', 'champion', 'stats', 'membership', 'adventureSum', 'clanGiftsSum', 'clanWarSum', 'history', 'score', 'scoreGifts', 'warGifts', 'rewards']; + UPDATABLE_FIELDS.forEach(field => { + if (typeof req.body.member[field] !== 'undefined') member[field] = req.body.member[field]; + }); let data = await MemberService.updateMember(member); res.status(200).json({