refactor(application): fix 4 code smells — validate username input, extract ownership guard and dedup helpers

2026-05-14 16:27:03 +02:00
parent dd7beb7ab4
commit e6f4a6256f
4 changed files with 28 additions and 14 deletions
--- a/crates/application/src/use_cases/thoughts.rs
+++ b/crates/application/src/use_cases/thoughts.rs
@@ -6,6 +6,13 @@ use domain::{
    value_objects::{Content, ThoughtId, UserId},
 };

+fn require_owner(thought: &Thought, user_id: &UserId) -> Result<(), DomainError> {
+    if thought.user_id != *user_id {
+        return Err(DomainError::NotFound);
+    }
+    Ok(())
+}
+
 pub struct CreateThoughtInput {
    pub user_id: UserId,
    pub content: String,
@@ -45,7 +52,7 @@ pub async fn delete_thought(
    user_id: &UserId,
 ) -> Result<(), DomainError> {
    let thought = thoughts.find_by_id(id).await?.ok_or(DomainError::NotFound)?;
-    if thought.user_id != *user_id { return Err(DomainError::NotFound); }
+    require_owner(&thought, user_id)?;
    thoughts.delete(id, user_id).await?;
    events.publish(&DomainEvent::ThoughtDeleted { thought_id: id.clone(), user_id: user_id.clone() }).await?;
    Ok(())
@@ -59,7 +66,7 @@ pub async fn edit_thought(
    new_content: String,
 ) -> Result<(), DomainError> {
    let thought = thoughts.find_by_id(id).await?.ok_or(DomainError::NotFound)?;
-    if thought.user_id != *user_id { return Err(DomainError::NotFound); }
+    require_owner(&thought, user_id)?;
    let content = Content::new_local(new_content)?;
    thoughts.update_content(id, &content).await?;
    events.publish(&DomainEvent::ThoughtUpdated { thought_id: id.clone(), user_id: user_id.clone() }).await?;