fix(transaction): throw HttpException when originator or beneficiary is missing in TransactionEntityMapper

fix(transaction): throw HttpException when counterparty has neither business nor end user data in TransactionEntityMapper
fix(transaction): throw HttpException when counterparty has both business and end user data in TransactionEntityMapper
fix(transaction.service): map transactionsPayload to mappedTransactions before creating transactions in bulk

Author: MatanYadaev

services/workflows-service/src/transaction/transaction.controller.external.intg.test.ts

@@ -489,5 +489,87 @@ describe('#TransactionControllerExternal', () => {
         message: [expect.any(String)],
       });
     });
+
+    it('returns 400 when counterparty is missing from the body', async () => {
+      // Arrange
+      const apiKey = (customer.authenticationConfiguration as { authValue: string }).authValue;
+      const validTransaction = getBaseTransactionData();
+      const transactions = [
+        {
+          ...validTransaction,
+          originator: undefined as unknown as TransactionCreateDto['originator'],
+        },
+      ] as const satisfies readonly TransactionCreateDto[];
+
+      // Act
+      const response = await request(app.getHttpServer())
+        .post('/external/transactions/bulk')
+        .send(transactions)
+        .set('authorization', `Bearer ${apiKey}`);
+
+      // Assert
+      expect(response.status).toBe(400);
+      expect(response.body).toEqual({
+        statusCode: 400,
+        message: 'Originator and beneficiary are required.',
+      });
+    });
+
+    it('returns 400 when counterparty is missing an entity', async () => {
+      // Arrange
+      const apiKey = (customer.authenticationConfiguration as { authValue: string }).authValue;
+      const validTransaction = getBaseTransactionData();
+      const transactions = [
+        {
+          ...validTransaction,
+          beneficiary: {
+            correlationId: faker.datatype.uuid(),
+            // Missing endUserData or businessData
+          },
+        },
+      ] as const satisfies readonly TransactionCreateDto[];
+
+      // Act
+      const response = await request(app.getHttpServer())
+        .post('/external/transactions/bulk')
+        .send(transactions)
+        .set('authorization', `Bearer ${apiKey}`);
+
+      // Assert
+      expect(response.status).toBe(400);
+      expect(response.body).toEqual({
+        statusCode: 400,
+        message: 'Counterparty must have either business or end user data.',
+      });
+    });
+  });
+
+  it('returns 400 when counterparty has both business and end user', async () => {
+    // Arrange
+    const apiKey = (customer.authenticationConfiguration as { authValue: string }).authValue;
+    const validTransaction = getBaseTransactionData();
+    const transactions = [
+      {
+        ...validTransaction,
+        originator: getBusinessCounterpartyData(),
+        beneficiary: {
+          ...getBusinessCounterpartyData(),
+          ...getEndUserCounterpartyData(),
+        },
+      },
+    ] as const satisfies readonly TransactionCreateDto[];
+
+    // Act
+    const response = await request(app.getHttpServer())
+      .post('/external/transactions/bulk')
+      .send(transactions)
+      .set('authorization', `Bearer ${apiKey}`);
+
+    // Assert
+    expect(response.status).toBe(400);
+    expect(response.body).toEqual({
+      statusCode: 400,
+      message: 'Counterparty must have either business or end user data.',
+    });
   });
 });

services/workflows-service/src/transaction/transaction.mapper.ts

@@ -5,6 +5,10 @@ import { HttpException } from '@nestjs/common';
 
 export class TransactionEntityMapper {
   static toCreateData({ dto, projectId }: { dto: TransactionCreateDto; projectId: TProjectId }) {
+    if (!dto.originator || !dto.beneficiary) {
+      throw new HttpException('Originator and beneficiary are required.', 400);
+    }
+
     return {
       transactionCorrelationId: dto.correlationId,
       transactionDate: dto.date,
@@ -92,16 +96,17 @@ export class TransactionEntityMapper {
     counterpartyInfo,
     projectId,
   }: {
-    counterpartyInfo: CounterpartyInfo | undefined;
+    counterpartyInfo: CounterpartyInfo;
     projectId: string;
   }):
     | Prisma.TransactionRecordCreateInput['counterpartyOriginator']
     | Prisma.TransactionRecordCreateInput['counterpartyBeneficiary'] {
+    if (!counterpartyInfo?.businessData && !counterpartyInfo?.endUserData) {
+      throw new HttpException('Counterparty must have either business or end user data.', 400);
+    }
+
     if (counterpartyInfo?.businessData && counterpartyInfo?.endUserData) {
-      throw new HttpException(
-        'Counterparty must have either business or end user data, not both.',
-        400,
-      );
+      throw new HttpException('Counterparty must have either business or end user data.', 400);
     }
 
     return counterpartyInfo

services/workflows-service/src/transaction/transaction.service.ts

@@ -24,16 +24,18 @@ export class TransactionService {
     transactionsPayload: TransactionCreateDto[];
     projectId: TProjectId;
   }) {
+    const mappedTransactions = transactionsPayload.map(transactionPayload =>
+      TransactionEntityMapper.toCreateData({
+        dto: transactionPayload,
+        projectId,
+      }),
+    );
+
     const response: Array<TransactionCreatedDto | { error: Error; correlationId: string }> = [];
 
-    for (const transactionPayload of transactionsPayload) {
+    for (const transactionPayload of mappedTransactions) {
       try {
-        const transaction = await this.repository.create({
-          data: TransactionEntityMapper.toCreateData({
-            dto: transactionPayload,
-            projectId,
-          }),
-        });
+        const transaction = await this.repository.create({ data: transactionPayload });
 
         response.push({
           id: transaction.id,
@@ -50,7 +52,7 @@ export class TransactionService {
 
         response.push({
           error: errorToLog,
-          correlationId: transactionPayload.correlationId,
+          correlationId: transactionPayload.transactionCorrelationId,
         });
       }
     }