From 364c5caaf5b5c7d5ef2146384da4d782611c56d2 Mon Sep 17 00:00:00 2001
From: Petr Kachanovsky <pkachanovsky@devforth.io>
Date: Mon, 13 Jan 2025 16:30:58 +0200
Subject: [PATCH] fix: add minValue and maxValue check on backend

---
 .../13-standardPagesTuning.md                 | 22 +++++++++++++++--
 adminforth/index.ts                           | 24 +++++++++++++++++++
 2 files changed, 44 insertions(+), 2 deletions(-)

diff --git a/adminforth/documentation/docs/tutorial/03-Customization/13-standardPagesTuning.md b/adminforth/documentation/docs/tutorial/03-Customization/13-standardPagesTuning.md
index 65570bc5b..dec295428 100644
--- a/adminforth/documentation/docs/tutorial/03-Customization/13-standardPagesTuning.md
+++ b/adminforth/documentation/docs/tutorial/03-Customization/13-standardPagesTuning.md
@@ -319,8 +319,26 @@ export default {
 
 ### minValue and maxValue
 
+You can add `minValue` and `maxValue` limits to columns, so it will show an error below an input when entered value is out of bounds.
 
-[Documentation in progress]
+```typescript title="./resources/apartments.ts"
+export default {
+      name: 'apartments',
+      columns: [
+        ...
+        {
+          name: 'square_meter',
+          label: 'Square',
+          minValue: 3,
+          maxValue: 1000,
+        },
+      ],
+    },
+    ...
+  ],
+```
+
+> `minValue` and `maxValue` checks are enforced both on frontend and backend.
 
 
 ### Validation
@@ -329,4 +347,4 @@ export default {
 
 ### Foreign resources
 
-[Documentation in progress]
\ No newline at end of file
+[Documentation in progress]
diff --git a/adminforth/index.ts b/adminforth/index.ts
index ce70fd15f..aa6222f67 100644
--- a/adminforth/index.ts
+++ b/adminforth/index.ts
@@ -320,6 +320,18 @@ class AdminForth implements IAdminForth {
     { resource: AdminForthResource, record: any, adminUser: AdminUser, extra?: HttpExtra }
   ): Promise<{ error?: string, createdRecord?: any }> {
 
+    // check if record with minValue or maxValue is within limits
+    for (const column of resource.columns.filter((col) => col.name in record
+      && ['integer', 'decimal', 'float'].includes(col.type)
+      && (col.minValue !== undefined || col.maxValue !== undefined))) {
+      if (column.minValue !== undefined && record[column.name] < column.minValue) {
+        return { error: `Value in "${column.name}" must be greater than ${column.minValue}` };
+      }
+      if (column.maxValue !== undefined && record[column.name] > column.maxValue) {
+        return { error: `Value in "${column.name}" must be less than ${column.maxValue}` };
+      }
+    }
+
     // execute hook if needed
     for (const hook of listify(resource.hooks?.create?.beforeSave)) {
       console.log('🪲 Hook beforeSave', hook);
@@ -385,6 +397,18 @@ class AdminForth implements IAdminForth {
     { resource: AdminForthResource, recordId: any, record: any, oldRecord: any, adminUser: AdminUser, extra?: HttpExtra }
   ): Promise<{ error?: string }> {
 
+    // check if record with minValue or maxValue is within limits
+    for (const column of resource.columns.filter((col) => col.name in record
+      && ['integer', 'decimal', 'float'].includes(col.type)
+      && (col.minValue !== undefined || col.maxValue !== undefined))) {
+      if (column.minValue !== undefined && record[column.name] < column.minValue) {
+        return { error: `Value in "${column.name}" must be greater than ${column.minValue}` };
+      }
+      if (column.maxValue !== undefined && record[column.name] > column.maxValue) {
+        return { error: `Value in "${column.name}" must be less than ${column.maxValue}` };
+      }
+    }
+
     // remove editReadonly columns from record
     for (const column of resource.columns.filter((col) => col.editReadonly)) {
       if (column.name in record)