PalisadoesFoundation · palisadoes · Feb 15, 2025 · Feb 13, 2025 · Feb 14, 2025 · Feb 14, 2025
diff --git a/src/graphql/types/FundCampaign/updatedAt.ts b/src/graphql/types/FundCampaign/updatedAt.ts
@@ -1,93 +1,123 @@
 import { TalawaGraphQLError } from "~/src/utilities/TalawaGraphQLError";
+import type { GraphQLContext } from "../../context";
 import { FundCampaign } from "./FundCampaign";
 
-FundCampaign.implement({
-	fields: (t) => ({
-		updatedAt: t.field({
-			description: "Date time at the time the fund campaign was last updated.",
-			resolve: async (parent, _args, ctx) => {
-				if (!ctx.currentClient.isAuthenticated) {
-					throw new TalawaGraphQLError({
-						extensions: {
-							code: "unauthenticated",
-						},
-					});
-				}
+/**
+ * Resolver for the updatedAt field of FundCampaign type.
+ * Validates user authentication and authorization before returning the last update timestamp.
+ * Only administrators and organization admins have access to this field.
+ *
+ * @param parent - The parent FundCampaign object containing the updatedAt field
+ * @param args - GraphQL arguments (unused)
+ * @param ctx - GraphQL context containing authentication and database clients
+ * @returns {Promise<Date>} The timestamp when the fund campaign was last updated
+ * @throws {TalawaGraphQLError} With code 'unauthenticated' if user is not logged in
+ * @throws {TalawaGraphQLError} With code 'unauthorized_action' if user lacks required permissions
+ * @throws {TalawaGraphQLError} With code 'unexpected' for database or other runtime errors
+ */
 
-				const currentUserId = ctx.currentClient.user.id;
+export const updatedAtResolver = async (
+	parent: FundCampaign,
+	args: unknown,
+	ctx: GraphQLContext,
+) => {
+	try {
+		if (!ctx.currentClient.isAuthenticated) {
+			throw new TalawaGraphQLError({
+				extensions: {
+					code: "unauthenticated",
+				},
+			});
+		}
 
-				const [currentUser, existingFund] = await Promise.all([
-					ctx.drizzleClient.query.usersTable.findFirst({
-						columns: {
-							role: true,
-						},
+		const currentUserId = ctx.currentClient.user.id;
 
-						where: (fields, operators) =>
-							operators.eq(fields.id, currentUserId),
-					}),
-					ctx.drizzleClient.query.fundsTable.findFirst({
+		const [currentUser, existingFund] = await Promise.all([
+			ctx.drizzleClient.query.usersTable.findFirst({
+				columns: {
+					role: true,
+				},
+				where: (fields, operators) => operators.eq(fields.id, currentUserId),
+			}),
+			ctx.drizzleClient.query.fundsTable.findFirst({
+				columns: {
+					isTaxDeductible: true,
+				},
+				with: {
+					organization: {
 						columns: {
-							isTaxDeductible: true,
+							countryCode: true,
 						},
 						with: {
-							organization: {
+							membershipsWhereOrganization: {
 								columns: {
-									countryCode: true,
-								},
-								with: {
-									membershipsWhereOrganization: {
-										columns: {
-											role: true,
-										},
-										where: (fields, operators) =>
-											operators.eq(fields.memberId, currentUserId),
-									},
+									role: true,
 								},
+								where: (fields, operators) =>
+									operators.eq(fields.memberId, currentUserId),
 							},
 						},
-						where: (fields, operators) =>
-							operators.eq(fields.id, currentUserId),
-					}),
-				]);
+					},
+				},
+				where: (fields, operators) => operators.eq(fields.id, currentUserId),
+			}),
+		]);
 
-				if (currentUser === undefined) {
-					throw new TalawaGraphQLError({
-						extensions: {
-							code: "unauthenticated",
-						},
-					});
-				}
+		if (currentUser === undefined) {
+			throw new TalawaGraphQLError({
+				extensions: {
+					code: "unauthenticated",
+				},
+			});
+		}
 
-				// Fund id existing but the associated fund not existing is a business logic error and probably means that the corresponding data in the database is in a corrupted state. It must be investigated and fixed as soon as possible to prevent additional data corruption.
-				if (existingFund === undefined) {
-					ctx.log.error(
-						"Postgres select operation returned an empty array for a fund campaign's fund id that isn't null.",
-					);
+		if (existingFund === undefined) {
+			ctx.log.error(
+				"Postgres select operation returned an empty array for a fund campaign's fund id that isn't null.",
+			);
 
-					throw new TalawaGraphQLError({
-						extensions: {
-							code: "unexpected",
-						},
-					});
-				}
+			throw new TalawaGraphQLError({
+				extensions: {
+					code: "unexpected",
+				},
+			});
+		}
 
-				const currentUserOrganizationMembership =
-					existingFund.organization.membershipsWhereOrganization[0];
+		const currentUserOrganizationMembership =
+			existingFund.organization.membershipsWhereOrganization[0];
 
-				if (
-					currentUser.role !== "administrator" &&
-					(currentUserOrganizationMembership === undefined ||
-						currentUserOrganizationMembership.role !== "administrator")
-				) {
-					throw new TalawaGraphQLError({
-						extensions: {
-							code: "unauthorized_action",
-						},
-					});
-				}
+		if (
+			currentUser.role !== "administrator" &&
+			(currentUserOrganizationMembership === undefined ||
+				currentUserOrganizationMembership.role !== "administrator")
+		) {
+			throw new TalawaGraphQLError({
+				extensions: {
+					code: "unauthorized_action",
+				},
+			});
+		}
 
-				return parent.updatedAt;
+		return parent.updatedAt;
+	} catch (error) {
+		if (error instanceof TalawaGraphQLError) {
+			throw error;
+		}
+
+		ctx.log.error("Error in updatedAtResolver:", error);
+		throw new TalawaGraphQLError({
+			extensions: {
+				code: "unexpected",
 			},
+		});
+	}
+};
+
+FundCampaign.implement({
+	fields: (t) => ({
+		updatedAt: t.field({
+			description: "Date time at the time the fund campaign was last updated.",
+			resolve: updatedAtResolver,
 			type: "DateTime",
 		}),
 	}),