feat: secure custom field value routing

src/custom-fields/custom-fields.controller.ts

@@ -1,6 +1,11 @@
 import { Controller, Get, Post, Body, Patch, Param, Delete } from '@nestjs/common';
 import { CustomFieldsService } from './custom-fields.service';
-import { CreateCustomFieldValueDto, UpdateCustomFieldValueDto } from '../shared/dto/custom-field.dto';
+import {
+  CreateCustomFieldValueDto,
+  UpdateCustomFieldValueDto,
+  CustomFieldEntityParamsDto,
+  UpsertCustomFieldValueDto,
+} from '../shared/dto/custom-field.dto';
 
 @Controller('custom-fields')
 export class CustomFieldsController {
@@ -12,11 +17,11 @@ export class CustomFieldsController {
   }
 
   @Get('values/:entityType/:entityId')
-  findCustomFieldValuesByEntity(
-    @Param('entityType') entityType: string,
-    @Param('entityId') entityId: string,
-  ) {
-    return this.customFieldsService.findCustomFieldValuesByEntity(entityType, entityId);
+  findCustomFieldValuesByEntity(@Param() params: CustomFieldEntityParamsDto) {
+    return this.customFieldsService.findCustomFieldValuesByEntity(
+      params.entityType,
+      params.entityId,
+    );
   }
 
   @Get('values/:id')
@@ -38,12 +43,7 @@ export class CustomFieldsController {
   }
 
   @Post('values/upsert')
-  upsertCustomFieldValue(@Body() body: {
-    customFieldId: string;
-    entityType: string;
-    entityId: string;
-    value: string;
-  }) {
+  upsertCustomFieldValue(@Body() body: UpsertCustomFieldValueDto) {
     return this.customFieldsService.upsertCustomFieldValue(
       body.customFieldId,
       body.entityType,
@@ -51,4 +51,4 @@ export class CustomFieldsController {
       body.value,
     );
   }
-} 
+}