Skip to content

Add tenant resource limit enforcement in API request handlers #843

Description

@RUKAYAT-CODER

Overview

src/tenancy/entities/tenant.entity.ts stores userLimit and storageLimit but there is no enforcement of these limits in API handlers. A tenant can create unlimited users or upload unlimited content, violating billing agreements.

Specifications

Features:

  • Enforce userLimit on user creation for a tenant.
  • Enforce storageLimit on content upload for a tenant.

Tasks:

  • Create TenantLimitGuard that injects TenancyService and checks the relevant limit before allowing the operation.
  • Apply the guard to user-creation and content-upload endpoints.
  • Return 402 Payment Required when limit is exceeded.
  • Add unit tests for at-limit and over-limit scenarios.

Impacted Files:

  • New src/tenancy/guards/tenant-limit.guard.ts
  • User creation and CDN upload controllers.

Acceptance Criteria

  • User creation beyond userLimit returns 402.
  • Storage upload beyond storageLimit returns 402.
  • Tenants at exactly the limit can still create one more (boundary condition tested).

Metadata

Metadata

Assignees

No one assigned

    Labels

    Stellar WaveIssues in the Stellar wave programbugSomething isn't workingenhancementNew feature or request

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions