Skip to content

Commit

Permalink
♻️ refactor(error): fix 401 error code
Browse files Browse the repository at this point in the history
  • Loading branch information
@thrownullexception
thrownullexception committed Sep 20, 2023
1 parent 67b46af commit 279b0c4
Show file tree
Hide file tree
Showing 25 changed files with 111 additions and 80 deletions.
6 changes: 3 additions & 3 deletions src/__tests__/api/account/mine.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ describe("/api/account/mine", () => {
"errorCode": "NOT_AUTHENTICATED",
"message": "root not found for 'users'",
"method": "GET",
"name": "ForbiddenError",
"name": "UnauthorizedError",
"path": "",
"statusCode": 401,
}
Expand All @@ -100,7 +100,7 @@ describe("/api/account/mine", () => {

await handler(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);

expect(res._getJSONData()).toMatchInlineSnapshot(`
{
Expand All @@ -109,7 +109,7 @@ describe("/api/account/mine", () => {
"method": "GET",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand Down
4 changes: 2 additions & 2 deletions src/__tests__/api/auth/signin.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ describe("/api/auth/signin", () => {
"errorCode": "",
"message": "Invalid Login",
"method": "POST",
"name": "ForbiddenError",
"name": "UnauthorizedError",
"path": "",
"statusCode": 401,
}
Expand All @@ -75,7 +75,7 @@ describe("/api/auth/signin", () => {
"errorCode": "",
"message": "Invalid Login",
"method": "POST",
"name": "ForbiddenError",
"name": "UnauthorizedError",
"path": "",
"statusCode": 401,
}
Expand Down
12 changes: 6 additions & 6 deletions src/__tests__/api/data/[entity]/[id]/index.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,15 +89,15 @@ describe("/api/data/[entity]/[id]/index", () => {

await handler(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Action 'details' has been disabled for 'tests'",
"method": "GET",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand Down Expand Up @@ -237,15 +237,15 @@ describe("/api/data/[entity]/[id]/index", () => {

await handler(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Action 'update' has been disabled for 'tests'",
"method": "PATCH",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);

Expand Down Expand Up @@ -330,15 +330,15 @@ describe("/api/data/[entity]/[id]/index", () => {

await handler(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Action 'delete' has been disabled for 'tests'",
"method": "DELETE",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);

Expand Down
4 changes: 2 additions & 2 deletions src/__tests__/api/data/[entity]/index.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,15 +156,15 @@ describe("/api/data/[entity]/index", () => {

await handler(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Action 'create' has been disabled for 'tests'",
"method": "POST",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);

Expand Down
4 changes: 2 additions & 2 deletions src/__tests__/api/integrations/constants/index.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,15 +47,15 @@ describe("/api/integrations/constants", () => {

await handler(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Your account doesn't have enough priviledge to perform this action: (Can Configure App)",
"method": "GET",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand Down
4 changes: 2 additions & 2 deletions src/__tests__/api/integrations/credentials/index.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,15 +47,15 @@ describe("/api/integrations/credentials", () => {

await handler(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Your account doesn't have enough priviledge to perform this action: (Can Configure App)",
"method": "GET",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand Down
4 changes: 2 additions & 2 deletions src/__tests__/api/integrations/credentials/reveal.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,15 +98,15 @@ describe("/api/integrations/credentials/reveal", () => {
});
await handler(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Your account doesn't have enough priviledge to perform this action: (Can Manage Integrations)",
"method": "POST",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand Down
4 changes: 2 additions & 2 deletions src/__tests__/api/integrations/env/index.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,15 +47,15 @@ describe("/api/integrations/env", () => {

await handler(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Your account doesn't have enough priviledge to perform this action: (Can Configure App)",
"method": "GET",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand Down
3 changes: 0 additions & 3 deletions src/__tests__/roles/index.spec.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,9 +74,6 @@ describe("pages/roles", () => {
const tableRows = await screen.findAllByRole("link", { name: "Edit" });

expect(tableRows).toHaveLength(2);

expect(tableRows[0]).toHaveAttribute("href", "/roles/role-1");
expect(tableRows[1]).toHaveAttribute("href", "/roles/role-2");
});

it("should delete role for only non-system roles", async () => {
Expand Down
41 changes: 38 additions & 3 deletions src/backend/lib/errors/error-handler.spec.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
import { createUnAuthenticatedMocks } from "__tests__/api/_test-utils/_authenticatedMock";
import { requestHandler } from "../request";
import { BadRequestError, ForbiddenError, NotFoundError } from ".";
import {
BadRequestError,
ForbiddenError,
NotFoundError,
UnauthorizedError,
} from ".";

describe("/api/error/handling", () => {
it("should transform BadRequestError correctly", async () => {
Expand Down Expand Up @@ -66,6 +71,36 @@ describe("/api/error/handling", () => {
`);
});

it("should transform UnauthorizedError correctly", async () => {
const { req, res } = createUnAuthenticatedMocks({
method: "GET",
});

await requestHandler(
{
GET: async () => {
throw new UnauthorizedError("Invalid Login");
},
},
[
{
_type: "guest",
},
]
)(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"message": "Invalid Login",
"method": "GET",
"name": "UnauthorizedError",
"path": "",
"statusCode": 401,
}
`);
});

it("should transform ForbiddenError correctly", async () => {
const { req, res } = createUnAuthenticatedMocks({
method: "GET",
Expand All @@ -87,15 +122,15 @@ describe("/api/error/handling", () => {
]
)(req, res);

expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "DEMO_ERROR_CODE",
"message": "Access to resource is denied",
"method": "GET",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand Down
8 changes: 7 additions & 1 deletion src/backend/lib/errors/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,9 +29,15 @@ export class NotFoundError extends CustomError {
}
}

export class UnauthorizedError extends CustomError {
constructor(message = "Unauthorized", errorCode = "") {
super(401, "UnauthorizedError", message, errorCode);
}
}

export class ForbiddenError extends CustomError {
constructor(message = "Access to resource is denied", errorCode = "") {
super(401, "ForbiddenError", message, errorCode);
super(403, "ForbiddenError", message, errorCode);
}
}

Expand Down
2 changes: 1 addition & 1 deletion src/backend/lib/request/validations/implementations/__tests__/authenticated-user.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ describe("Request Validations => authenticatedUserValidationImpl", () => {
"errorCode": "ALREADY_AUTHENTICATED",
"message": "You are already authenticated, Please logout to continue with request",
"method": "GET",
"name": "ForbiddenError",
"name": "UnauthorizedError",
"path": "",
"statusCode": 401,
}
Expand Down
16 changes: 8 additions & 8 deletions src/backend/lib/request/validations/implementations/__tests__/crud-enabled.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,15 +156,15 @@ describe("Request Validations => crudEnabledValidationImpl", () => {
});

await handler(req, res);
expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Action 'create' has been disabled for 'tests'",
"method": "POST",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand All @@ -178,15 +178,15 @@ describe("Request Validations => crudEnabledValidationImpl", () => {
});

await handler(req, res);
expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Action 'details' has been disabled for 'tests'",
"method": "GET",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand All @@ -200,15 +200,15 @@ describe("Request Validations => crudEnabledValidationImpl", () => {
});

await handler(req, res);
expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Action 'delete' has been disabled for 'tests'",
"method": "DELETE",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand All @@ -222,15 +222,15 @@ describe("Request Validations => crudEnabledValidationImpl", () => {
});

await handler(req, res);
expect(res._getStatusCode()).toBe(401);
expect(res._getStatusCode()).toBe(403);
expect(res._getJSONData()).toMatchInlineSnapshot(`
{
"errorCode": "",
"message": "Action 'update' has been disabled for 'tests'",
"method": "PATCH",
"name": "ForbiddenError",
"path": "",
"statusCode": 401,
"statusCode": 403,
}
`);
});
Expand Down
2 changes: 1 addition & 1 deletion src/backend/lib/request/validations/implementations/__tests__/guest.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ describe("Request Validations => guestValidationImpl", () => {
"errorCode": "ALREADY_AUTHENTICATED",
"message": "You are already authenticated, Please logout to continue with request",
"method": "GET",
"name": "ForbiddenError",
"name": "UnauthorizedError",
"path": "",
"statusCode": 401,
}
Expand Down
Loading

0 comments on commit 279b0c4

Please sign in to comment.