Skip to content

Commit

Permalink
Merge pull request #6425 from NMDSdevopsServiceAdm/fix/only-return-ex…
Browse files Browse the repository at this point in the history 
…pected-error-messages-for-certificates

Fix: Only return expected error messages from certificate endpoints
  • Loading branch information
@duncanc19
duncanc19 authored Nov 22, 2024
2 parents 92ac039 + 24775f4 commit 7916e3a
Show file tree
Hide file tree
Showing 4 changed files with 61 additions and 14 deletions.
8 changes: 4 additions & 4 deletions backend/server/routes/establishments/workerCertificate/qualificationCertificate.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ const requestUploadUrlEndpoint = async (req, res) => {
);
return res.status(200).json({ files: responsePayload });
} catch (err) {
return res.status(err.statusCode).send(err.message);
return certificateService.sendErrorResponse(res, err);
}
};

Expand All @@ -33,7 +33,7 @@ const confirmUploadEndpoint = async (req, res) => {
await certificateService.confirmUpload(req.body.files, req.params.qualificationUid);
return res.status(200).send();
} catch (err) {
return res.status(err.statusCode).send(err.message);
return certificateService.sendErrorResponse(res, err);
}
};

Expand All @@ -49,7 +49,7 @@ const getPresignedUrlForCertificateDownloadEndpoint = async (req, res) => {
);
return res.status(200).json({ files: responsePayload });
} catch (err) {
return res.status(err.statusCode).send(err.message);
return certificateService.sendErrorResponse(res, err);
}
};

Expand All @@ -65,7 +65,7 @@ const deleteCertificatesEndpoint = async (req, res) => {
);
return res.status(200).send();
} catch (err) {
return res.status(err.statusCode).send(err.message);
return certificateService.sendErrorResponse(res, err);
}
};

Expand Down
33 changes: 24 additions & 9 deletions backend/server/routes/establishments/workerCertificate/trainingCertificate.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,16 +8,21 @@ const router = express.Router({ mergeParams: true });

const initialiseCertificateService = () => {
return WorkerCertificateService.initialiseTraining();
}
};

const requestUploadUrlEndpoint = async (req, res) => {
const certificateService = initialiseCertificateService();

try {
const responsePayload = await certificateService.requestUploadUrl(req.body.files, req.params.id, req.params.workerId, req.params.trainingUid);
const responsePayload = await certificateService.requestUploadUrl(
req.body.files,
req.params.id,
req.params.workerId,
req.params.trainingUid,
);
return res.status(200).json({ files: responsePayload });
} catch (err) {
return res.status(err.statusCode).send(err.message);
return certificateService.sendErrorResponse(res, err);
}
};

Expand All @@ -28,29 +33,39 @@ const confirmUploadEndpoint = async (req, res) => {
await certificateService.confirmUpload(req.body.files, req.params.trainingUid);
return res.status(200).send();
} catch (err) {
return res.status(err.statusCode).send(err.message);
return certificateService.sendErrorResponse(res, err);
}
};

const getPresignedUrlForCertificateDownloadEndpoint = async (req, res) => {
const certificateService = initialiseCertificateService();

try {
const responsePayload = await certificateService.getPresignedUrlForCertificateDownload(req.body.files, req.params.id, req.params.workerId, req.params.trainingUid);
const responsePayload = await certificateService.getPresignedUrlForCertificateDownload(
req.body.files,
req.params.id,
req.params.workerId,
req.params.trainingUid,
);
return res.status(200).json({ files: responsePayload });
} catch (err) {
return res.status(err.statusCode).send(err.message);
return certificateService.sendErrorResponse(res, err);
}
};

const deleteCertificatesEndpoint = async (req, res) => {
const certificateService = initialiseCertificateService();

try {
await certificateService.deleteCertificates(req.body.files, req.params.id, req.params.workerId, req.params.trainingUid);
await certificateService.deleteCertificates(
req.body.files,
req.params.id,
req.params.workerId,
req.params.trainingUid,
);
return res.status(200).send();
} catch (err) {
return res.status(err.statusCode).send(err.message);
return certificateService.sendErrorResponse(res, err);
}
};

Expand All @@ -63,4 +78,4 @@ module.exports = router;
module.exports.requestUploadUrlEndpoint = requestUploadUrlEndpoint;
module.exports.confirmUploadEndpoint = confirmUploadEndpoint;
module.exports.getPresignedUrlForCertificateDownloadEndpoint = getPresignedUrlForCertificateDownloadEndpoint;
module.exports.deleteCertificatesEndpoint = deleteCertificatesEndpoint;
module.exports.deleteCertificatesEndpoint = deleteCertificatesEndpoint;
8 changes: 8 additions & 0 deletions backend/server/routes/establishments/workerCertificate/workerCertificateService.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -251,6 +251,14 @@ class WorkerCertificateService {
});
await this.certificatesModel.destroy({ where: { uid: certificateRecordUids }, transaction: externalTransaction });
}

sendErrorResponse(res, err) {
if (err instanceof HttpError) {
return res.status(err.statusCode).send(err.message);

Check warning

Code scanning / CodeQL

Exception text reinterpreted as HTML Medium

Exception text
Loading
is reinterpreted as HTML without escaping meta-characters.
Exception text
Loading
is reinterpreted as HTML without escaping meta-characters.
}
console.error('WorkerCertificateService error: ', err);
return res.status(500).send('Internal server error');
}
}

module.exports = WorkerCertificateService;
26 changes: 25 additions & 1 deletion ...server/test/unit/routes/establishments/workerCertificate/workerCertificateService.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ const s3 = require('../../../../../routes/establishments/workerCertificate/s3');
const config = require('../../../../../config/config');

const WorkerCertificateService = require('../../../../../routes/establishments/workerCertificate/workerCertificateService');
const HttpError = require('../../../../../utils/errors/httpError');

describe('backend/server/routes/establishments/workerCertificate/workerCertificateService.js', () => {
const user = buildUser();
Expand All @@ -31,7 +32,6 @@ describe('backend/server/routes/establishments/workerCertificate/workerCertifica
describe('requestUploadUrl', () => {
const mockUploadFiles = ['cert1.pdf', 'cert2.pdf'];
const mockSignedUrl = 'http://localhost/mock-upload-url';
let res;

beforeEach(() => {
mockRequestBody = {
Expand Down Expand Up @@ -641,4 +641,28 @@ describe('backend/server/routes/establishments/workerCertificate/workerCertifica
]);
});
});

describe('sendErrorResponse', () => {
let res;

beforeEach(() => {
res = httpMocks.createResponse();
});

it('should send status code and message from error when HttpError thrown', async () => {
const errorThrown = new HttpError('Invalid request', 400);

services.qualifications.sendErrorResponse(res, errorThrown);
expect(res.statusCode).to.equal(400);
expect(res._getData()).to.equal('Invalid request');
});

it('should send 500 status code and Internal server error message when unexpected error', async () => {
const errorThrown = new Error('Unexpected error');

services.qualifications.sendErrorResponse(res, errorThrown);
expect(res.statusCode).to.equal(500);
expect(res._getData()).to.equal('Internal server error');
});
});
});

0 comments on commit 7916e3a

Please sign in to comment.