Fix: Improve error handling for Server API#170
Merged
fomalhautb merged 5 commits intostack-auth:devstack-auth/stack-auth:devfrom Aug 9, 2024
kfahad5607:fix/141_error-handling-in-api-handlerskfahad5607/stack:fix/141_error-handling-in-api-handlersCopy head branch name to clipboard
Merged
Fix: Improve error handling for Server API#170fomalhautb merged 5 commits intostack-auth:devstack-auth/stack-auth:devfrom kfahad5607:fix/141_error-handling-in-api-handlerskfahad5607/stack:fix/141_error-handling-in-api-handlersCopy head branch name to clipboard
fomalhautb merged 5 commits intostack-auth:devstack-auth/stack-auth:devfrom
kfahad5607:fix/141_error-handling-in-api-handlerskfahad5607/stack:fix/141_error-handling-in-api-handlersCopy head branch name to clipboard
Conversation
…1_error-handling-in-api-handlers
|
Someone is attempting to deploy a commit to the Stack Team on Vercel. A member of the Team first needs to authorize it. |
|
Fahad Khan seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account. You have signed the CLA already but the status is still pending? Let us recheck it. |
fomalhautb
requested changes
Aug 4, 2024
| } | ||
| } | ||
|
|
||
| export async function ensureUserTeamPermissionExist( |
Contributor
There was a problem hiding this comment.
I think this function is a little bit duplicated to ensureUserHasTeamPermission. Maybe you can combine them.
Contributor
Author
There was a problem hiding this comment.
I am combining these functions, but logically, they signify different types of errors.
-
ensureUserHasTeamPermission- This function throws a
TeamPermissionRequirederror, which indicates an authorization error. Users might misconstrue this error as a permission issue in the case of the Revoke a team permission from a user API request.
- This function throws a
-
ensureUserTeamPermissionExist- This function throws a
UserTeamPermissionNotFounderror, indicating that the permission the user is trying to delete does not exist. This is more appropriate for the Revoke a team permission from a user API request.
- This function throws a
Contributor
There was a problem hiding this comment.
yeah, I added errorType parameter to decide which type of error to throw in the ensureUserHasTeamPermission function.
|
|
||
| // If the selected_team_id is present and we reach here that means user does exist. Hence, we have this check. | ||
| if (!data.selected_team_id) { | ||
| await ensureUserExist(tx, { projectId: auth.project.id, userId: params.user_id }); |
Contributor
There was a problem hiding this comment.
We can move this check to the beginning and remove the condition so it is easier to follow
… string in 'ensureUserHasTeamPermission'
…1_error-handling-in-api-handlers
Contributor
Author
|
I have made the requested changes.
PS: I have also signed the CLA. |
Contributor
|
FYI, looks like the bot hasn't picked up the CLA, but I can confirm that you signed it, so all good! |
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
Contributor
|
Thanks for the contribution! |
N2D4
pushed a commit
that referenced
this pull request
Aug 10, 2024
* Added entity checks to provide better errors in API for 'server' access type * Removed 'ensureUserTeamPermissionExist', changed permissionId type to string in 'ensureUserHasTeamPermission' * added different error types for user team permission --------- Co-authored-by: Fahad Khan <fahad.khan@net-mon.net> Co-authored-by: Zai Shi <zaishi00@outlook.com>
fomalhautb
added a commit
that referenced
this pull request
Aug 12, 2024
* Team invitation (#171) * team invitation wip * implemented handler * team invitation callback wip * added team invitation frontend * fixed listCurrentUserTeamPermissions * added team invitation email template * fixed bugs * fixed verification code handler * added more checks to team invitation verification * fixed team invitation page * restructured verification code handler * fixed frontend * fixed team invitation tests * added more team invitation test * fixed bug * added migration file * removed unused code * Allow Next.js version `latest` in package.json * Fix typo * Update error message * Remove unnecessary console.warn * Updated "edit this page" button * Hide unsupported properties from docs * OAuth token tests * Fix typo * added create user button * added create user button (#173) * added basic team settings * Create SECURITY.md * added editable text * added more team settings * Export button in tables * Export all pages of tables * Update security policy * Fix docs typo * More docs typos * Improved user creation handlers * added list users on client * updated team-settings * hide team setting component for now * Fix: Improve error handling for Server API (#170) * Added entity checks to provide better errors in API for 'server' access type * Removed 'ensureUserTeamPermissionExist', changed permissionId type to string in 'ensureUserHasTeamPermission' * added different error types for user team permission --------- Co-authored-by: Fahad Khan <fahad.khan@net-mon.net> Co-authored-by: Zai Shi <zaishi00@outlook.com> * added ensureClientUserAuthenticated * improved error handling * removed unused imports * fixed bug * added member list * Sign up restriction button on dashboard Fix #66, #74 * moved data table to stack-ui * added remove user modal * fixed chokidar * updated ui * fixed merge * fixed merge * fixed merge * updated settings component * improved mobile styles * added user invitation ui * added team creation page * added team creation to team component * added setting icon to team switcher * added settings sections * added client_team_creation_enabled * added frontend team creation enabled checks * updated demo page * added member profile update * fixed profile editing * added leave team button * added create/delete team redirect * fixed column header, updated team setting * fixed account setting padding * updated tests --------- Co-authored-by: Stan Wohlwend <n2d4xc@gmail.com> Co-authored-by: Fahad Khan <62707456+kfahad5607@users.noreply.github.com> Co-authored-by: Fahad Khan <fahad.khan@net-mon.net>
fomalhautb
added a commit
that referenced
this pull request
Aug 28, 2024
* Team invitation (#171) * team invitation wip * implemented handler * team invitation callback wip * added team invitation frontend * fixed listCurrentUserTeamPermissions * added team invitation email template * fixed bugs * fixed verification code handler * added more checks to team invitation verification * fixed team invitation page * restructured verification code handler * fixed frontend * fixed team invitation tests * added more team invitation test * fixed bug * added migration file * removed unused code * Allow Next.js version `latest` in package.json * Fix typo * Update error message * Remove unnecessary console.warn * Updated "edit this page" button * Hide unsupported properties from docs * OAuth token tests * Fix typo * added create user button (#173) * Create SECURITY.md * Export button in tables * Export all pages of tables * Update security policy * Fix docs typo * More docs typos * Improved user creation handlers * Fix: Improve error handling for Server API (#170) * Added entity checks to provide better errors in API for 'server' access type * Removed 'ensureUserTeamPermissionExist', changed permissionId type to string in 'ensureUserHasTeamPermission' * added different error types for user team permission --------- Co-authored-by: Fahad Khan <fahad.khan@net-mon.net> Co-authored-by: Zai Shi <zaishi00@outlook.com> * Sign up restriction button on dashboard Fix #66, #74 * Fix type error * TOTP 2FA endpoints * TOTP MFA components * Improved description for disabling sign ups * Added 'allowedErrorTypes' for error propagation --------- Co-authored-by: Zai Shi <zaishi00@outlook.com> Co-authored-by: Stan Wohlwend <n2d4xc@gmail.com> Co-authored-by: Fahad Khan <fahad.khan@net-mon.net>
fomalhautb
added a commit
that referenced
this pull request
Sep 14, 2024
) * Team invitation (#171) * team invitation wip * implemented handler * team invitation callback wip * added team invitation frontend * fixed listCurrentUserTeamPermissions * added team invitation email template * fixed bugs * fixed verification code handler * added more checks to team invitation verification * fixed team invitation page * restructured verification code handler * fixed frontend * fixed team invitation tests * added more team invitation test * fixed bug * added migration file * removed unused code * Allow Next.js version `latest` in package.json * Fix typo * Update error message * Remove unnecessary console.warn * Updated "edit this page" button * Hide unsupported properties from docs * OAuth token tests * Fix typo * added create user button (#173) * Create SECURITY.md * Export button in tables * Export all pages of tables * Update security policy * Fix docs typo * More docs typos * Improved user creation handlers * Fix: Improve error handling for Server API (#170) * Added entity checks to provide better errors in API for 'server' access type * Removed 'ensureUserTeamPermissionExist', changed permissionId type to string in 'ensureUserHasTeamPermission' * added different error types for user team permission --------- Co-authored-by: Fahad Khan <fahad.khan@net-mon.net> Co-authored-by: Zai Shi <zaishi00@outlook.com> * Sign up restriction button on dashboard Fix #66, #74 * Fix type error * TOTP 2FA endpoints * TOTP MFA components * Improved description for disabling sign ups * Removed 'selected_team_id' from create user schema --------- Co-authored-by: Zai Shi <zaishi00@outlook.com> Co-authored-by: Stan Wohlwend <n2d4xc@gmail.com> Co-authored-by: Fahad Khan <fahad.khan@net-mon.net>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #141 by checking for entities before deleting/modifying them to avoid prisma query error.
Route handler changes
selected_team_idis passed in request body in Update userOther changes
selectedTeamIdSchemato validate string asuuidensureUserTeamPermissionExistinrequest-checksto use in Revoke a team permission from a userUserTeamPermissionNotFoundto use inensureUserTeamPermissionExist