Skip to content

registry-org.controller.js createOrg proceeds after uuidProvided error #1406

New issue
New issue
Closed
Closed
registry-org.controller.js createOrg proceeds after uuidProvided error#1406
Assignees
cberger8
Labels
user registryAn issue for the endpoints related to the User Registry
@ElectricNroff

Description

@ElectricNroff
ElectricNroff
opened on Jun 15, 2025

similar to e3993da

The return res.status(400).json(error.uuidProvided('org')) sends this to the client:

HTTP/1.1 400 Bad Request

{"error":"UUID_PROVIDED","message":"Providing UUIDs for org creation or update is not allowed."}

but then it executes the rest of the function (and may create the organization), and thus encounters:

"{\"error\":\"Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client\\n ...

cve-services/src/controller/registry-org.controller/registry-org.controller.js

Lines 95 to 139 in 54aa5ab

Object.keys(body).map(k => k.toLowerCase()).forEach(k => {
if (k === 'long_name') {
newOrg.long_name = body[k]
} else if (k === 'short_name') {
newOrg.short_name = body[k]
} else if (k === 'aliases') {
newOrg.aliases = [...new Set(body[k].active_roles)]
} else if (k === 'cve_program_org_function') {
newOrg.cve_program_org_function = body[k]
} else if (k === 'authority') {
if ('active_roles' in body[k]) {
newOrg.authority.active_roles = [...new Set(body[k].active_roles)]
}
} else if (k === 'reports_to') {
// TODO: org check logic?
} else if (k === 'oversees') {
// TODO: org check logic?
} else if (k === 'root_or_tlr') {
newOrg.root_or_tlr = body[k]
} else if (k === 'users') {
// TODO: users logic?
} else if (k === 'charter_or_scope') {
newOrg.charter_or_scope = body[k]
} else if (k === 'disclosure_policy') {
newOrg.disclosure_policy = body[k]
} else if (k === 'product_list') {
newOrg.product_list = body[k]
} else if (k === 'soft_quota') {
newOrg.soft_quota = body[k]
} else if (k === 'hard_quota') {
newOrg.hard_quota = body[k]
} else if (k === 'contact_info') {
const { additionalContactUsers, admins, ...contactInfo } = body[k]
newOrg.contact_info = {
additional_contact_users: [...(additionalContactUsers || [])],
poc: '',
poc_email: '',
poc_phone: '',
admins: [...(admins || [])],
org_email: '',
website: '',
...contactInfo
}
} else if (k === 'uuid') {
return res.status(400).json(error.uuidProvided('org'))

@david-rocca

Metadata

Metadata

Assignees

Labels

user registryAn issue for the endpoints related to the User Registry

Type

No type

Projects

User Registry Planning & Development

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions