fix(timeentry): silent-drop unparseable from/to query params (#310)#311
Merged
Conversation
Both `listByCompany` and `exportCsv` declare in a doc comment that "bad dates are silently dropped rather than 400'd, so a typo in the query string doesn't break the call." The implementation didn't match: the raw `req.query.from` / `req.query.to` string was plugged straight into Sequelize's `Op.gte` / `Op.lte`. Postgres can parse ISO 8601 fine but throws `invalid input syntax for type timestamp` on garbage like `?from=not-a-date`, which Sequelize surfaces — and the controller's catch returns a 500. Add `parseDateOrNull(s)` to the controller: returns a Date for any input the `Date` constructor accepts (Number.isFinite on getTime()), returns null otherwise. Wire both handlers through it so the silent-drop behavior matches the documented contract. Unit-test the helper directly via `_internals` — happy paths (ISO 8601, date-only), the silent-drop case (garbage strings), and the defensive non-string-input branch. The helper is also wired through the smoke-test harness's `vi.mock` for `db.config.js`, so failures land cleanly without a live DB. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #310.
Summary
Both
listByCompanyandexportCsvdocumented "bad dates are silently dropped" but the implementation passed the raw query-string straight into Sequelize, so garbage like?from=not-a-dateproduced a 500 from Postgres'sinvalid input syntax for type timestamp.Add a
parseDateOrNull(s)helper, wire both handlers through it. Behavior now matches the documented contract.Test plan
npm run lint && npm test— 777 passing (was 773), 4 new test cases intests/api/timeentry.test.jsfor the helper (happy paths, silent-drop on garbage, non-string defensive).Proudly Made in Nebraska. Go Big Red! 🌽 https://xkcd.com/2347/