From 60e50369894de2bb6c164e0407674f38af54b4ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eduardo=20Bou=C3=A7as?= Date: Wed, 15 Aug 2018 14:36:17 +0100 Subject: [PATCH 1/2] feat: add sendBackErrorWithCode helper function --- dadi/lib/help.js | 12 +++++++++ test/unit/helpTest.js | 62 ++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 71 insertions(+), 3 deletions(-) diff --git a/dadi/lib/help.js b/dadi/lib/help.js index 5fae5e7e..3cd09f67 100755 --- a/dadi/lib/help.js +++ b/dadi/lib/help.js @@ -36,6 +36,18 @@ module.exports.sendBackErrorTrace = function (res, next) { } } +module.exports.sendBackErrorWithCode = function (errorCode, statusCode, res, next) { + if (typeof statusCode !== 'number') { + next = res + res = statusCode + statusCode = 500 + } + + let errorObject = formatError.createError('api', errorCode, null, ERROR_CODES) + + return module.exports.sendBackJSON(statusCode, res, next)(null, errorObject) +} + // helper that sends json response module.exports.sendBackJSON = function (successCode, res, next) { return function (err, results) { diff --git a/test/unit/helpTest.js b/test/unit/helpTest.js index 233fc0a4..f2674857 100644 --- a/test/unit/helpTest.js +++ b/test/unit/helpTest.js @@ -1,6 +1,8 @@ -var should = require('should') -var sinon = require('sinon') -var help = require(__dirname + '/../../dadi/lib/help') +const ERROR_CODES = require('./../../error-codes') +const formatError = require('@dadi/format-error') +const should = require('should') +const sinon = require('sinon') +const help = require(__dirname + '/../../dadi/lib/help') describe('Help', function (done) { describe('sendBackErrorTrace', function () { @@ -38,6 +40,60 @@ describe('Help', function (done) { }) }) + describe('sendBackErrorWithCode', function () { + it('should send an error with the formatted message corresponding to the API error code with the status code provided', done => { + let res = { + end: sinon.stub(), + setHeader: sinon.stub() + } + + help.sendBackErrorWithCode('0006', 403, res, {}) + + res.setHeader.callCount.should.eql(2) + res.setHeader.args[0][0].should.eql('content-type') + res.setHeader.args[0][1].should.eql('application/json') + res.setHeader.args[1][0].should.eql('content-length') + res.setHeader.args[1][1].should.be.Number + + res.end.callCount.should.eql(1) + + let body = JSON.parse(res.end.args[0][0]) + + body.should.eql( + formatError.createError('api', '0006', null, ERROR_CODES) + ) + res.statusCode.should.eql(403) + + done() + }) + + it('should send an error with the formatted message corresponding to the API error code with the status code 500 if one is not provided', done => { + let res = { + end: sinon.stub(), + setHeader: sinon.stub() + } + + help.sendBackErrorWithCode('0006', res, {}) + + res.setHeader.callCount.should.eql(2) + res.setHeader.args[0][0].should.eql('content-type') + res.setHeader.args[0][1].should.eql('application/json') + res.setHeader.args[1][0].should.eql('content-length') + res.setHeader.args[1][1].should.be.Number + + res.end.callCount.should.eql(1) + + let body = JSON.parse(res.end.args[0][0]) + + body.should.eql( + formatError.createError('api', '0006', null, ERROR_CODES) + ) + res.statusCode.should.eql(500) + + done() + }) + }) + describe('sendBackJSONP', function () { it('should call the next handler if there is an error', done => { let nextFn = sinon.stub() From cc175a13a36e11a57247b03cd54ee1a3d1ebf844 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eduardo=20Bou=C3=A7as?= Date: Wed, 15 Aug 2018 14:36:37 +0100 Subject: [PATCH 2/2] refactor: use API error codes for invalid/missing current secret --- dadi/lib/controller/clients.js | 10 ++-------- error-codes.json | 14 +++++++++++++- test/acceptance/acl/clients-api/put.js | 8 ++++---- 3 files changed, 19 insertions(+), 13 deletions(-) diff --git a/dadi/lib/controller/clients.js b/dadi/lib/controller/clients.js index 8ed74228..28597e8e 100644 --- a/dadi/lib/controller/clients.js +++ b/dadi/lib/controller/clients.js @@ -234,10 +234,7 @@ Clients.prototype.handleError = function (res, next) { }) case 'INVALID_SECRET': - return help.sendBackJSON(400, res, next)(null, { - success: false, - errors: ['The supplied current secret is not valid'] - }) + return help.sendBackErrorWithCode('0008', 400, res, next) case 'MISSING_FIELDS': return help.sendBackJSON(400, res, next)(null, { @@ -246,10 +243,7 @@ Clients.prototype.handleError = function (res, next) { }) case 'MISSING_SECRET': - return help.sendBackJSON(400, res, next)(null, { - success: false, - errors: ['The current secret must be supplied via a `currentSecret` property'] - }) + return help.sendBackErrorWithCode('0007', 400, res, next) case 'PROTECTED_DATA_FIELDS': return help.sendBackJSON(400, res, next)(null, { diff --git a/error-codes.json b/error-codes.json index 13bd1452..56388f7e 100644 --- a/error-codes.json +++ b/error-codes.json @@ -34,5 +34,17 @@ "title": "Access denied", "details": "The bearer token supplied in the request does not have sufficient permissions to perform the operation.", "params": [] - } + }, + "0007": { + "code": "API-0007", + "title": "Current secret missing", + "details": "To update the client secret, the current secret must be supplied via the `currentSecret` property.", + "params": [] + }, + "0008": { + "code": "API-0008", + "title": "Current secret not valid", + "details": "The supplied current secret is not valid.", + "params": [] + } } \ No newline at end of file diff --git a/test/acceptance/acl/clients-api/put.js b/test/acceptance/acl/clients-api/put.js index 7f756174..e4d2d492 100644 --- a/test/acceptance/acl/clients-api/put.js +++ b/test/acceptance/acl/clients-api/put.js @@ -461,8 +461,8 @@ module.exports = () => { .end((err, res) => { res.statusCode.should.eql(400) - res.body.success.should.eql(false) - res.body.errors[0].should.eql('The current secret must be supplied via a `currentSecret` property') + res.body.code.should.eql('API-0007') + res.body.title.should.be.String client .post(config.get('auth.tokenUrl')) @@ -520,8 +520,8 @@ module.exports = () => { .end((err, res) => { res.statusCode.should.eql(400) - res.body.success.should.eql(false) - res.body.errors[0].should.eql('The current secret supplied is not valid') + res.body.code.should.eql('API-0008') + res.body.title.should.be.String client .post(config.get('auth.tokenUrl'))