Summary
The seller approval/rejection endpoint updates an affiliate application, then writes a notification to the affiliate. If the notification insert fails or throws after the application update succeeds, the route falls into the outer catch and returns a generic 500 even though the status change has already been committed.
Steps to reproduce
- As a seller, approve or reject an affiliate application.
- Simulate a failure inserting into the notifications table after the application update succeeds.
Expected
The API should return the updated application. Notification delivery should be best-effort after the status change is saved.
Actual
The endpoint can return 500 after changing the application status, leaving the seller-facing UI with a failed response for an operation that already took effect.
Proposed fix
Wrap the affiliate notification insert in a best-effort try/catch, log notification failures, and keep returning the updated application. Add route regression coverage for a failed notification insert.
Summary
The seller approval/rejection endpoint updates an affiliate application, then writes a notification to the affiliate. If the notification insert fails or throws after the application update succeeds, the route falls into the outer catch and returns a generic 500 even though the status change has already been committed.
Steps to reproduce
Expected
The API should return the updated application. Notification delivery should be best-effort after the status change is saved.
Actual
The endpoint can return 500 after changing the application status, leaving the seller-facing UI with a failed response for an operation that already took effect.
Proposed fix
Wrap the affiliate notification insert in a best-effort try/catch, log notification failures, and keep returning the updated application. Add route regression coverage for a failed notification insert.