BETTERZON-77: Changing error behavior as the previous behavior cloud have opened up security vulnerabilities (#38)

This commit is contained in:
Patrick 2021-05-03 19:51:46 +02:00 committed by GitHub
parent 816036dbdf
commit e1da64cac3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 40 additions and 248 deletions

View File

@ -20,19 +20,18 @@ export const categoriesRouter = express.Router();
*/
// GET categories/
categoriesRouter.get('/', async (req: Request, res: Response) => {
try {
const categories: Categories = await CategoryService.findAll();
res.status(200).send(categories);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET categories/:id
categoriesRouter.get('/:id', async (req: Request, res: Response) => {
const id: number = parseInt(req.params.id, 10);
@ -46,12 +45,12 @@ categoriesRouter.get('/:id', async (req: Request, res: Response) => {
res.status(200).send(category);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET categories/search/:term
categoriesRouter.get('/search/:term', async (req: Request, res: Response) => {
const term: string = req.params.term;
@ -65,48 +64,7 @@ categoriesRouter.get('/search/:term', async (req: Request, res: Response) => {
res.status(200).send(categories);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// POST items/
// categoriesRouter.post('/', async (req: Request, res: Response) => {
// try {
// const category: Category = req.body.category;
//
// await CategoryService.create(category);
//
// res.sendStatus(201);
// } catch (e) {
// res.status(404).send(e.message);
// }
// });
//
// // PUT items/
//
// categoriesRouter.put('/', async (req: Request, res: Response) => {
// try {
// const category: Category = req.body.category;
//
// await CategoryService.update(category);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });
//
// // DELETE items/:id
//
// categoriesRouter.delete('/:id', async (req: Request, res: Response) => {
// try {
// const id: number = parseInt(req.params.id, 10);
// await CategoryService.remove(id);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });

View File

@ -20,19 +20,18 @@ export const manufacturersRouter = express.Router();
*/
// GET items/
manufacturersRouter.get('/', async (req: Request, res: Response) => {
try {
const manufacturers: Manufacturers = await ManufacturerService.findAll();
res.status(200).send(manufacturers);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET items/:id
manufacturersRouter.get('/:id', async (req: Request, res: Response) => {
const id: number = parseInt(req.params.id, 10);
@ -46,12 +45,12 @@ manufacturersRouter.get('/:id', async (req: Request, res: Response) => {
res.status(200).send(manufacturer);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET items/:name
manufacturersRouter.get('/search/:term', async (req: Request, res: Response) => {
const term: string = req.params.term;
@ -65,48 +64,7 @@ manufacturersRouter.get('/search/:term', async (req: Request, res: Response) =>
res.status(200).send(manufacturer);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// POST items/
// manufacturersRouter.post('/', async (req: Request, res: Response) => {
// try {
// const category: Category = req.body.category;
//
// await CategoryService.create(category);
//
// res.sendStatus(201);
// } catch (e) {
// res.status(404).send(e.message);
// }
// });
//
// // PUT items/
//
// manufacturersRouter.put('/', async (req: Request, res: Response) => {
// try {
// const category: Category = req.body.category;
//
// await CategoryService.update(category);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });
//
// // DELETE items/:id
//
// manufacturersRouter.delete('/:id', async (req: Request, res: Response) => {
// try {
// const id: number = parseInt(req.params.id, 10);
// await CategoryService.remove(id);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });

View File

@ -20,7 +20,6 @@ export const pricesRouter = express.Router();
*/
// GET prices/
pricesRouter.get('/', async (req: Request, res: Response) => {
try {
let prices: Prices = [];
@ -40,12 +39,12 @@ pricesRouter.get('/', async (req: Request, res: Response) => {
res.status(200).send(prices);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET prices/:id
pricesRouter.get('/:id', async (req: Request, res: Response) => {
const id: number = parseInt(req.params.id, 10);
@ -59,12 +58,12 @@ pricesRouter.get('/:id', async (req: Request, res: Response) => {
res.status(200).send(price);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET prices/bestDeals
pricesRouter.get('/bestDeals/:amount', async (req: Request, res: Response) => {
const amount: number = parseInt(req.params.amount, 10);
@ -78,12 +77,12 @@ pricesRouter.get('/bestDeals/:amount', async (req: Request, res: Response) => {
res.status(200).send(prices);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET prices/byProduct/list/[]
pricesRouter.get('/byProduct/list/:ids', async (req: Request, res: Response) => {
const productIds: [number] = JSON.parse(req.params.ids);
@ -97,47 +96,7 @@ pricesRouter.get('/byProduct/list/:ids', async (req: Request, res: Response) =>
res.status(200).send(prices);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// POST items/
// pricesRouter.post('/', async (req: Request, res: Response) => {
// try {
// const category: Category = req.body.category;
//
// await CategoryService.create(category);
//
// res.sendStatus(201);
// } catch (e) {
// res.status(404).send(e.message);
// }
// });
//
// // PUT items/
//
// pricesRouter.put('/', async (req: Request, res: Response) => {
// try {
// const category: Category = req.body.category;
//
// await CategoryService.update(category);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });
//
// // DELETE items/:id
//
// pricesRouter.delete('/:id', async (req: Request, res: Response) => {
// try {
// const id: number = parseInt(req.params.id, 10);
// await CategoryService.remove(id);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });

View File

@ -20,19 +20,18 @@ export const productsRouter = express.Router();
*/
// GET products/
productsRouter.get('/', async (req: Request, res: Response) => {
try {
const products: Products = await ProductService.findAll();
res.status(200).send(products);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET products/:id
productsRouter.get('/:id', async (req: Request, res: Response) => {
const id: number = parseInt(req.params.id, 10);
@ -46,12 +45,12 @@ productsRouter.get('/:id', async (req: Request, res: Response) => {
res.status(200).send(product);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET products/search/:term
productsRouter.get('/search/:term', async (req: Request, res: Response) => {
const term: string = req.params.term;
@ -65,12 +64,12 @@ productsRouter.get('/search/:term', async (req: Request, res: Response) => {
res.status(200).send(products);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET products/list/[1,2,3]
productsRouter.get('/list/:ids', async (req: Request, res: Response) => {
const ids: [number] = JSON.parse(req.params.ids);
@ -84,50 +83,7 @@ productsRouter.get('/list/:ids', async (req: Request, res: Response) => {
res.status(200).send(products);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET products/bestDeals
// POST items/
// productsRouter.post('/', async (req: Request, res: Response) => {
// try {
// const product: Product = req.body.product;
//
// await ProductService.create(product);
//
// res.sendStatus(201);
// } catch (e) {
// res.status(404).send(e.message);
// }
// });
//
// // PUT items/
//
// productsRouter.put('/', async (req: Request, res: Response) => {
// try {
// const product: Product = req.body.product;
//
// await ProductService.update(product);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });
//
// // DELETE items/:id
//
// productsRouter.delete('/:id', async (req: Request, res: Response) => {
// try {
// const id: number = parseInt(req.params.id, 10);
// await ProductService.remove(id);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });

View File

@ -49,7 +49,8 @@ usersRouter.post('/register', async (req: Request, res: Response) => {
// Send the session details back to the user
res.status(201).send(session);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
@ -78,7 +79,8 @@ usersRouter.post('/login', async (req: Request, res: Response) => {
// Send the session details back to the user
res.status(201).send(session);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
@ -107,6 +109,7 @@ usersRouter.post('/checkSessionValid', async (req: Request, res: Response) => {
// Send the session details back to the user
res.status(201).send(user);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});

View File

@ -20,19 +20,18 @@ export const vendorsRouter = express.Router();
*/
// GET items/
vendorsRouter.get('/', async (req: Request, res: Response) => {
try {
const vendors: Vendors = await VendorService.findAll();
res.status(200).send(vendors);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET items/:id
vendorsRouter.get('/:id', async (req: Request, res: Response) => {
const id: number = parseInt(req.params.id, 10);
@ -46,12 +45,12 @@ vendorsRouter.get('/:id', async (req: Request, res: Response) => {
res.status(200).send(vendor);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// GET items/:name
vendorsRouter.get('/search/:term', async (req: Request, res: Response) => {
const term: string = req.params.term;
@ -65,48 +64,7 @@ vendorsRouter.get('/search/:term', async (req: Request, res: Response) => {
res.status(200).send(vendors);
} catch (e) {
res.status(404).send(e.message);
console.log('Error handling a request: ' + e.message);
res.status(500).send(JSON.stringify({"message": "Internal Server Error. Try again later."}));
}
});
// POST items/
// vendorsRouter.post('/', async (req: Request, res: Response) => {
// try {
// const category: Category = req.body.category;
//
// await CategoryService.create(category);
//
// res.sendStatus(201);
// } catch (e) {
// res.status(404).send(e.message);
// }
// });
//
// // PUT items/
//
// vendorsRouter.put('/', async (req: Request, res: Response) => {
// try {
// const category: Category = req.body.category;
//
// await CategoryService.update(category);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });
//
// // DELETE items/:id
//
// vendorsRouter.delete('/:id', async (req: Request, res: Response) => {
// try {
// const id: number = parseInt(req.params.id, 10);
// await CategoryService.remove(id);
//
// res.sendStatus(200);
// } catch (e) {
// res.status(500).send(e.message);
// }
// });