Commit 6f81b7f

committed

refactor(auth): add robust validation for role updates

Adds try-catch blocks around the byName() enum parsing for appRole and dashboardRole in the user updater logic. This prevents unhandled ArgumentError exceptions when a client provides an invalid role string. Instead of causing a 500 Internal Server Error, the API will now correctly return a 400 Bad Request with a clear error message, improving client-side error handling and API robustness.

1 parent 662bfe5 commit 6f81b7fCopy full SHA for 6f81b7f

File tree

1 file changed

+18

-6

lines changed

lib/src/registry
- data_operation_registry.dart

1 file changed

+18

-6

lines changed

`‎lib/src/registry/data_operation_registry.dart‎`

Lines changed: 18 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -238,16 +238,28 @@ class DataOperationRegistry {`
`238`	`238`
`239`	`239`	`AppUserRole? newAppRole;`
`240`	`240`	`if (requestBody.containsKey('appRole')) {`
`241`		`- newAppRole = AppUserRole.values.byName(`
`242`		`- requestBody['appRole'] as String,`
`243`		`- );`
	`241`	`+ try {`
	`242`	`+ newAppRole = AppUserRole.values.byName(`
	`243`	`+ requestBody['appRole'] as String,`
	`244`	`+ );`
	`245`	`+ } on ArgumentError {`
	`246`	`+ throw BadRequestException(`
	`247`	`+ 'Invalid value for "appRole": "${requestBody['appRole']}".',`
	`248`	`+ );`
	`249`	`+ }`
`244`	`250`	`}`
`245`	`251`
`246`	`252`	`DashboardUserRole? newDashboardRole;`
`247`	`253`	`if (requestBody.containsKey('dashboardRole')) {`
`248`		`- newDashboardRole = DashboardUserRole.values.byName(`
`249`		`- requestBody['dashboardRole'] as String,`
`250`		`- );`
	`254`	`+ try {`
	`255`	`+ newDashboardRole = DashboardUserRole.values.byName(`
	`256`	`+ requestBody['dashboardRole'] as String,`
	`257`	`+ );`
	`258`	`+ } on ArgumentError {`
	`259`	`+ throw BadRequestException(`
	`260`	`+ 'Invalid value for "dashboardRole": "${requestBody['dashboardRole']}".',`
	`261`	`+ );`
	`262`	`+ }`
`251`	`263`	`}`
`252`	`264`
`253`	`265`	`Map<FeedDecoratorType, UserFeedDecoratorStatus>? newStatus;`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 6f81b7f

File tree

1 file changed

1 file changed

`‎lib/src/registry/data_operation_registry.dart‎`

0 commit comments