Skip to content

Commit

Permalink
fix(#9527): don't log error when privacy policy doc is malformed (#9671)
Browse files Browse the repository at this point in the history
When privacy policies doc is malformed, treat it as a 404 instead of some custom error.

#9527
  • Loading branch information
dianabarsan authored Nov 29, 2024
1 parent 01d06ec commit fd83165
Showing 5 changed files with 44 additions and 10 deletions.
19 changes: 19 additions & 0 deletions api/src/errors.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
class PublicError extends Error {
constructor(publicMessage, ...args) {
super(publicMessage, ...args);
this.publicMessage = publicMessage;
}
}

class NotFoundError extends Error {
constructor(message, ...args) {
super(message, ...args);
this.status = 404; // simulate PouchDb error
this.statusCode = 404; // simulate Request error
}
}

module.exports = {
PublicError,
NotFoundError,
};
8 changes: 0 additions & 8 deletions api/src/public-error.js

This file was deleted.

3 changes: 2 additions & 1 deletion api/src/services/privacy-policy.js
Original file line number Diff line number Diff line change
@@ -2,6 +2,7 @@ const sanitizeHtml = require('sanitize-html');
const db = require('../db');
const logger = require('@medic/logger');
const config = require('../config');
const { NotFoundError } = require('../errors');

const PRIVACY_POLICY_DOC_ID = 'privacy-policies';

@@ -22,7 +23,7 @@ const getDoc = (options=({})) => {
.then(doc => {
const policies = doc.privacy_policies;
if (!policies || !Object.keys(policies).length) { // invalid doc
throw new Error(`Invalid ${PRIVACY_POLICY_DOC_ID} doc: missing required "privacy_policies" property`);
throw new NotFoundError(`Invalid ${PRIVACY_POLICY_DOC_ID} doc: missing required "privacy_policies" property`);
}
return doc;
})
2 changes: 1 addition & 1 deletion api/src/services/records.js
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@ const phoneNumber = require('@medic/phone-number');
const config = require('../config');
const smsparser = require('./report/smsparser');
const validate = require('./report/validate');
const PublicError = require('../public-error');
const { PublicError } = require('../errors');
const DATE_NUMBER_STRING = /(\d{13,})/;

// matches invisible characters that can mess up our parsing
22 changes: 22 additions & 0 deletions api/tests/mocha/services/privacy-policy.spec.js
Original file line number Diff line number Diff line change
@@ -3,6 +3,7 @@ const sinon = require('sinon');
const service = require('../../../src/services/privacy-policy');
const db = require('../../../src/db');
const config = require('../../../src/config');
const logger = require('@medic/logger');

describe('Privacy Policy service', () => {

@@ -123,6 +124,27 @@ describe('Privacy Policy service', () => {
});
});

it('should throw error when doc does not exist', async () => {
sinon.spy(logger, 'error');
sinon.stub(db.medic, 'get').rejects({ status: 404 });
await chai.expect(service.get('sw')).to.be.rejected.and.eventually.deep.equal({ status: 404 });
chai.expect(logger.error.called).to.equal(false);
});

it('should throw error when doc has no policies', async () => {
sinon.stub(db.medic, 'get').resolves({ privacy_policies: {} });
sinon.spy(logger, 'error');
await chai.expect(service.get('sw')).to.be.rejected.and.eventually.deep.include({ status: 404 });
chai.expect(logger.error.called).to.equal(false);
});

it('should throw error on misconfigured doc', async () => {
sinon.stub(db.medic, 'get').resolves({ });
sinon.spy(logger, 'error');
await chai.expect(service.get('sw')).to.be.rejected.and.eventually.deep.include({ status: 404 });
chai.expect(logger.error.called).to.equal(false);
});

});

});

0 comments on commit fd83165

Please sign in to comment.