Enhance permission validation and error handling in permissionController
Updated the getUserPermissions function to include validation for clubId, ensuring it is a valid positive integer. Added error handling to return a 400 status with a descriptive message for invalid club IDs, improving the robustness of the API response.
This commit is contained in:
Torsten Schulz (local)
@@ -74,9 +74,14 @@ class MemberTransferService {
|
||||
// Login-Credentials aus gespeicherter Konfiguration laden, falls vorhanden
|
||||
// WICHTIG: Nur wenn keine Credentials übergeben wurden ODER wenn übergebene Credentials leer sind
|
||||
if (!loginCredentials || Object.keys(loginCredentials).length === 0) {
|
||||
if (savedConfig.loginEndpoint === config.loginEndpoint) {
|
||||
// Endpoint-Vergleich: Normalisiere beide für Vergleich (entferne führende/schließende Slashes)
|
||||
const normalizedConfigEndpoint = config.loginEndpoint.replace(/^\/|\/$/g, '');
|
||||
const normalizedSavedEndpoint = savedConfig.loginEndpoint?.replace(/^\/|\/$/g, '') || '';
|
||||
|
||||
if (normalizedSavedEndpoint === normalizedConfigEndpoint || !savedConfig.loginEndpoint) {
|
||||
const savedCredentials = savedConfig.getLoginCredentials();
|
||||
if (savedCredentials && Object.keys(savedCredentials).length > 0) {
|
||||
devLog('[transferMembers] Verwende gespeicherte Login-Credentials');
|
||||
loginCredentials = savedCredentials;
|
||||
}
|
||||
}
|
||||
@@ -93,15 +98,41 @@ class MemberTransferService {
|
||||
where: { clubId }
|
||||
});
|
||||
}
|
||||
if (savedConfig && savedConfig.loginEndpoint === config.loginEndpoint) {
|
||||
const savedCredentials = savedConfig.getLoginCredentials();
|
||||
if (savedCredentials && Object.keys(savedCredentials).length > 0) {
|
||||
loginCredentials = savedCredentials;
|
||||
if (savedConfig) {
|
||||
// Versuche Endpoint zu vergleichen (normalisiert)
|
||||
const normalizedConfigEndpoint = config.loginEndpoint.replace(/\/$/, '').toLowerCase();
|
||||
const savedEndpointFull = savedConfig.loginEndpoint
|
||||
? (savedConfig.server?.replace(/\/$/, '') + '/' + savedConfig.loginEndpoint.replace(/^\//, '')).replace(/\/$/, '').toLowerCase()
|
||||
: null;
|
||||
|
||||
// Wenn Endpoints übereinstimmen ODER wenn kein Endpoint in gespeicherter Config
|
||||
if (savedEndpointFull === normalizedConfigEndpoint || !savedConfig.loginEndpoint) {
|
||||
const savedCredentials = savedConfig.getLoginCredentials();
|
||||
if (savedCredentials && Object.keys(savedCredentials).length > 0) {
|
||||
devLog('[transferMembers] Verwende gespeicherte Login-Credentials (vollständige URL)');
|
||||
loginCredentials = savedCredentials;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Fallback: Wenn immer noch keine Credentials, versuche aus gespeicherter Config zu laden
|
||||
if (config.loginEndpoint && (!loginCredentials || Object.keys(loginCredentials).length === 0)) {
|
||||
if (!savedConfig) {
|
||||
savedConfig = await MemberTransferConfig.findOne({
|
||||
where: { clubId }
|
||||
});
|
||||
}
|
||||
if (savedConfig) {
|
||||
const savedCredentials = savedConfig.getLoginCredentials();
|
||||
if (savedCredentials && Object.keys(savedCredentials).length > 0) {
|
||||
devLog('[transferMembers] Fallback: Verwende gespeicherte Login-Credentials');
|
||||
loginCredentials = savedCredentials;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (config.transferEndpoint && !config.transferEndpoint.startsWith('http')) {
|
||||
// Versuche gespeicherte Konfiguration zu finden (falls noch nicht geladen)
|
||||
if (!savedConfig) {
|
||||
|
||||
Reference in New Issue
Block a user