fix(backend): respond with bad request on team not found (#281)

- if role of calling user's couldn't be established because of incorrect team id, respond with 400 bad request instead of 500.
measure-sh · Dec 15, 2023 · de5633a · de5633a
1 parent 848be9b
commit de5633a
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/measure-backend/measure-go/measure/team.go b/measure-backend/measure-go/measure/team.go
@@ -419,6 +419,14 @@ func InviteMembers(c *gin.Context) {
 
 	ok, err := PerformAuthz(userId, teamId.String(), *ScopeTeamInviteSameOrLower)
 	if err != nil {
+		// FIXME: improve error handling, this is quite brittle way of
+		// doing errors. not ideal.
+		if err.Error() == "received 'unknown' role" {
+			msg := `couldn't find team, perhaps team id is invalid`
+			fmt.Println(msg)
+			c.JSON(http.StatusBadRequest, gin.H{"error": msg})
+			return
+		}
 		msg := `couldn't perform authorization checks`
 		fmt.Println(msg, err)
 		c.JSON(http.StatusInternalServerError, gin.H{"error": msg})
@@ -433,13 +441,20 @@ func InviteMembers(c *gin.Context) {
 		id: userId,
 	}
 	userRole, err := user.getRole(teamId.String())
-	if err != nil || userRole == unknown {
+	if err != nil {
 		msg := `couldn't perform authorization checks`
 		fmt.Println(msg, err)
 		c.JSON(http.StatusInternalServerError, gin.H{"error": msg})
 		return
 	}
 
+	if userRole == unknown {
+		msg := `couldn't find team, perhaps team id is invalid`
+		fmt.Println(msg)
+		c.JSON(http.StatusBadRequest, gin.H{"error": msg})
+		return
+	}
+
 	var inviteeRoles []rank
 	for _, r := range invitees {
 		inviteeRoles = append(inviteeRoles, r.Role)