From a16362514453c6d27d81d1e9b04e02468d1881ee Mon Sep 17 00:00:00 2001 From: Gosha Tcherednitchenko Date: Thu, 12 Sep 2024 06:41:02 +0100 Subject: [PATCH] account: Fix in update handler Previously it would fail with 500 if after filtering no updateable fields were left in the request. --- src/apossiblespace/parts/account.clj | 22 +++++++++++++--------- test/apossiblespace/parts/account_test.clj | 7 ++++++- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/src/apossiblespace/parts/account.clj b/src/apossiblespace/parts/account.clj index 8512b34..14b34a7 100644 --- a/src/apossiblespace/parts/account.clj +++ b/src/apossiblespace/parts/account.clj @@ -59,16 +59,20 @@ body (:body request) update-data (-> body remove-disallowed-update-fields - prepare-user-data) - updated-user (first (db/update! :users update-data [:= :id user-id]))] - (if updated-user + prepare-user-data)] + (if (= {} update-data) (do - (mulog/log ::update-account-success :user-id user-id) - (-> (response/response (db/remove-sensitive-data updated-user)) - (response/status 200))) - (do - (mulog/log ::update-account-not-found :user-id user-id) - (throw (ex-info "User not found" {:type :not-found})))))) + (mulog/log ::update-account-nothing-to-update :user-id user-id) + (throw (ex-info "Nothing to update" {:type :validation}))) + (let [updated-user (first (db/update! :users update-data [:= :id user-id]))] + (if updated-user + (do + (mulog/log ::update-account-success :user-id user-id) + (-> (response/response (db/remove-sensitive-data updated-user)) + (response/status 200))) + (do + (mulog/log ::update-account-not-found :user-id user-id) + (throw (ex-info "User not found" {:type :not-found})))))))) (defn delete-account "Delete own account" diff --git a/test/apossiblespace/parts/account_test.clj b/test/apossiblespace/parts/account_test.clj index 3130e8f..dd2aa1f 100644 --- a/test/apossiblespace/parts/account_test.clj +++ b/test/apossiblespace/parts/account_test.clj @@ -35,7 +35,12 @@ updated-fields) (is (not (contains? (:body response) :password_hash)))))) - (testing "returns updated user information" (is true))) + (testing "does not update where no updatable data is passed" + (let [user (register-test-user) + mock-request {:identity {:sub (:id user)} + :body {:username "something"}}] + (is (thrown-with-msg? clojure.lang.ExceptionInfo #"Nothing to update" + (account/update-account mock-request)))))) (deftest test-delete-account (testing "does not delete without a confirmation param"