From 227132413a86d9e614c512599b33e8d505a3ac6e Mon Sep 17 00:00:00 2001
From: Lilleman <lilleman@larvit.se>
Date: Thu, 24 Jun 2021 00:46:28 +0200
Subject: [PATCH] Better error handling

---
 src/handlers/delete.go | 2 +-
 src/handlers/get.go    | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/handlers/delete.go b/src/handlers/delete.go
index 6155dd2..8949299 100644
--- a/src/handlers/delete.go
+++ b/src/handlers/delete.go
@@ -30,7 +30,7 @@ func (h Handlers) AccountDel(c *fiber.Ctx) error {
 		return c.Status(400).JSON([]ResJSONError{{Error: "Invalid uuid format"}})
 	}
 
-	authErr := h.RequireAdminRole(c)
+	authErr := h.RequireAdminRoleOrAccountID(c, accountID)
 	if authErr != nil {
 		return c.Status(403).JSON([]ResJSONError{{Error: authErr.Error()}})
 	}
diff --git a/src/handlers/get.go b/src/handlers/get.go
index 9bf41b0..6763e37 100644
--- a/src/handlers/get.go
+++ b/src/handlers/get.go
@@ -2,6 +2,7 @@ package handlers
 
 import (
 	"github.com/gofiber/fiber/v2"
+	"github.com/google/uuid"
 )
 
 // AccountGet godoc
@@ -22,6 +23,11 @@ import (
 func (h Handlers) AccountGet(c *fiber.Ctx) error {
 	accountID := c.Params("accountID")
 
+	_, uuidErr := uuid.Parse(accountID)
+	if uuidErr != nil {
+		return c.Status(400).JSON([]ResJSONError{{Error: "Invalid uuid format"}})
+	}
+
 	authErr := h.RequireAdminRoleOrAccountID(c, accountID)
 	if authErr != nil {
 		return c.Status(403).JSON([]ResJSONError{{Error: authErr.Error()}})