From 227132413a86d9e614c512599b33e8d505a3ac6e Mon Sep 17 00:00:00 2001 From: Lilleman Date: Thu, 24 Jun 2021 00:46:28 +0200 Subject: [PATCH] Better error handling --- src/handlers/delete.go | 2 +- src/handlers/get.go | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/handlers/delete.go b/src/handlers/delete.go index 6155dd2..8949299 100644 --- a/src/handlers/delete.go +++ b/src/handlers/delete.go @@ -30,7 +30,7 @@ func (h Handlers) AccountDel(c *fiber.Ctx) error { return c.Status(400).JSON([]ResJSONError{{Error: "Invalid uuid format"}}) } - authErr := h.RequireAdminRole(c) + authErr := h.RequireAdminRoleOrAccountID(c, accountID) if authErr != nil { return c.Status(403).JSON([]ResJSONError{{Error: authErr.Error()}}) } diff --git a/src/handlers/get.go b/src/handlers/get.go index 9bf41b0..6763e37 100644 --- a/src/handlers/get.go +++ b/src/handlers/get.go @@ -2,6 +2,7 @@ package handlers import ( "github.com/gofiber/fiber/v2" + "github.com/google/uuid" ) // AccountGet godoc @@ -22,6 +23,11 @@ import ( func (h Handlers) AccountGet(c *fiber.Ctx) error { accountID := c.Params("accountID") + _, uuidErr := uuid.Parse(accountID) + if uuidErr != nil { + return c.Status(400).JSON([]ResJSONError{{Error: "Invalid uuid format"}}) + } + authErr := h.RequireAdminRoleOrAccountID(c, accountID) if authErr != nil { return c.Status(403).JSON([]ResJSONError{{Error: authErr.Error()}})