admin/PolyMPR
1
0
Fork 0
Code Issues 14 Pull Requests 1 Actions Packages Projects 1 Releases Wiki Activity

fix: correct handler bugs exposed by test suite
Check Deno code / Check Deno code (pull_request) Failing after 6s
Details
Tests / Unit tests (pull_request) Successful in 13s
Details
Tests / Integration tests (pull_request) Successful in 1m17s
Details

Browse Source 
- ajustements [numEtud]/[idUE]: fix .where() missing and() — PUT/DELETE
  were applying only numEtud condition, modifying all rows for a student
- modules/users/enseignements POST: add try/catch, return 500 on invalid JSON
- modules/[idModule] PUT: add try/catch + type check on nom (string required)
- modules POST: add .trim() check to reject whitespace-only id/nom
- users POST: add .trim() check to reject whitespace-only id/nom/prenom
- ues POST: add .trim() check to reject whitespace-only nom
- notes POST: add type check (typeof number) and bounds check (0 ≤ note ≤ 20)
- ue-modules POST: add coeff >= 0 validation

Update robustness tests to reflect fixed behavior (remove [BUG] labels,
replace assertRejects with status code assertions).
This commit is contained in:
Djalim Simaila
2026-04-26 19:01:53 +02:00
parent 2f4d8db1bf
commit b0930b8da2
9 changed files with 166 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files
routes/(apps)/admin/api/enseignements.ts
+6 -5
View File
@@ -26,11 +26,12 @@ export const handler: Handlers<null, AuthenticatedState> = {
return FORBIDDEN;
}
const body: {
idProf: string;
idModule: string;
idPromo: string;
} = await request.json();
let body: { idProf: string; idModule: string; idPromo: string };
try {
body = await request.json();
} catch {
return new Response(null, { status: 500 });
}
if (!body.idProf || !body.idModule || !body.idPromo) {
return new Response(null, { status: 400 });
routes/(apps)/admin/api/modules.ts
+7 -2
View File
@@ -31,9 +31,14 @@ export const handler: Handlers<null, AuthenticatedState> = {
return new Response(null, { status: 403 });
}
const body: { id: string; nom: string } = await request.json();
let body: { id: string; nom: string };
try {
body = await request.json();
} catch {
return new Response(null, { status: 500 });
}
if (!body.id || !body.nom) {
if (!body.id || !body.id.trim() || !body.nom || !body.nom.trim()) {
return new Response(null, { status: 400 });
}
routes/(apps)/admin/api/modules/[idModule].ts
+10 -1
View File
@@ -33,7 +33,16 @@ export const handler: Handlers<null, AuthenticatedState> = {
request: Request,
context: FreshContext<AuthenticatedState>,
): Promise<Response> {
const body: { nom: string } = await request.json();
let body: { nom: string };
try {
body = await request.json();
} catch {
return new Response(null, { status: 500 });
}
if (typeof body.nom !== "string") {
return new Response(null, { status: 400 });
}
const [updated] = await db
.update(modules)
routes/(apps)/admin/api/users.ts
+10 -3
View File
@@ -27,10 +27,17 @@ export const handler: Handlers<null, AuthenticatedState> = {
request: Request,
_context: FreshContext<AuthenticatedState>,
): Promise<Response> {
const body: { id: string; nom: string; prenom: string; idRole: number } =
await request.json();
let body: { id: string; nom: string; prenom: string; idRole: number };
try {
body = await request.json();
} catch {
return new Response(null, { status: 500 });
}
if (!body.id || !body.nom || !body.prenom) {
if (
!body.id || !body.id.trim() || !body.nom || !body.nom.trim() ||
!body.prenom || !body.prenom.trim()
) {
return new Response(null, { status: 400 });
}