yisroelbaum/Goal-Calibration
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'fix/handle-forbidden-text'

Browse source
This commit is contained in:
Yisroel Baum 2026-05-03 16:37:02 +03:00
commit ca328724b3
Signed by: yisroelbaum
GPG key ID: 0FA60884F75520A9
2 changed files with 37 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

19
cypress/e2e/userText.cy.js
View file

@ -55,4 +55,23 @@ describe('The user text detail page', () => {
expect(response.status).to.eq(403)
})
})
it('non-owner sees forbidden message when viewing another user text', () => {
cy.loginAsSecondUser()
cy.intercept('GET', '/api/texts/0').as('getText')
cy.visit('/texts/0')
cy.wait('@getText')
cy.get('#text-detail').should(
'contain',
"You don't have permission to view this text"
)
})
it('user sees not found for non-existent text', () => {
cy.loginAsUser()
cy.intercept('GET', '/api/texts/999').as('getText')
cy.visit('/texts/999')
cy.wait('@getText')
cy.get('#text-detail').should('contain', 'Text not found')
})
})

20
public/js/text.js
View file

@ -4,8 +4,24 @@ document.addEventListener('DOMContentLoaded', () => {
const textId = window.location.pathname.split('/').pop();
fetch('/api/texts/' + textId, { credentials: 'same-origin' })
.then(res => res.json())
.then(text => {
.then(function (res) {
if (!res.ok) {
if (res.status === 403) {
const message = document.createElement('p');
message.textContent =
"You don't have permission to view this text";
document.getElementById('text-detail').appendChild(message);
} else if (res.status === 404) {
const message = document.createElement('p');
message.textContent = 'Text not found';
document.getElementById('text-detail').appendChild(message);
}
return;
}
return res.json();
})
.then(function (text) {
if (!text) return;
const h1 = document.createElement('h1');
h1.textContent = text.name;
document.getElementById('text-detail').appendChild(h1);