Merge branch 'fix/handle-forbidden-text'

handle forbidden and not found errors on text page
add tests for forbidden and not found text
2026-05-03 16:37:02 +03:00 · 2026-05-03 16:36:57 +03:00 · 2026-05-03 16:36:57 +03:00
2 changed files with 37 additions and 2 deletions
--- a/cypress/e2e/userText.cy.js
+++ b/cypress/e2e/userText.cy.js
@ -55,4 +55,23 @@ describe('The user text detail page', () => {
            expect(response.status).to.eq(403)
        })
    })
+
+    it('non-owner sees forbidden message when viewing another user text', () => {
+        cy.loginAsSecondUser()
+        cy.intercept('GET', '/api/texts/0').as('getText')
+        cy.visit('/texts/0')
+        cy.wait('@getText')
+        cy.get('#text-detail').should(
+            'contain',
+            "You don't have permission to view this text"
+        )
+    })
+
+    it('user sees not found for non-existent text', () => {
+        cy.loginAsUser()
+        cy.intercept('GET', '/api/texts/999').as('getText')
+        cy.visit('/texts/999')
+        cy.wait('@getText')
+        cy.get('#text-detail').should('contain', 'Text not found')
+    })
 })
--- a/public/js/text.js
+++ b/public/js/text.js
@ -4,8 +4,24 @@ document.addEventListener('DOMContentLoaded', () => {
    const textId = window.location.pathname.split('/').pop();

    fetch('/api/texts/' + textId, { credentials: 'same-origin' })
-        .then(res => res.json())
-        .then(text => {
+        .then(function (res) {
+            if (!res.ok) {
+                if (res.status === 403) {
+                    const message = document.createElement('p');
+                    message.textContent =
+                        "You don't have permission to view this text";
+                    document.getElementById('text-detail').appendChild(message);
+                } else if (res.status === 404) {
+                    const message = document.createElement('p');
+                    message.textContent = 'Text not found';
+                    document.getElementById('text-detail').appendChild(message);
+                }
+                return;
+            }
+            return res.json();
+        })
+        .then(function (text) {
+            if (!text) return;
            const h1 = document.createElement('h1');
            h1.textContent = text.name;
            document.getElementById('text-detail').appendChild(h1);
Author	SHA1	Message	Date
Yisroel Baum	ca328724b3	Merge branch 'fix/handle-forbidden-text'	2026-05-03 16:37:02 +03:00
Yisroel Baum	b5040fff14	handle forbidden and not found errors on text page	2026-05-03 16:36:57 +03:00
Yisroel Baum	a71cd641dc	add tests for forbidden and not found text	2026-05-03 16:36:57 +03:00