fix unhandled exception (#473)

* handle error and return 400 * Update accounts.js * Update accounts.js * new test passing
2025-12-19 05:47:46 +00:00 · 2025-06-26 18:09:42 +01:00
parent 1532a4ab9c
commit 781179bf0e
2 changed files with 19 additions and 1 deletions
--- a/lib/routes/api/utils.js
+++ b/lib/routes/api/utils.js
@@ -286,7 +286,11 @@ const hasAccountPermissions = async(req, res, next) => {
      message: 'insufficient privileges'
    });
  } catch (error) {
-    throw error;
+    // return 400 on errors
+    res.status(400).json({
+      status: 'fail',
+      message: error.message
+    });
  }
 };

--- a/test/accounts.js
+++ b/test/accounts.js
@@ -266,6 +266,19 @@ test('account tests', async(t) => {
      t.ok(err.statusCode === 400, 'returns 400 bad request if account sid param is not a valid uuid');
    }

+     /* try to fetch Alerts with an invalid account SID */
+    try {
+      result = await request.get(`/Accounts/INVALID/Alerts?page=1&count=1`, {
+        auth: {bearer: accountLevelToken},
+        resolveWithFullResponse: true,
+        json: true
+      });
+      t.fail('Expected request to fail with invalid account SID');
+      console.log(result)
+    } catch (err) {
+      t.ok(err.statusCode === 400, 'returns 400 bad request if account sid param is not a valid uuid');
+    }
+
    /* query all limits for an account */
    result = await request.get(`/Accounts/${sid}/Limits`, {
      auth: authAdmin,
@@ -337,6 +350,7 @@ test('account tests', async(t) => {
    await deleteObjectBySid(request, '/VoipCarriers', voip_carrier_sid);
    await deleteObjectBySid(request, '/ServiceProviders', service_provider_sid);
    //t.end();
+
  }
  catch (err) {
    console.error(err);