Enhancement: Add validation for unique values for short text fields (code review 2)

Signed-off-by: Kostiantyn Miakshyn <molodchick@gmail.com>

Author: Koc

lib/Controller/Api1Controller.php

@@ -1139,9 +1139,10 @@ public function indexViewRows(int $viewId, ?int $limit, ?int $offset): DataRespo
 	 *
 	 * @param int $viewId View ID
 	 * @param string|array<string, mixed> $data Data as key - value store
-	 * @return DataResponse<Http::STATUS_OK, TablesRow, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR, array{message: string}, array{}>
+	 * @return DataResponse<Http::STATUS_OK, TablesRow, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_BAD_REQUEST|Http::STATUS_INTERNAL_SERVER_ERROR, array{message: string}, array{}>
 	 *
 	 * 200: Row returned
+	 * 400: Validation error
 	 * 403: No permissions
 	 */
 	#[NoAdminRequired]
@@ -1168,11 +1169,14 @@ public function createRowInView(int $viewId, $data): DataResponse {
 
 		try {
 			return new DataResponse($this->rowService->create(null, $viewId, $dataNew)->jsonSerialize());
+		} catch (BadRequestError $e) {
+			$this->logger->warning('An bad request was encountered: ' . $e->getMessage(), ['exception' => $e]);
+			return new DataResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST);
 		} catch (PermissionError $e) {
 			$this->logger->warning('A permission error occurred: ' . $e->getMessage(), ['exception' => $e]);
 			$message = ['message' => $e->getMessage()];
 			return new DataResponse($message, Http::STATUS_FORBIDDEN);
-		} catch (BadRequestError|InternalError|Exception $e) {
+		} catch (InternalError|Exception $e) {
 			$this->logger->error('An internal error or exception occurred: ' . $e->getMessage(), ['exception' => $e]);
 			$message = ['message' => $e->getMessage()];
 			return new DataResponse($message, Http::STATUS_INTERNAL_SERVER_ERROR);
@@ -1184,9 +1188,10 @@ public function createRowInView(int $viewId, $data): DataResponse {
 	 *
 	 * @param int $tableId Table ID
 	 * @param string|array<string, mixed> $data Data as key - value store
-	 * @return DataResponse<Http::STATUS_OK, TablesRow, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR, array{message: string}, array{}>
+	 * @return DataResponse<Http::STATUS_OK, TablesRow, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_BAD_REQUEST|Http::STATUS_INTERNAL_SERVER_ERROR, array{message: string}, array{}>
 	 *
 	 * 200: Row returned
+	 * 400: Validation error
 	 * 403: No permissions
 	 * 404: Not found
 	 */
@@ -1214,11 +1219,14 @@ public function createRowInTable(int $tableId, $data): DataResponse {
 
 		try {
 			return new DataResponse($this->rowService->create($tableId, null, $dataNew)->jsonSerialize());
+		} catch (BadRequestError $e) {
+			$this->logger->warning('An bad request was encountered: ' . $e->getMessage(), ['exception' => $e]);
+			return new DataResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST);
 		} catch (PermissionError $e) {
 			$this->logger->warning('A permission error occurred: ' . $e->getMessage(), ['exception' => $e]);
 			$message = ['message' => $e->getMessage()];
 			return new DataResponse($message, Http::STATUS_FORBIDDEN);
-		} catch (BadRequestError|InternalError|Exception $e) {
+		} catch (InternalError|Exception $e) {
 			$this->logger->error('An internal error or exception occurred: ' . $e->getMessage(), ['exception' => $e]);
 			$message = ['message' => $e->getMessage()];
 			return new DataResponse($message, Http::STATUS_INTERNAL_SERVER_ERROR);
@@ -1263,9 +1271,10 @@ public function getRow(int $rowId): DataResponse {
 	 * @param int|null $viewId View ID
 	 * @param string|array<string, mixed> $data Data as key - value store
 	 *
-	 * @return DataResponse<Http::STATUS_OK, TablesRow, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}>
+	 * @return DataResponse<Http::STATUS_OK, TablesRow, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_BAD_REQUEST|Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}>
 	 *
 	 * 200: Updated row returned
+	 * 400: Validation error
 	 * 403: No permissions
 	 * 404: Not found
 	 */
@@ -1291,6 +1300,9 @@ public function updateRow(int $rowId, ?int $viewId, $data): DataResponse {
 
 		try {
 			return new DataResponse($this->rowService->updateSet($rowId, $viewId, $dataNew, $this->userId)->jsonSerialize());
+		} catch (BadRequestError $e) {
+			$this->logger->warning('An bad request was encountered: ' . $e->getMessage(), ['exception' => $e]);
+			return new DataResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST);
 		} catch (InternalError $e) {
 			$this->logger->error('An internal error or exception occurred: ' . $e->getMessage(), ['exception' => $e]);
 			$message = ['message' => $e->getMessage()];

lib/Controller/Errors.php

@@ -9,6 +9,7 @@
 
 use Closure;
 use InvalidArgumentException;
+use OCA\Tables\Errors\BadRequestError;
 use OCA\Tables\Errors\InternalError;
 use OCA\Tables\Errors\NotFoundError;
 use OCA\Tables\Errors\PermissionError;
@@ -20,6 +21,9 @@ trait Errors {
 	protected function handleError(Closure $callback): DataResponse {
 		try {
 			return new DataResponse($callback());
+		} catch (BadRequestError $e) {
+			$this->logger->warning('An bad request was encountered: ' . $e->getMessage(), ['exception' => $e]);
+			return new DataResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST);
 		} catch (PermissionError $e) {
 			$this->logger->warning('A permission error occurred: ' . $e->getMessage(), ['exception' => $e]);
 			$message = ['message' => $e->getMessage()];

lib/Service/RowService.php

@@ -386,6 +386,7 @@ private function getRowById(int $rowId): Row2 {
 	 * @param string $userId
 	 * @return Row2
 	 *
+	 * @throws BadRequestError
 	 * @throws InternalError
 	 * @throws NotFoundError
 	 * @throws PermissionError

openapi.json

@@ -4148,6 +4148,24 @@
                             }
                         }
                     },
+                    "400": {
+                        "description": "Validation error",
+                        "content": {
+                            "application/json": {
+                                "schema": {
+                                    "type": "object",
+                                    "required": [
+                                        "message"
+                                    ],
+                                    "properties": {
+                                        "message": {
+                                            "type": "string"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    },
                     "500": {
                         "description": "",
                         "content": {
@@ -4364,6 +4382,24 @@
                             }
                         }
                     },
+                    "400": {
+                        "description": "Validation error",
+                        "content": {
+                            "application/json": {
+                                "schema": {
+                                    "type": "object",
+                                    "required": [
+                                        "message"
+                                    ],
+                                    "properties": {
+                                        "message": {
+                                            "type": "string"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    },
                     "500": {
                         "description": "",
                         "content": {
@@ -4563,6 +4599,24 @@
                             }
                         }
                     },
+                    "400": {
+                        "description": "Validation error",
+                        "content": {
+                            "application/json": {
+                                "schema": {
+                                    "type": "object",
+                                    "required": [
+                                        "message"
+                                    ],
+                                    "properties": {
+                                        "message": {
+                                            "type": "string"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    },
                     "500": {
                         "description": "",
                         "content": {

src/modules/modals/EditRow.vue

@@ -151,8 +151,12 @@ export default {
 		},
 		async actionConfirm() {
 			this.localLoading = true
-			await this.sendRowToBE()
+			const success = await this.sendRowToBE()
 			this.localLoading = false
+			// If the row was not created, we don't want to close the modal
+			if (!success) {
+				return
+			}
 			this.actionCancel()
 		},
 		async sendRowToBE() {
@@ -166,15 +170,12 @@ export default {
 				})
 			}
 
-			const res = await this.updateRow({
+			return await this.updateRow({
 				id: this.row.id,
 				isView: this.isView,
 				elementId: this.element.id,
 				data,
 			})
-			if (!res) {
-				showError(t('tables', 'Could not update row'))
-			}
 		},
 		reset() {
 			this.localRow = {}

src/shared/utils/displayError.js

@@ -24,6 +24,10 @@ function statusMessage(e, status) {
 		if (e.response?.data?.ocs?.data?.message) {
 			return e.response.data.ocs.data.message
 		}
+		// for some reason the "edit" row returns a different structure
+		if (e.response?.data?.message) {
+			return e.response.data.message
+		}
 		return t('tables', 'Unknown error.')
 	}
 	if (status === 401) {

src/types/openapi/openapi.ts

@@ -2840,6 +2840,17 @@ export interface operations {
                     readonly "application/json": components["schemas"]["Row"];
                 };
             };
+            /** @description Validation error */
+            readonly 400: {
+                headers: {
+                    readonly [name: string]: unknown;
+                };
+                content: {
+                    readonly "application/json": {
+                        readonly message: string;
+                    };
+                };
+            };
             /** @description No permissions */
             readonly 403: {
                 headers: {
@@ -2953,6 +2964,17 @@ export interface operations {
                     readonly "application/json": components["schemas"]["Row"];
                 };
             };
+            /** @description Validation error */
+            readonly 400: {
+                headers: {
+                    readonly [name: string]: unknown;
+                };
+                content: {
+                    readonly "application/json": {
+                        readonly message: string;
+                    };
+                };
+            };
             /** @description No permissions */
             readonly 403: {
                 headers: {
@@ -3066,6 +3088,17 @@ export interface operations {
                     readonly "application/json": components["schemas"]["Row"];
                 };
             };
+            /** @description Validation error */
+            readonly 400: {
+                headers: {
+                    readonly [name: string]: unknown;
+                };
+                content: {
+                    readonly "application/json": {
+                        readonly message: string;
+                    };
+                };
+            };
             /** @description No permissions */
             readonly 403: {
                 headers: {

tests/integration/features/APIv2.feature

@@ -1442,7 +1442,7 @@ Feature: APIv2
     Then "view" "v1" has exactly these rows "r1,r3,r2" in exactly this order
 
     @api2 @rows
-    Scenario: Try to create rows with with non-unique values should fail
+    Scenario: Try to create row with with non-unique values should fail
       Given table "Table with unique column" with emoji "👨🏻‍💻" exists for user "participant1-v2" as "base1" via v2
       And column "one" exists with following properties
         | type          | text                   |
@@ -1456,3 +1456,23 @@ Feature: APIv2
       When user "participant1-v2" tries to create a row using v2 with following values
         | one           | AHA                     |
       Then the reported status is 400
+
+    @api2 @rows
+    Scenario: Try to edit row with with non-unique values should fail
+      Given table "Table with unique column" with emoji "👨🏻‍💻" exists for user "participant1-v2" as "base1" via v2
+      And column "one" exists with following properties
+        | type          | text                   |
+        | subtype       | line                   |
+        | mandatory     | 1                      |
+        | description   | This is a description! |
+        | textUnique    | true                   |
+      And using table "base1"
+      When user "participant1-v2" creates row "row-1" with following values:
+        | one | AHA |
+      Then the reported status is 200
+      When user "participant1-v2" creates row "row-2" with following values:
+        | one | YES |
+      Then the reported status is 200
+      When user "participant1-v2" updates row "row-1" with following values:
+        | one | YES |
+      Then the reported status is "400"