mirror of
https://github.com/pacnpal/thrilltrack-explorer.git
synced 2025-12-20 09:51:13 -05:00
Fix: Address HMR failures and Fast Refresh incompatibility
This commit is contained in:
gpt-engineer-app[bot]
@@ -92,15 +92,25 @@ serve(async (req) => {
|
||||
if (authError || !user) {
|
||||
edgeLogger.error('Auth verification failed', {
|
||||
action: 'approval_auth',
|
||||
error: authError?.message
|
||||
error: authError?.message,
|
||||
requestId: tracking.requestId
|
||||
});
|
||||
const duration = endRequest(tracking);
|
||||
return new Response(
|
||||
JSON.stringify({
|
||||
error: 'Invalid authentication token.',
|
||||
details: authError?.message || 'No user found',
|
||||
code: authError?.code
|
||||
code: authError?.code,
|
||||
requestId: tracking.requestId
|
||||
}),
|
||||
{ status: 401, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
{
|
||||
status: 401,
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@@ -128,10 +138,18 @@ serve(async (req) => {
|
||||
edgeLogger.info('Role check query result', { action: 'approval_role_check', userId: authenticatedUserId, rolesCount: roles?.length });
|
||||
|
||||
if (rolesError) {
|
||||
edgeLogger.error('Role check failed', { action: 'approval_role_check', error: rolesError.message });
|
||||
edgeLogger.error('Role check failed', { action: 'approval_role_check', error: rolesError.message, requestId: tracking.requestId });
|
||||
const duration = endRequest(tracking);
|
||||
return new Response(
|
||||
JSON.stringify({ error: 'Failed to verify user permissions.' }),
|
||||
{ status: 403, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
JSON.stringify({ error: 'Failed to verify user permissions.', requestId: tracking.requestId }),
|
||||
{
|
||||
status: 403,
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@@ -143,10 +161,18 @@ serve(async (req) => {
|
||||
edgeLogger.info('Role check result', { action: 'approval_role_result', userId: authenticatedUserId, isModerator });
|
||||
|
||||
if (!isModerator) {
|
||||
edgeLogger.error('Insufficient permissions', { action: 'approval_role_insufficient', userId: authenticatedUserId });
|
||||
edgeLogger.error('Insufficient permissions', { action: 'approval_role_insufficient', userId: authenticatedUserId, requestId: tracking.requestId });
|
||||
const duration = endRequest(tracking);
|
||||
return new Response(
|
||||
JSON.stringify({ error: 'Insufficient permissions. Moderator role required.' }),
|
||||
{ status: 403, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
JSON.stringify({ error: 'Insufficient permissions. Moderator role required.', requestId: tracking.requestId }),
|
||||
{
|
||||
status: 403,
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@@ -168,14 +194,23 @@ serve(async (req) => {
|
||||
|
||||
// Enforce AAL2 if MFA is enrolled
|
||||
if (hasMFA && aal !== 'aal2') {
|
||||
edgeLogger.error('AAL2 required but session is at AAL1', { action: 'approval_aal_violation', userId: authenticatedUserId });
|
||||
edgeLogger.error('AAL2 required but session is at AAL1', { action: 'approval_aal_violation', userId: authenticatedUserId, requestId: tracking.requestId });
|
||||
const duration = endRequest(tracking);
|
||||
return new Response(
|
||||
JSON.stringify({
|
||||
error: 'MFA verification required',
|
||||
code: 'AAL2_REQUIRED',
|
||||
message: 'Your role requires two-factor authentication. Please verify your identity to continue.'
|
||||
message: 'Your role requires two-factor authentication. Please verify your identity to continue.',
|
||||
requestId: tracking.requestId
|
||||
}),
|
||||
{ status: 403, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
{
|
||||
status: 403,
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@@ -189,30 +224,58 @@ serve(async (req) => {
|
||||
// Validate itemIds
|
||||
if (!itemIds || !Array.isArray(itemIds)) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: 'itemIds is required and must be an array' }),
|
||||
{ status: 400, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
JSON.stringify({ error: 'itemIds is required and must be an array', requestId: tracking.requestId }),
|
||||
{
|
||||
status: 400,
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
if (itemIds.length === 0) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: 'itemIds must be a non-empty array' }),
|
||||
{ status: 400, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
JSON.stringify({ error: 'itemIds must be a non-empty array', requestId: tracking.requestId }),
|
||||
{
|
||||
status: 400,
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
// Validate submissionId
|
||||
if (!submissionId || typeof submissionId !== 'string' || submissionId.trim() === '') {
|
||||
return new Response(
|
||||
JSON.stringify({ error: 'submissionId is required and must be a non-empty string' }),
|
||||
{ status: 400, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
JSON.stringify({ error: 'submissionId is required and must be a non-empty string', requestId: tracking.requestId }),
|
||||
{
|
||||
status: 400,
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
if (!uuidRegex.test(submissionId)) {
|
||||
return new Response(
|
||||
JSON.stringify({ error: 'submissionId must be a valid UUID format' }),
|
||||
{ status: 400, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
JSON.stringify({ error: 'submissionId must be a valid UUID format', requestId: tracking.requestId }),
|
||||
{
|
||||
status: 400,
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@@ -252,15 +315,24 @@ serve(async (req) => {
|
||||
submissionId,
|
||||
itemCount: items.length,
|
||||
userId: authenticatedUserId,
|
||||
error: errorMessage
|
||||
error: errorMessage,
|
||||
requestId: tracking.requestId
|
||||
});
|
||||
return new Response(
|
||||
JSON.stringify({
|
||||
error: 'Invalid submission structure',
|
||||
message: errorMessage,
|
||||
details: 'The submission contains circular dependencies or missing required items'
|
||||
details: 'The submission contains circular dependencies or missing required items',
|
||||
requestId: tracking.requestId
|
||||
}),
|
||||
{ status: 400, headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
{
|
||||
status: 400,
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@@ -286,7 +358,8 @@ serve(async (req) => {
|
||||
edgeLogger.error('Blocking validation errors', {
|
||||
action: 'approval_validation_fail',
|
||||
itemId: item.id,
|
||||
errors: validation.blockingErrors
|
||||
errors: validation.blockingErrors,
|
||||
requestId: tracking.requestId
|
||||
});
|
||||
|
||||
// Fail the entire batch if ANY item has blocking errors
|
||||
@@ -295,10 +368,15 @@ serve(async (req) => {
|
||||
message: 'Validation failed: Items have blocking errors that must be fixed',
|
||||
errors: validation.blockingErrors,
|
||||
failedItemId: item.id,
|
||||
failedItemType: item.item_type
|
||||
failedItemType: item.item_type,
|
||||
requestId: tracking.requestId
|
||||
}), {
|
||||
status: 400,
|
||||
headers: { ...corsHeaders, 'Content-Type': 'application/json' }
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@@ -524,20 +602,32 @@ serve(async (req) => {
|
||||
console.error('[APPROVAL] Failed to update submission status:', { error: updateError.message });
|
||||
}
|
||||
|
||||
const duration = endRequest(tracking);
|
||||
|
||||
return new Response(
|
||||
JSON.stringify({
|
||||
success: true,
|
||||
results: approvalResults,
|
||||
submissionStatus: finalStatus
|
||||
submissionStatus: finalStatus,
|
||||
requestId: tracking.requestId
|
||||
}),
|
||||
{ headers: { ...corsHeaders, 'Content-Type': 'application/json' } }
|
||||
{
|
||||
headers: {
|
||||
...corsHeaders,
|
||||
'Content-Type': 'application/json',
|
||||
'X-Request-ID': tracking.requestId
|
||||
}
|
||||
}
|
||||
);
|
||||
} catch (error: unknown) {
|
||||
const duration = endRequest(tracking);
|
||||
const errorMessage = error instanceof Error ? error.message : 'An unexpected error occurred';
|
||||
console.error('[APPROVAL ERROR] Process failed:', {
|
||||
error: errorMessage,
|
||||
userId: authenticatedUserId,
|
||||
timestamp: new Date().toISOString()
|
||||
timestamp: new Date().toISOString(),
|
||||
requestId: tracking.requestId,
|
||||
duration
|
||||
});
|
||||
return createErrorResponse(
|
||||
error,
|
||||
|
||||
Reference in New Issue
Block a user