scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in fix/access-booking-fixes (pull request #1550)

Browse Source 
fix: add some more informative messages when booking cant be accessed

Approved-by: Chuma Mcphoy (We Ahead)
This commit is contained in:
Christian Andolf
2025-03-17 14:54:37 +00:00
parent f183125bc6 b65bdce277
commit 38f3b0e6a4
4 changed files with 23 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/scandic-web/components/HotelReservation/FindMyBooking/AdditionalInfoForm.tsx
View File

@@ -40,7 +40,7 @@ export default function AdditionalInfoForm({
confirmationNumber, confirmationNumber,
lastName, lastName,
}).toString() }).toString()
document.cookie = `bv=${value}; Path=/; Max-Age=30; Secure; SameSite=Strict` document.cookie = `bv=${value}; Path=/; Max-Age=600; Secure; SameSite=Strict`
router.refresh() router.refresh()
} }

8
apps/scandic-web/components/HotelReservation/FindMyBooking/index.tsx
View File

@@ -26,6 +26,12 @@ export default function FindMyBooking() {
const intl = useIntl() const intl = useIntl()
const lang = useLang() const lang = useLang()
const form = useForm<FindMyBookingFormSchema>({ const form = useForm<FindMyBookingFormSchema>({
defaultValues: {
confirmationNumber: "",
firstName: "",
lastName: "",
email: "",
},
resolver: zodResolver(findMyBookingFormSchema), resolver: zodResolver(findMyBookingFormSchema),
mode: "all", mode: "all",
criteriaMode: "all", criteriaMode: "all",
@@ -36,7 +42,7 @@ export default function FindMyBooking() {
onSuccess: (result) => { onSuccess: (result) => {
const values = form.getValues() const values = form.getValues()
const value = new URLSearchParams(values).toString() const value = new URLSearchParams(values).toString()
document.cookie = `bv=${encodeURIComponent(value)}; Path=/; Max-Age=30; Secure; SameSite=Strict` document.cookie = `bv=${encodeURIComponent(value)}; Path=/; Max-Age=600; Secure; SameSite=Strict`
router.push( router.push(
`/${lang}/hotelreservation/my-stay/${encodeURIComponent(result.refId)}` `/${lang}/hotelreservation/my-stay/${encodeURIComponent(result.refId)}`
) )

6
apps/scandic-web/components/HotelReservation/FindMyBooking/schema.ts
View File

@@ -35,11 +35,11 @@ const findMyBookingFormSchema = additionalInfoFormSchema.extend({
confirmationNumber: z confirmationNumber: z
.string() .string()
.trim() .trim()
.regex(/^[0-9]+(-[0-9])?$/, {
message: "Invalid booking number",
})
.min(1, { .min(1, {
message: "Booking number is required", message: "Booking number is required",
})
.regex(/^[0-9]+(-[0-9])?$/, {
message: "Invalid booking number",
}), }),
lastName: z.string().trim().max(250).min(1, { lastName: z.string().trim().max(250).min(1, {
message: "Last name is required", message: "Last name is required",

12
apps/scandic-web/components/HotelReservation/MyStay/accessBooking.ts
View File

@@ -25,12 +25,18 @@ function accessBooking(
return ACCESS_GRANTED return ACCESS_GRANTED
} }
} else { } else {
console.warn(
"Access to booking not granted due to anonymous user attempting accessing to logged in booking"
)
return ERROR_UNAUTHORIZED return ERROR_UNAUTHORIZED
} }
} }
if (guest.lastName === lastName) { if (guest.lastName === lastName) {
if (user) { if (user) {
console.warn(
"Access to booking not granted due to logged in user attempting access to anonymous booking"
)
return ERROR_FORBIDDEN return ERROR_FORBIDDEN
} else { } else {
const params = new URLSearchParams(cookie) const params = new URLSearchParams(cookie)
@@ -40,11 +46,17 @@ function accessBooking(
) { ) {
return ACCESS_GRANTED return ACCESS_GRANTED
} else { } else {
console.warn(
"Access to booking not granted due to incorrect cookie values"
)
return ERROR_BAD_REQUEST return ERROR_BAD_REQUEST
} }
} }
} }
console.warn(
"Access to booking not granted due to anonymous user attempting access with incorrect lastname"
)
return ERROR_NOT_FOUND return ERROR_NOT_FOUND
} }