Merged in feat/SW-1773-find-my-booking-validation (pull request #1453)

feat(SW-1773): add proper validation to form and query

Approved-by: Linus Flood
Approved-by: Chuma Mcphoy (We Ahead)

apps/scandic-web/server/errors/trpc.ts

@@ -40,6 +40,14 @@ export function notFound(cause?: unknown) {
   })
 }
 
+export function unprocessableContent(cause?: unknown) {
+  return new TRPCError({
+    code: "UNPROCESSABLE_CONTENT",
+    message: "Unprocessable content",
+    cause,
+  })
+}
+
 export function internalServerError(cause?: unknown) {
   return new TRPCError({
     code: "INTERNAL_SERVER_ERROR",
@@ -78,6 +86,8 @@ export function serverErrorByStatus(status: number, cause?: unknown) {
       return notFound(cause)
     case 409:
       return conflictError(cause)
+    case 422:
+      return unprocessableContent(cause)
     case 500:
     default:
       return internalServerError(cause)

apps/scandic-web/server/routers/booking/input.ts

@@ -106,8 +106,12 @@ export const cancelBookingInput = z.object({
 })
 
 export const createRefIdInput = z.object({
-  confirmationNumber: z.string(),
-  lastName: z.string(),
+  bookingNumber: z
+    .string()
+    .trim()
+    .regex(/^\s*[0-9]+(-[0-9])?\s*$/)
+    .min(1),
+  lastName: z.string().trim().max(250).min(1),
 })
 
 // Query

apps/scandic-web/server/routers/booking/query.ts

@@ -236,8 +236,12 @@ export const bookingQueryRouter = router({
   createRefId: serviceProcedure
     .input(createRefIdInput)
     .mutation(async function ({ input }) {
-      const { confirmationNumber, lastName } = input
-      const encryptedRefId = encryptValue(`${confirmationNumber},${lastName}`)
+      const { bookingNumber, lastName } = input
+      const encryptedRefId = encryptValue(`${bookingNumber},${lastName}`)
+
+      if (!encryptedRefId) {
+        throw serverErrorByStatus(422, "Was not able to encrypt ref id")
+      }
 
       return {
         refId: encryptedRefId,