Merged in feat/SW-1773-find-my-booking-validation (pull request #1453)

feat(SW-1773): add proper validation to form and query Approved-by: Linus Flood Approved-by: Chuma Mcphoy (We Ahead)
2025-03-03 12:24:01 +00:00
parent 111d84736a 37a853f399
commit e6e50ade45
12 changed files with 91 additions and 26 deletions
--- a/apps/scandic-web/server/routers/booking/input.ts
+++ b/apps/scandic-web/server/routers/booking/input.ts
@@ -106,8 +106,12 @@ export const cancelBookingInput = z.object({
 })

 export const createRefIdInput = z.object({
-  confirmationNumber: z.string(),
-  lastName: z.string(),
+  bookingNumber: z
+    .string()
+    .trim()
+    .regex(/^\s*[0-9]+(-[0-9])?\s*$/)
+    .min(1),
+  lastName: z.string().trim().max(250).min(1),
 })

 // Query
--- a/apps/scandic-web/server/routers/booking/query.ts
+++ b/apps/scandic-web/server/routers/booking/query.ts
@@ -236,8 +236,12 @@ export const bookingQueryRouter = router({
  createRefId: serviceProcedure
    .input(createRefIdInput)
    .mutation(async function ({ input }) {
-      const { confirmationNumber, lastName } = input
-      const encryptedRefId = encryptValue(`${confirmationNumber},${lastName}`)
+      const { bookingNumber, lastName } = input
+      const encryptedRefId = encryptValue(`${bookingNumber},${lastName}`)
+
+      if (!encryptedRefId) {
+        throw serverErrorByStatus(422, "Was not able to encrypt ref id")
+      }

      return {
        refId: encryptedRefId,