feat: add initial api logging (#1494)

Improve API logging and error handling between client and server side.
2024-11-28 16:05:37 +07:00
parent 04293968c6
commit 98d85b086d
53 changed files with 933 additions and 780 deletions
--- a/packages/lib/server-only/document/create-document.ts
+++ b/packages/lib/server-only/document/create-document.ts
@@ -47,7 +47,9 @@ export const createDocument = async ({
    teamId !== undefined &&
    !user.teamMembers.some((teamMember) => teamMember.teamId === teamId)
  ) {
-    throw new AppError(AppErrorCode.NOT_FOUND, 'Team not found');
+    throw new AppError(AppErrorCode.NOT_FOUND, {
+      message: 'Team not found',
+    });
  }

  let team: (Team & { teamGlobalSettings: TeamGlobalSettings | null }) | null = null;
--- a/packages/lib/server-only/document/get-document-by-id.ts
+++ b/packages/lib/server-only/document/get-document-by-id.ts
@@ -4,6 +4,7 @@ import { prisma } from '@documenso/prisma';
 import type { Prisma } from '@documenso/prisma/client';
 import { TeamMemberRole } from '@documenso/prisma/client';

+import { AppError, AppErrorCode } from '../../errors/app-error';
 import { DocumentVisibility } from '../../types/document-visibility';
 import { getTeamById } from '../team/get-team';

@@ -20,7 +21,7 @@ export const getDocumentById = async ({ id, userId, teamId }: GetDocumentByIdOpt
    teamId,
  });

-  return await prisma.document.findFirstOrThrow({
+  const document = await prisma.document.findFirst({
    where: documentWhereInput,
    include: {
      documentData: true,
@@ -45,6 +46,14 @@ export const getDocumentById = async ({ id, userId, teamId }: GetDocumentByIdOpt
      },
    },
  });
+
+  if (!document) {
+    throw new AppError(AppErrorCode.NOT_FOUND, {
+      message: 'Document could not be found',
+    });
+  }
+
+  return document;
 };

 export type GetDocumentWhereInputOptions = {
--- a/packages/lib/server-only/document/get-document-by-token.ts
+++ b/packages/lib/server-only/document/get-document-by-token.ts
@@ -107,7 +107,9 @@ export const getDocumentAndSenderByToken = async ({
  }

  if (!documentAccessValid) {
-    throw new AppError(AppErrorCode.UNAUTHORIZED, 'Invalid access values');
+    throw new AppError(AppErrorCode.UNAUTHORIZED, {
+      message: 'Invalid access values',
+    });
  }

  return {
@@ -167,7 +169,9 @@ export const getDocumentAndRecipientByToken = async ({
  }

  if (!documentAccessValid) {
-    throw new AppError(AppErrorCode.UNAUTHORIZED, 'Invalid access values');
+    throw new AppError(AppErrorCode.UNAUTHORIZED, {
+      message: 'Invalid access values',
+    });
  }

  return {
--- a/packages/lib/server-only/document/is-recipient-authorized.ts
+++ b/packages/lib/server-only/document/is-recipient-authorized.ts
@@ -106,7 +106,9 @@ export const isRecipientAuthorized = async ({

      // Should not be possible.
      if (!user) {
-        throw new AppError(AppErrorCode.NOT_FOUND, 'User not found');
+        throw new AppError(AppErrorCode.NOT_FOUND, {
+          message: 'User not found',
+        });
      }

      return await verifyTwoFactorAuthenticationToken({
@@ -164,7 +166,9 @@ const verifyPasskey = async ({
  });

  if (!passkey) {
-    throw new AppError(AppErrorCode.NOT_FOUND, 'Passkey not found');
+    throw new AppError(AppErrorCode.NOT_FOUND, {
+      message: 'Passkey not found',
+    });
  }

  const verificationToken = await prisma.verificationToken
@@ -177,11 +181,15 @@ const verifyPasskey = async ({
    .catch(() => null);

  if (!verificationToken) {
-    throw new AppError(AppErrorCode.NOT_FOUND, 'Token not found');
+    throw new AppError(AppErrorCode.NOT_FOUND, {
+      message: 'Token not found',
+    });
  }

  if (verificationToken.expires < new Date()) {
-    throw new AppError(AppErrorCode.EXPIRED_CODE, 'Token expired');
+    throw new AppError(AppErrorCode.EXPIRED_CODE, {
+      message: 'Token expired',
+    });
  }

  const { rpId, origin } = getAuthenticatorOptions();
@@ -199,7 +207,9 @@ const verifyPasskey = async ({
  }).catch(() => null); // May want to log this for insights.

  if (verification?.verified !== true) {
-    throw new AppError(AppErrorCode.UNAUTHORIZED, 'User is not authorized');
+    throw new AppError(AppErrorCode.UNAUTHORIZED, {
+      message: 'User is not authorized',
+    });
  }

  await prisma.passkey.update({
--- a/packages/lib/server-only/document/update-document-settings.ts
+++ b/packages/lib/server-only/document/update-document-settings.ts
@@ -37,7 +37,9 @@ export const updateDocumentSettings = async ({
  requestMetadata,
 }: UpdateDocumentSettingsOptions) => {
  if (!data.title && !data.globalAccessAuth && !data.globalActionAuth) {
-    throw new AppError(AppErrorCode.INVALID_BODY, 'Missing data to update');
+    throw new AppError(AppErrorCode.INVALID_BODY, {
+      message: 'Missing data to update',
+    });
  }

  const user = await prisma.user.findFirstOrThrow({
@@ -96,10 +98,9 @@ export const updateDocumentSettings = async ({
          !allowedVisibilities.includes(document.visibility) ||
          (data.visibility && !allowedVisibilities.includes(data.visibility))
        ) {
-          throw new AppError(
-            AppErrorCode.UNAUTHORIZED,
-            'You do not have permission to update the document visibility',
-          );
+          throw new AppError(AppErrorCode.UNAUTHORIZED, {
+            message: 'You do not have permission to update the document visibility',
+          });
        }
      })
      .with(TeamMemberRole.MEMBER, () => {
@@ -107,17 +108,15 @@ export const updateDocumentSettings = async ({
          document.visibility !== DocumentVisibility.EVERYONE ||
          (data.visibility && data.visibility !== DocumentVisibility.EVERYONE)
        ) {
-          throw new AppError(
-            AppErrorCode.UNAUTHORIZED,
-            'You do not have permission to update the document visibility',
-          );
+          throw new AppError(AppErrorCode.UNAUTHORIZED, {
+            message: 'You do not have permission to update the document visibility',
+          });
        }
      })
      .otherwise(() => {
-        throw new AppError(
-          AppErrorCode.UNAUTHORIZED,
-          'You do not have permission to update the document',
-        );
+        throw new AppError(AppErrorCode.UNAUTHORIZED, {
+          message: 'You do not have permission to update the document',
+        });
      });
  }

@@ -142,10 +141,9 @@ export const updateDocumentSettings = async ({
    });

    if (!isDocumentEnterprise) {
-      throw new AppError(
-        AppErrorCode.UNAUTHORIZED,
-        'You do not have permission to set the action auth',
-      );
+      throw new AppError(AppErrorCode.UNAUTHORIZED, {
+        message: 'You do not have permission to set the action auth',
+      });
    }
  }

@@ -161,10 +159,9 @@ export const updateDocumentSettings = async ({
  const auditLogs: CreateDocumentAuditLogDataResponse[] = [];

  if (!isTitleSame && document.status !== DocumentStatus.DRAFT) {
-    throw new AppError(
-      AppErrorCode.INVALID_BODY,
-      'You cannot update the title if the document has been sent',
-    );
+    throw new AppError(AppErrorCode.INVALID_BODY, {
+      message: 'You cannot update the title if the document has been sent',
+    });
  }

  if (!isTitleSame) {
--- a/packages/lib/server-only/document/validate-field-auth.ts
+++ b/packages/lib/server-only/document/validate-field-auth.ts
@@ -45,7 +45,9 @@ export const validateFieldAuth = async ({
  });

  if (!isValid) {
-    throw new AppError(AppErrorCode.UNAUTHORIZED, 'Invalid authentication values');
+    throw new AppError(AppErrorCode.UNAUTHORIZED, {
+      message: 'Invalid authentication values',
+    });
  }

  return derivedRecipientActionAuth;