mirror/formbricks
1
0
Fork 0
mirror of https://github.com/formbricks/formbricks.git synced 2026-05-08 02:43:06 -05:00
Code Issues Packages Projects Releases 171 Wiki Activity

fix: suid bugs (#5780)

Browse Source 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This commit is contained in:
Piyush Gupta
2025-05-14 17:39:41 +05:30
committed by GitHub
parent 25a86e31df
commit 59ed10398d
6 changed files with 219 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/web/modules/api/v2/management/responses/[responseId]/lib/response.ts
+1
View File
@@ -111,6 +111,7 @@ export const updateResponse = async (
responseCache.revalidate({
id: updatedResponse.id,
surveyId: updatedResponse.surveyId,
...(updatedResponse.singleUseId ? { singleUseId: updatedResponse.singleUseId } : {}),
});
responseNoteCache.revalidate({
apps/web/modules/api/v2/management/responses/[responseId]/lib/tests/response.test.ts
+39 -1
View File
@@ -1,4 +1,5 @@
import { response, responseId, responseInput, survey } from "./__mocks__/response.mock";
import { responseCache } from "@/lib/response/cache";
import { PrismaClientKnownRequestError } from "@prisma/client/runtime/library";
import { beforeEach, describe, expect, test, vi } from "vitest";
import { prisma } from "@formbricks/database";
@@ -21,6 +22,16 @@ vi.mock("../utils", () => ({
findAndDeleteUploadedFilesInResponse: vi.fn(),
}));
vi.mock("@/lib/response/cache", () => ({
responseCache: {
revalidate: vi.fn(),
tag: {
byId: vi.fn(),
byResponseId: vi.fn(),
},
},
}));
vi.mock("@formbricks/database", () => ({
prisma: {
response: {
@@ -175,7 +186,7 @@ describe("Response Lib", () => {
});
describe("updateResponse", () => {
test("update the response and revalidate caches", async () => {
test("update the response and revalidate caches including singleUseId", async () => {
vi.mocked(prisma.response.update).mockResolvedValue(response);
const result = await updateResponse(responseId, responseInput);
@@ -184,12 +195,39 @@ describe("Response Lib", () => {
data: responseInput,
});
expect(responseCache.revalidate).toHaveBeenCalledWith({
id: response.id,
surveyId: response.surveyId,
singleUseId: response.singleUseId,
});
expect(result.ok).toBe(true);
if (result.ok) {
expect(result.data).toEqual(response);
}
});
test("update the response and revalidate caches", async () => {
const responseWithoutSingleUseId = { ...response, singleUseId: null };
vi.mocked(prisma.response.update).mockResolvedValue(responseWithoutSingleUseId);
const result = await updateResponse(responseId, responseInput);
expect(prisma.response.update).toHaveBeenCalledWith({
where: { id: responseId },
data: responseInput,
});
expect(responseCache.revalidate).toHaveBeenCalledWith({
id: response.id,
surveyId: response.surveyId,
});
expect(result.ok).toBe(true);
if (result.ok) {
expect(result.data).toEqual(responseWithoutSingleUseId);
}
});
test("return a not_found error when the response is not found", async () => {
vi.mocked(prisma.response.update).mockRejectedValue(
new PrismaClientKnownRequestError("Response not found", {