diff --git a/api-server/server/boot/challenge.js b/api-server/server/boot/challenge.js index 0818130bef..dc259f1f88 100644 --- a/api-server/server/boot/challenge.js +++ b/api-server/server/boot/challenge.js @@ -195,17 +195,22 @@ export function isValidChallengeCompletion(req, res, next) { body: { id, challengeType, solution } } = req; + const isValidChallengeCompletionErrorMsg = { + type: 'error', + message: 'That does not appear to be a valid challenge submission.' + }; + if (!ObjectID.isValid(id)) { log('isObjectId', id, ObjectID.isValid(id)); - return res.sendStatus(403); + return res.status(403).json(isValidChallengeCompletionErrorMsg); } if ('challengeType' in req.body && !isNumeric(String(challengeType))) { log('challengeType', challengeType, isNumeric(challengeType)); - return res.sendStatus(403); + return res.status(403).json(isValidChallengeCompletionErrorMsg); } if ('solution' in req.body && !isURL(solution)) { log('isObjectId', id, ObjectID.isValid(id)); - return res.sendStatus(403); + return res.status(403).json(isValidChallengeCompletionErrorMsg); } return next(); } @@ -261,11 +266,11 @@ function projectCompleted(req, res, next) { // only basejumps require github links (completedChallenge.challengeType === 4 && !completedChallenge.githubLink) ) { - req.flash( - 'danger', - "You haven't supplied the necessary URLs for us to inspect your work." - ); - return res.sendStatus(403); + return res.status(403).json({ + type: 'error', + message: + 'You have not provided the valid links for us to inspect your work.' + }); } return user diff --git a/api-server/server/boot_tests/challenge.test.js b/api-server/server/boot_tests/challenge.test.js index 95c366cf58..8f574698c3 100644 --- a/api-server/server/boot_tests/challenge.test.js +++ b/api-server/server/boot_tests/challenge.test.js @@ -247,8 +247,8 @@ describe('boot/challenge', () => { isValidChallengeCompletion(req, res, next); - expect(res.sendStatus.called).toBe(true); - expect(res.sendStatus.getCall(0).args[0]).toBe(403); + expect(res.status.called).toBe(true); + expect(res.status.getCall(0).args[0]).toBe(403); expect(next.called).toBe(false); }); @@ -262,8 +262,8 @@ describe('boot/challenge', () => { isValidChallengeCompletion(req, res, next); - expect(res.sendStatus.called).toBe(true); - expect(res.sendStatus.getCall(0).args[0]).toBe(403); + expect(res.status.called).toBe(true); + expect(res.status.getCall(0).args[0]).toBe(403); expect(next.called).toBe(false); }); @@ -281,8 +281,8 @@ describe('boot/challenge', () => { isValidChallengeCompletion(req, res, next); - expect(res.sendStatus.called).toBe(true); - expect(res.sendStatus.getCall(0).args[0]).toBe(403); + expect(res.status.called).toBe(true); + expect(res.status.getCall(0).args[0]).toBe(403); expect(next.called).toBe(false); }); diff --git a/api-server/server/middlewares/request-authorizaion.test.js b/api-server/server/middlewares/request-authorization.test.js similarity index 100% rename from api-server/server/middlewares/request-authorizaion.test.js rename to api-server/server/middlewares/request-authorization.test.js