diff --git a/services/backend/src/routes/students.ts b/services/backend/src/routes/students.ts index af1b9c2401..39bb73a37c 100644 --- a/services/backend/src/routes/students.ts +++ b/services/backend/src/routes/students.ts @@ -6,14 +6,6 @@ import { ApplicationError } from '../util/customErrors' const router = Router() -const filterStudentTags = (student: Awaited>, userId: string) => { - if (!student) return null - return { - ...student, - tags: (student.tags ?? []).filter(({ tag }) => !tag.personal_user_id || tag.personal_user_id === userId), - } -} - interface GetStudentsRequest extends Request { query: { searchTerm: string @@ -59,11 +51,15 @@ router.get('/:studentNumber', async (req: GetStudentRequest, res: Response) => { } = req if (!hasFullAccessToStudentData(roles) && !studentsUserCanAccess.includes(studentNumber)) { - throw new ApplicationError('Error finding student', 400) + return res + .status(403) + .json({ error: `User does not have permission to view data for student number ${studentNumber}.` }) + } + const student = await withStudentNumber(studentNumber, id) + if (!student) { + return res.status(404).json({ error: `Student not found with student number ${studentNumber}.` }) } - const student = await withStudentNumber(studentNumber) - const filteredTags = filterStudentTags(student, id) - res.json(filteredTags) + res.json(student) }) export default router diff --git a/services/backend/src/services/students.ts b/services/backend/src/services/students.ts index a285be92e0..bdb1f167ef 100644 --- a/services/backend/src/services/students.ts +++ b/services/backend/src/services/students.ts @@ -14,7 +14,6 @@ import { import { Tag, TagStudent } from '../models/kone' import { EnrollmentState, UnifyStatus } from '../types' import { splitByEmptySpace } from '../util' -import logger from '../util/logger' const { sequelize } = dbConnections @@ -229,7 +228,7 @@ const formatSharedStudentData = ({ updatedAt, createdAt, sis_person_id, -}: Partial) => { +}: InferAttributes) => { const toCourse = ({ grade, credits, credittypecode, is_open, attainment_date, course, isStudyModule }: Credit) => { course = course.toJSON() @@ -272,31 +271,14 @@ const formatSharedStudentData = ({ } } -const formatStudent = ( - studentData: Partial & { - tags: Array & { programme?: Pick, 'code' | 'name'> }> +export const withStudentNumber = async (studentNumber: string, userId: string) => { + const student = await byStudentNumber(studentNumber) + if (student == null) { + return null } -) => { - const formattedData = formatSharedStudentData(studentData) return { - ...formattedData, - tags: studentData.tags, - } -} - -const formatStudentWithoutTags = (studentData: Partial) => { - return formatSharedStudentData(studentData) -} - -export const withStudentNumber = async (studentNumber: string) => { - try { - const student = await byStudentNumber(studentNumber) - if (!student) return null - return formatStudent(student) - } catch (error) { - logger.error(`Error when fetching single student`) - logger.error(error) - return null + ...formatSharedStudentData(student), + tags: student.tags.filter(({ tag }) => !tag.personal_user_id || tag.personal_user_id === userId), } } @@ -363,7 +345,7 @@ export const bySearchTermAndStudentNumbers = async (searchterm: string, studentN } : { [Op.or]: [nameLike(terms), studentnumberLike(terms)] }, }) - ).map(formatStudentWithoutTags) + ).map(formatSharedStudentData) } export const filterStudentnumbersByAccessrights = async (studentnumbers: string[], codes: string[]) =>