From 546e17f1e55afb58a87b15f280a661cc69e16dd0 Mon Sep 17 00:00:00 2001
From: Carlos Santos <4a.santos@gmail.com>
Date: Mon, 7 Apr 2025 18:11:45 +0200
Subject: [PATCH] backend: Update validation error messages and add room ID
 validation middleware

---
 .../auth-validator.middleware.ts                  |  2 +-
 .../participant-validator.middleware.ts           |  2 +-
 .../preferences-validator.middleware.ts           |  2 +-
 .../recording-validator.middleware.ts             |  2 +-
 .../room-validator.middleware.ts                  | 15 +++++++++++++--
 backend/src/routes/room.routes.ts                 |  4 +++-
 6 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/backend/src/middlewares/request-validators/auth-validator.middleware.ts b/backend/src/middlewares/request-validators/auth-validator.middleware.ts
index 9d6b0c0..2d4b4ba 100644
--- a/backend/src/middlewares/request-validators/auth-validator.middleware.ts
+++ b/backend/src/middlewares/request-validators/auth-validator.middleware.ts
@@ -17,7 +17,7 @@ export const validateLoginRequest = (req: Request, res: Response, next: NextFunc
 
 		return res.status(422).json({
 			error: 'Unprocessable Entity',
-			message: 'Invalid request body',
+			message: 'Invalid request',
 			details: errors
 		});
 	}
diff --git a/backend/src/middlewares/request-validators/participant-validator.middleware.ts b/backend/src/middlewares/request-validators/participant-validator.middleware.ts
index e6a9971..ec26d45 100644
--- a/backend/src/middlewares/request-validators/participant-validator.middleware.ts
+++ b/backend/src/middlewares/request-validators/participant-validator.middleware.ts
@@ -44,7 +44,7 @@ const rejectRequest = (res: Response, error: z.ZodError) => {
 
 	return res.status(422).json({
 		error: 'Unprocessable Entity',
-		message: 'Invalid request body',
+		message: 'Invalid request',
 		details: errors
 	});
 };
diff --git a/backend/src/middlewares/request-validators/preferences-validator.middleware.ts b/backend/src/middlewares/request-validators/preferences-validator.middleware.ts
index 7b28149..a866dce 100644
--- a/backend/src/middlewares/request-validators/preferences-validator.middleware.ts
+++ b/backend/src/middlewares/request-validators/preferences-validator.middleware.ts
@@ -75,7 +75,7 @@ const rejectRequest = (res: Response, error: z.ZodError) => {
 
 	return res.status(422).json({
 		error: 'Unprocessable Entity',
-		message: 'Invalid request body',
+		message: 'Invalid request',
 		details: errors
 	});
 };
diff --git a/backend/src/middlewares/request-validators/recording-validator.middleware.ts b/backend/src/middlewares/request-validators/recording-validator.middleware.ts
index ced5328..3996c2b 100644
--- a/backend/src/middlewares/request-validators/recording-validator.middleware.ts
+++ b/backend/src/middlewares/request-validators/recording-validator.middleware.ts
@@ -110,7 +110,7 @@ const rejectRequest = (res: Response, error: z.ZodError) => {
 
 	return res.status(422).json({
 		error: 'Unprocessable Entity',
-		message: 'Invalid request body',
+		message: 'Invalid request',
 		details: errors
 	});
 };
diff --git a/backend/src/middlewares/request-validators/room-validator.middleware.ts b/backend/src/middlewares/request-validators/room-validator.middleware.ts
index 1c90e80..b34d37c 100644
--- a/backend/src/middlewares/request-validators/room-validator.middleware.ts
+++ b/backend/src/middlewares/request-validators/room-validator.middleware.ts
@@ -101,7 +101,7 @@ const BulkDeleteRoomsSchema = z.object({
 
 			return arg;
 		},
-		z.array(nonEmptySanitizedString('recordingId')).default([])
+		z.array(nonEmptySanitizedString('roomId')).default([])
 	)
 });
 
@@ -142,6 +142,17 @@ export const withValidRoomPreferences = (req: Request, res: Response, next: Next
 	next();
 };
 
+export const withValidRoomId = (req: Request, res: Response, next: NextFunction) => {
+	const { success, error, data } = nonEmptySanitizedString('roomId').safeParse(req.params.roomId);
+
+	if (!success) {
+		return rejectRequest(res, error);
+	}
+
+	req.params.roomId = data;
+	next();
+};
+
 export const withValidRoomBulkDeleteRequest = (req: Request, res: Response, next: NextFunction) => {
 	const { success, error, data } = BulkDeleteRoomsSchema.safeParse(req.query);
 
@@ -172,7 +183,7 @@ const rejectRequest = (res: Response, error: z.ZodError) => {
 
 	return res.status(422).json({
 		error: 'Unprocessable Entity',
-		message: 'Invalid request body',
+		message: 'Invalid request',
 		details: errors
 	});
 };
diff --git a/backend/src/routes/room.routes.ts b/backend/src/routes/room.routes.ts
index e542ebd..60e6c2f 100644
--- a/backend/src/routes/room.routes.ts
+++ b/backend/src/routes/room.routes.ts
@@ -12,7 +12,8 @@ import {
 	configureCreateRoomAuth,
 	configureRoomAuthorization,
 	withValidRoomPreferences,
-	withValidRoomBulkDeleteRequest
+	withValidRoomBulkDeleteRequest,
+	withValidRoomId
 } from '../middlewares/index.js';
 
 import { UserRole } from '@typings-ce';
@@ -39,6 +40,7 @@ roomRouter.get(
 	'/:roomId',
 	withAuth(apiKeyValidator, tokenAndRoleValidator(UserRole.ADMIN), participantTokenValidator),
 	configureRoomAuthorization,
+	withValidRoomId,
 	roomCtrl.getRoom
 );
 roomRouter.delete('/:roomId', withAuth(apiKeyValidator, tokenAndRoleValidator(UserRole.ADMIN)), roomCtrl.deleteRoom);