The webserver consumes budibase-core. Currently, when an exception occurs in budibase-core, it will always manifest as a 500 Internal Server Error.
There are a few cases where we can give a better status
in apiWrapper > HandleUnauthorized - we could be returning a 403
anytime a record or index is not found, we could return a 404
I suggest that we implement this as follows:
// common/errors.js
export const ForbiddenError = (message) => {
const err = new Error(message);
err.HttpStatus = 403;
return err
}
// somwehere where exception is being thrown
throw ForbiddenError("Not authorized to create Customer record");
404s may be difficult, as these may often be raised by the datastore implementation (which is plugged in and not part of budibase-core. e.g node "fs" may throw "File not found /customers/1-abcd/record.json"
... or this could just be a matter of applying this logic inside that datastores also... proabbly makes sense.
The webserver consumes budibase-core. Currently, when an exception occurs in budibase-core, it will always manifest as a 500 Internal Server Error.
There are a few cases where we can give a better status
apiWrapper > HandleUnauthorized
- we could be returning a 403I suggest that we implement this as follows:
404s may be difficult, as these may often be raised by the datastore implementation (which is plugged in and not part of budibase-core. e.g node "fs" may throw "File not found /customers/1-abcd/record.json"
... or this could just be a matter of applying this logic inside that datastores also... proabbly makes sense.