chore(release): publish new version

- @standardnotes/auth-server@1.163.2 - @standardnotes/home-server@1.18.12
fix(auth): checking permissions to update setting only when directly performed by user (#892 )
2026-05-17 14:04:40 -04:00 · 2023-10-30 12:23:43 +00:00 · 2023-10-30 12:51:31 +01:00 · 2023-10-30 11:20:27 +00:00 · 2023-10-30 11:52:26 +01:00 · 2023-10-27 10:03:28 +00:00
12 changed files with 66 additions and 10 deletions
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.81.6](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.81.5...@standardnotes/api-gateway@1.81.6) (2023-10-27)
+
+### Bug Fixes
+
+* **api-gateway:** logs for errors reaching service ([14bcf7b](https://github.com/standardnotes/api-gateway/commit/14bcf7b6c9403c3413e7579f58ea17168d14dce7))
+
 ## [1.81.5](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.81.4...@standardnotes/api-gateway@1.81.5) (2023-10-26)

 **Note:** Version bump only for package @standardnotes/api-gateway
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/api-gateway",
-  "version": "1.81.5",
+  "version": "1.81.6",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -261,14 +261,15 @@ export class HttpServiceProxy implements ServiceProxyInterface {
        )
      }

-      const errorMessage = (error as AxiosError).isAxiosError
-        ? JSON.stringify((error as AxiosError).response?.data)
-        : (error as Error).message
+      let detailedErrorMessage = (error as Error).message
+      if (error instanceof AxiosError) {
+        detailedErrorMessage = `Status: ${error.status}, code: ${error.code}, message: ${error.message}`
+      }

      this.logger.error(
        tooManyRetryAttempts
          ? `Request to ${serverUrl}/${endpointOrMethodIdentifier} timed out after ${retryAttempt} retries`
-          : `Could not pass the request to ${serverUrl}/${endpointOrMethodIdentifier} on underlying service: ${errorMessage}`,
+          : `Could not pass the request to ${serverUrl}/${endpointOrMethodIdentifier} on underlying service: ${detailedErrorMessage}`,
      )

      this.logger.debug(`Response error: ${JSON.stringify(error)}`)
@@ -282,7 +283,14 @@ export class HttpServiceProxy implements ServiceProxyInterface {
          ? +((error as AxiosError).code as string)
          : 500

-      response.status(errorCode).send(errorMessage)
+      const responseErrorMessage = (error as AxiosError).response?.data
+
+      response
+        .status(errorCode)
+        .send(
+          responseErrorMessage ??
+            "Unfortunately, we couldn't handle your request. Please try again or contact our support if the error persists.",
+        )
    }

    return
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.163.2](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.163.1...@standardnotes/auth-server@1.163.2) (2023-10-30)
+
+### Bug Fixes
+
+* **auth:** checking permissions to update setting only when directly performed by user ([#892](https://github.com/standardnotes/server/issues/892)) ([9bd4fb2](https://github.com/standardnotes/server/commit/9bd4fb2d794dae032286c68f23d3896b68735bdd))
+
+## [1.163.1](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.163.0...@standardnotes/auth-server@1.163.1) (2023-10-30)
+
+### Bug Fixes
+
+* **auth:** add more information on the listed creation error ([78ff748](https://github.com/standardnotes/server/commit/78ff748d911a5a4063903847ef761822bbb8f4e2))
+
 # [1.163.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.162.0...@standardnotes/auth-server@1.163.0) (2023-10-26)

 ### Features
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/auth-server",
-  "version": "1.163.0",
+  "version": "1.163.2",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -53,7 +53,7 @@ export class ListedAccountCreatedEventHandler implements DomainEventHandlerInter
    })

    if (result.isFailed()) {
-      this.logger.error(`Could not update listed author secrets for user with uuid ${user.uuid}`)
+      this.logger.error(`Could not update listed author secrets for user with uuid ${user.uuid}: ${result.getError()}`)
    }
  }
 }
@@ -92,6 +92,7 @@ describe('SetSettingValue', () => {
      userUuid: '00000000-0000-0000-0000-000000000000',
      settingName: SettingName.NAMES.ListedAuthorSecrets,
      value: 'value',
+      checkUserPermissions: true,
    })

    expect(result.isFailed()).toBe(true)
@@ -108,6 +109,7 @@ describe('SetSettingValue', () => {
      userUuid: '00000000-0000-0000-0000-000000000000',
      settingName: SettingName.NAMES.MfaSecret,
      value: 'value',
+      checkUserPermissions: true,
    })

    expect(result.isFailed()).toBe(true)
@@ -140,6 +142,20 @@ describe('SetSettingValue', () => {
    expect(settingRepository.update).toHaveBeenCalled()
  })

+  it('should create a setting with checking user permissions', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      settingName: SettingName.NAMES.MfaSecret,
+      value: 'value',
+      checkUserPermissions: true,
+    })
+
+    expect(result.isFailed()).toBe(false)
+    expect(settingRepository.insert).toHaveBeenCalled()
+  })
+
  it('should insert a new setting if one does not exist', async () => {
    getSetting.execute = jest.fn().mockReturnValue(Result.fail('not found'))

@@ -37,7 +37,7 @@ export class SetSettingValue implements UseCaseInterface<Setting> {
      return Result.fail(`Setting ${settingName.value} is a subscription setting!`)
    }

-    if (!(await this.userHasPermissionToUpdateSetting(userUuid, settingName))) {
+    if (dto.checkUserPermissions && !(await this.userHasPermissionToUpdateSetting(userUuid, settingName))) {
      return Result.fail(`User ${userUuid.value} does not have permission to update setting ${settingName.value}.`)
    }

@@ -2,4 +2,5 @@ export interface SetSettingValueDTO {
  settingName: string
  userUuid: string
  value: string | null
+  checkUserPermissions?: boolean
 }
@@ -160,6 +160,7 @@ export class BaseSettingsController extends BaseHttpController {
      settingName: name,
      value,
      userUuid: response.locals.user.uuid,
+      checkUserPermissions: true,
    })

    if (result.isFailed()) {
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.18.12](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.18.11...@standardnotes/home-server@1.18.12) (2023-10-30)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.18.11](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.18.10...@standardnotes/home-server@1.18.11) (2023-10-30)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.18.10](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.18.9...@standardnotes/home-server@1.18.10) (2023-10-27)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
 ## [1.18.9](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.18.8...@standardnotes/home-server@1.18.9) (2023-10-26)

 **Note:** Version bump only for package @standardnotes/home-server
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/home-server",
-  "version": "1.18.9",
+  "version": "1.18.12",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
Author	SHA1	Message	Date
standardci	b08e9731b8	chore(release): publish new version - @standardnotes/auth-server@1.163.2 - @standardnotes/home-server@1.18.12	2023-10-30 12:23:43 +00:00
Karol Sójko	9bd4fb2d79	fix(auth): checking permissions to update setting only when directly performed by user (#892 )	2023-10-30 12:51:31 +01:00
standardci	647aeda1de	chore(release): publish new version - @standardnotes/auth-server@1.163.1 - @standardnotes/home-server@1.18.11	2023-10-30 11:20:27 +00:00
Karol Sójko	78ff748d91	fix(auth): add more information on the listed creation error	2023-10-30 11:52:26 +01:00
standardci	31f8cf1169	chore(release): publish new version - @standardnotes/api-gateway@1.81.6 - @standardnotes/home-server@1.18.10	2023-10-27 10:03:28 +00:00
Karol Sójko	14bcf7b6c9	fix(api-gateway): logs for errors reaching service	2023-10-27 11:36:52 +02:00