diff --git a/src/ups/profiles/dao.js b/src/ups/profiles/dao.js index 41c4cd2..4d3d1f3 100644 --- a/src/ups/profiles/dao.js +++ b/src/ups/profiles/dao.js @@ -30,7 +30,7 @@ function updateProfile(profileObj, profileNumber, tagferId) { */ function getProfile(profileNumber, tagferId) { return database.ref(`/profiles/${tagferId}/profile${profileNumber}`).once('value').then(function(snapshot) { - return snapshot.val(); + return (snapshot.exists() ? snapshot.val() : {}); }); } diff --git a/src/ups/profiles/handlers.js b/src/ups/profiles/handlers.js index 783e7be..d3759db 100644 --- a/src/ups/profiles/handlers.js +++ b/src/ups/profiles/handlers.js @@ -34,20 +34,21 @@ async function updateUserProfile(req, res) { } async function getUserProfile(req, res) { - const sessionId = utils.getSessionIdFromAuthHeader(req, res); - try { - const tagferId = authDao.getSession(sessionId).tagferId; - profileDao.getProfile(req.params.profileNumber,tagferId).then((profile) => { - if (profile) { + const profileNumber = req.params.profileNumber; + if (profileNumber > 4 || profileNumber < 1) { + res.status(http.BAD_REQUEST).json({error: errors.NO_PROFILE_FOUND_FOR_NUMBER}); + } else { + const sessionId = utils.getSessionIdFromAuthHeader(req, res); + try { + const tagferId = authDao.getSession(sessionId).tagferId; + profileDao.getProfile(profileNumber,tagferId).then((profile) => { res.status(http.OK).json({profile}) - } else { - res.status(http.BAD_REQUEST).json({ error: errors.NO_PROFILE_FOUND_FOR_NUMBER}) - } - }).catch(error => { - res.status(http.INTERNAL_SERVER_ERROR).json({error}) - }) - } catch (error) { - res.status(http.BAD_REQUEST).json({ error }) + }).catch(error => { + res.status(http.INTERNAL_SERVER_ERROR).json({error: error.code}) + }) + } catch (error) { + res.status(http.UNAUTHORIZED).json({ error }) + } } }