chore: better message in guard

Unleash · Apr 11, 2024 · 1940d2a · 1940d2a
1 parent 9b88eb2
commit 1940d2a
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 13 deletions.
diff --git a/src/lib/routes/admin-api/user-admin.ts b/src/lib/routes/admin-api/user-admin.ts
@@ -741,7 +741,9 @@ export default class UserAdminController extends Controller {
         });
         if (!enabled) return;
 
-        throw new ForbiddenError('Cannot perform this operation on SCIM users');
+        throw new ForbiddenError(
+            'This user is managed by your SCIM provider and cannot be changed manually',
+        );
     }
 
     async isScimUser({

diff --git a/src/test/e2e/api/admin/user-admin.scim.e2e.test.ts b/src/test/e2e/api/admin/user-admin.scim.e2e.test.ts
@@ -24,6 +24,9 @@ const regularUser = {
     name: 'Regular User',
 };
 
+const scimGuardErrorMessage =
+    'This user is managed by your SCIM provider and cannot be changed manually';
+
 beforeAll(async () => {
     db = await dbInit('user_admin_scim', getLogger);
     stores = db.stores;
@@ -81,19 +84,15 @@ test('should prevent editing a SCIM user', async () => {
         })
         .expect(403);
 
-    expect(body.details[0].message).toBe(
-        'Cannot perform this operation on SCIM users',
-    );
+    expect(body.details[0].message).toBe(scimGuardErrorMessage);
 });
 
 test('should prevent deleting a SCIM user', async () => {
     const { body } = await app.request
         .delete(`/api/admin/user-admin/${scimUserId}`)
         .expect(403);
 
-    expect(body.details[0].message).toBe(
-        'Cannot perform this operation on SCIM users',
-    );
+    expect(body.details[0].message).toBe(scimGuardErrorMessage);
 });
 
 test('should prevent changing password for a SCIM user', async () => {
@@ -104,9 +103,7 @@ test('should prevent changing password for a SCIM user', async () => {
         })
         .expect(403);
 
-    expect(body.details[0].message).toBe(
-        'Cannot perform this operation on SCIM users',
-    );
+    expect(body.details[0].message).toBe(scimGuardErrorMessage);
 });
 
 test('should prevent resetting password for a SCIM user', async () => {
@@ -115,7 +112,5 @@ test('should prevent resetting password for a SCIM user', async () => {
         .send({ id: scimUser.email })
         .expect(403);
 
-    expect(body.details[0].message).toBe(
-        'Cannot perform this operation on SCIM users',
-    );
+    expect(body.details[0].message).toBe(scimGuardErrorMessage);
 });