fix: tweak catalog handler

adobe-rnd · maxakuru · Feb 21, 2025 · Feb 19, 2025 · Feb 19, 2025 · Feb 19, 2025
commit 5fc4c74ae7129b63939d8b1e85133bfe011a9707
diff --git a/src/routes/catalog/handler.js b/src/routes/catalog/handler.js
@@ -10,7 +10,6 @@
  * governing permissions and limitations under the License.
  */
 
-import { hasUppercase } from '../../utils/product.js';
 import { errorResponse } from '../../utils/http.js';
 import lookup from './lookup.js';
 import fetch from './fetch.js';
@@ -48,15 +47,13 @@ export default async function handler(ctx, request) {
     config,
     info: { method },
   } = ctx;
-  // Split the pathname into segments and filter out empty strings
   const pathSegments = ctx.url.pathname.split('/').filter(Boolean);
-  if (pathSegments.length !== 7) {
-    return errorResponse(404, 'invalid path');
-  }
-
   const [storeCode, storeViewCode, subRoute, sku] = pathSegments.slice(3);
-  if (hasUppercase(sku)) {
-    return errorResponse(400, 'Invalid SKU: SKU cannot contain uppercase letters');
+
+  if (!Object.keys(handlers).includes(subRoute)
+    || (subRoute === 'products' && !sku)
+    || (subRoute === 'lookup' && sku)) {
+    return errorResponse(404, 'invalid path');
   }
 
   Object.assign(config, {

diff --git a/src/utils/auth.js b/src/utils/auth.js
@@ -25,6 +25,11 @@ export async function assertAuthorization(ctx) {
     throw errorWithResponse(403, 'invalid key');
   }
 
+  if (actual === ctx.env.SUPERUSER_KEY) {
+    ctx.log.info('acting as superuser');
+    return;
+  }
+
   const expected = await ctx.env.KEYS.get(ctx.config.siteKey);
   if (!expected) {
     throw errorWithResponse(403, 'no key found for site');

diff --git a/wrangler.toml b/wrangler.toml
@@ -82,4 +82,4 @@ VERSION = "@@VERSION@@"
 ENVIRONMENT = "prod"
 
 # [secrets]
-# ...
+# SUPERUSER_KEY