Project

General

Profile

Actions
Copy link

Bug #36

closed

ServiceLine Field Accepts ObjectId in Product Categories API even when they don't correspond to any existing record in the database.

Added by Vivek Kumar 3 months ago. Updated 3 months ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Start date:
03/23/2026
Due date:
% Done:

100%

Estimated time:

Description

Endpoint:https://api.akinderwellness.com:4001/api/productCategories/add

Description
The serviceLine field is accepting arbitrary ObjectId values even when they do not correspond to any existing record in the database.

Steps to Reproduce
Send a POST request to the endpoint with a random ObjectId in the serviceLine field:

{
  "name": "Electronics",
  "description": "",
  "serviceLine": "68c3f959e0742f0f56243221",
  "status": "Active"
}

Observe that the request succeeds even if the serviceLine does not exist in the database.

Expected Behavior
The API should validate that the provided serviceLine:

  • Is a valid ObjectId format
  • Exists in the ServiceLine collection

Actual Behavior
Only ObjectId format is validated
No check is performed to verify existence in the database

Note A postman request is created to reproduce the issue.

Actions
Copy link
 #1

Updated by Adhi Narayanan 3 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100
Actions
Copy link
 #2

Updated by Vivek Kumar 3 months ago

Solved
{
"success": false,
"message": "Service Line does not exists ot Invalid !."
}

Actions
Copy link
 #3

Updated by Vivek Kumar 3 months ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF