More fixes

ar2rsawseen · ar2rsawseen · commit 3b355fabedf2 · 2025-11-27T16:23:07.000+02:00
diff --git a/plugins/dbviewer/api/api.js b/plugins/dbviewer/api/api.js
@@ -152,10 +152,12 @@ var spawn = require('child_process').spawn,
         **/
         function getIndexes() {
             dbs[dbNameOnParam].collection(params.qstring.collection).indexes(function(err, indexes) {
-                if (err) {
-                    common.returnOutput(params, 'Somethings went wrong');
+                if (err || !indexes) {
+                    common.returnOutput(params, 'Failed to retrieve indexes for the collection');
+                }
+                else {
+                    common.returnOutput(params, { limit: indexes.length, start: 1, end: indexes.length, total: indexes.length, pages: 1, curPage: 1, collections: indexes });
                 }
-                common.returnOutput(params, { limit: indexes.length, start: 1, end: indexes.length, total: indexes.length, pages: 1, curPage: 1, collections: indexes });
             });
         }
 
diff --git a/plugins/reports/api/api.js b/plugins/reports/api/api.js
@@ -314,17 +314,19 @@ const FEATURE_NAME = 'reports';
                 convertToTimezone(props);
 
                 // TODO: Handle report type check
-                const userApps = getUserApps(params.member);
-                let notPermitted = false;
+                if (props.apps && Array.isArray(props.apps) && props.apps.length > 0) {
+                    const userApps = getUserApps(params.member);
+                    let notPermitted = false;
 
-                for (var i = 0; i < props.apps.length; i++) {
-                    if (userApps.indexOf(props.apps[i]) === -1) {
-                        notPermitted = true;
+                    for (var i = 0; i < props.apps.length; i++) {
+                        if (userApps.indexOf(props.apps[i]) === -1) {
+                            notPermitted = true;
+                        }
                     }
-                }
 
-                if (notPermitted && !params.member.global_admin) {
-                    return common.returnMessage(params, 401, 'User does not have right to access this information');
+                    if (notPermitted && !params.member.global_admin) {
+                        return common.returnMessage(params, 401, 'User does not have right to access this information');
+                    }
                 }
                 common.db.collection('reports').findOne(recordUpdateOrDeleteQuery(params, id), function(err_update, report) {
                     if (err_update) {
