Fix : Today's date allowed while creation OOO

[Dhirenderchoudhary]

Date: 3 Jan 2026

Developer Name: Dhirender Choudhary

---

Issue Ticket Number

RealDevSquad/website-www#1125

Tech Doc Link

https://docs.google.com/document/d/1qqa3eBRCceZpiI7tigfy5SpYO2TzkxL6pFwMk8BF7-g/edit?tab=t.0

Description

This PR fixes a bug where creating an OOO request for "Today's Date" resulted in a 400 Bad Request error.

The Problem: The backend validation from >= Date.now() was comparing the selected date (which defaults to midnight 00:00) against the current execution time. This caused valid same-day requests to fail because midnight is technically in the past relative to the current time.

The Fix: I updated the validation logic to allow the current day to be a valid start date. Users can now successfully raise OOO requests starting from today without triggering the validation error.

---

Documentation Updated?

• Yes
• No

---

Under Feature Flag

• Yes
• No

Feature flag has been completely removed.

• Yes
• No

---

Database Changes

• Yes
• No

---

Breaking Changes

• Yes
• No

---

Development Tested?

• Yes
• No

Verified locally using integration tests.

• Yes
• No

---

Test Coverage

Details

Screen.Recording.2026-01-03.at.4.23.35.PM.mp4

---

Additional Notes

Authorization logic, Discord role checks, and user status validation remain unchanged and fully active.

[coderabbitai]

Walkthrough

Modified the minimum validation for the from field in OOO request creation from the current timestamp to the start of the current day (00:00). Updated corresponding unit and integration tests to reflect the new validation expectations and behavior.

Changes

Cohort / File(s)	Summary
Validation Logic middlewares/validators/oooRequests.ts	Changed from field minimum validation from Date.now() to new Date().setHours(0,0,0,0), permitting any time on or after 00:00 of the current day instead of strictly after the current moment.
Test Updates test/unit/middlewares/oooRequests.test.ts	Updated test assertions: valid create request now expects nextSpy not to be called; date validation tests now use new Date().setUTCHours(0,0,0,0) with offsets to match the new validator behavior.
Integration Tests test/integration/requests.test.ts	Removed a blank line between test cases; no functional changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• Hariom01010
• iamitprakash

Poem

🐰 A validator's heart now beats at dawn,
No longer tied to fleeting nows,
The whole day stretches, vast and drawn,
For those who bid their work adieu.
Tests affirmed in joyful vows! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: allowing today's date when creating OOO requests by updating the validation logic from Date.now() to midnight.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The pull request description clearly explains the bug being fixed (Date.now() comparison issue), the specific changes made (validation logic update), and provides context through referenced issue and tech documentation.

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (4)

middlewares/validators/oooRequests.ts (1)

6-40: Critical: Middleware doesn't call next() on successful validation.

Unlike acknowledgeOooRequestValidator (line 89), this validator doesn't call next() when validation succeeds. This breaks the Express middleware chain and prevents the request from reaching the route handler. The test change on line 34 of the test file confirms this bug.

🔎 Proposed fix

 export const createOooStatusRequestValidator = async (
   req: OooRequestCreateRequest,
   res: OooRequestResponse,
   next: NextFunction
 ) => {
   const schema = joi
     .object()
     .strict()
     .keys({
       from: joi
         .number()
         .min(new Date().setHours(0, 0, 0, 0))
         .messages({
           "number.min": "from date must be greater than or equal to Today's date",
         })
         .required(),
       until: joi
         .number()
         .min(joi.ref("from"))
         .messages({
           "number.min": "until date must be greater than or equal to from date",
         })
         .required(),
       reason: joi.string().required().messages({
         "any.required": "reason is required",
         "string.empty": "reason cannot be empty",
       }),
       type: joi.string().valid(REQUEST_TYPE.OOO).required().messages({
         "string.empty": "type cannot be empty",
         "any.required": "type is required",
       }),
     });
 
-  await schema.validateAsync(req.body, { abortEarly: false });
+  try {
+    await schema.validateAsync(req.body, { abortEarly: false });
+    return next();
+  } catch (error: unknown) {
+    if (error instanceof joi.ValidationError) {
+      const errorMessages = error.details.map((detail) => detail.message);
+      logger.error(`Error validating OOO request: ${errorMessages}`);
+      return res.boom.badRequest(errorMessages);
+    }
+    const errorMessage = error instanceof Error ? error.message : String(error);
+    logger.error(`Error validating OOO request: ${errorMessage}`);
+    return res.boom.badRequest(["Error validating OOO request"]);
+  }
 };

test/unit/middlewares/oooRequests.test.ts (3)

27-35: Test now validates incorrect middleware behavior.

This test change reflects the bug identified in the validator: it now asserts that next() is NOT called on successful validation, which is incorrect middleware behavior. After fixing the validator to properly call next(), this assertion should be reverted.

🔎 Proposed fix (after validator is fixed)

     it("should validate for a valid create request", async function () {
       req = {
         body: validOooStatusRequests,
       };
       res = {};
 
       await createOooStatusRequestValidator(req as any, res as any, nextSpy);
-      expect(nextSpy.notCalled).to.be.true;
+      expect(nextSpy.calledOnce).to.be.true;
     });

---

83-93: Timezone inconsistency between test and validator.

The test uses setUTCHours(0, 0, 0, 0) (UTC timezone) while the validator uses setHours(0, 0, 0, 0) (local timezone). This mismatch could cause the test to pass locally but fail in CI/CD environments with different timezone configurations, or vice versa.

🔎 Proposed fix

Align with the validator by using local time:

     it("should not validate for an invalid request if all until date is greater than from", async function () {
       req = {
-        body: { ...validOooStatusRequests, from: new Date().setUTCHours(0, 0, 0, 0) + 5000000, until: new Date().setUTCHours(0, 0, 0, 0) + 1000000 },
+        body: { ...validOooStatusRequests, from: new Date().setHours(0, 0, 0, 0) + 5000000, until: new Date().setHours(0, 0, 0, 0) + 1000000 },
       };

Or better, use UTC consistently in both places for predictable behavior.

---

9-9: Update test fixture for consistency.

The validOooStatusRequests fixture (imported from test/fixtures/oooRequest/oooRequest.ts) still uses Date.now() + 1 * 24 * 60 * 60 * 1000 (tomorrow), which works but is inconsistent with the new validation logic that allows today's date. Consider updating the fixture to use the start-of-day pattern for clarity and consistency.

#!/bin/bash
# Description: Check all usages of validOooStatusRequests to assess impact of updating the fixture

# Find all files using validOooStatusRequests
rg -n "validOooStatusRequests" --type=ts -g '!node_modules' -C3

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between da40cfa and ec2dd41.

📒 Files selected for processing (3)

• middlewares/validators/oooRequests.ts
• test/integration/requests.test.ts
• test/unit/middlewares/oooRequests.test.ts

💤 Files with no reviewable changes (1)

• test/integration/requests.test.ts

🧰 Additional context used

🧬 Code graph analysis (1)

test/unit/middlewares/oooRequests.test.ts (1)

test/fixtures/oooRequest/oooRequest.ts (1)

• validOooStatusRequests (15-20)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build (22.10.0)