fix(portal): GRO-2203 validate petId as UUID before PATCH lookup (500→404) (#177)

src/__tests__/portalPets.test.ts

@@ -280,6 +280,23 @@ describe("PATCH /portal/pets/:petId", () => {
     expect(res.status).toBe(404);
   });
 
+  it("returns 404 for a malformed (non-UUID) petId without hitting the db (GRO-2203)", async () => {
+    selectSessionRow = ACTIVE_SESSION;
+    // A non-UUID petId previously reached `where(eq(pets.id, ...))` and made
+    // Postgres throw "invalid input syntax for type uuid" → unhandled 500.
+    // It must now short-circuit to 404 before any select/update.
+    selectPetRow = PET;
+
+    const res = await jsonPatch(
+      `/portal/pets/not-a-uuid`,
+      { coatType: "short" },
+      { "X-Impersonation-Session-Id": SESSION_ID }
+    );
+
+    expect(res.status).toBe(404);
+    expect(updatedValues).toHaveLength(0);
+  });
+
   it("returns 422 for an invalid coatType", async () => {
     selectSessionRow = ACTIVE_SESSION;
     selectPetRow = PET;

src/routes/portal.ts

@@ -296,6 +296,14 @@ portalRouter.patch(
     const body = c.req.valid("json");
     const clientId = c.get("portalClientId");
 
+    // GRO-2203: validate UUID format before hitting Postgres. Passing a non-UUID
+    // string to a uuid column makes the driver throw ("invalid input syntax for
+    // type uuid"), which previously surfaced as an unhandled 500. Mirror the
+    // GRO-2014 fix in pets.ts and treat a malformed id as Not found.
+    if (!z.string().uuid().safeParse(petId).success) {
+      return c.json({ error: "Not found" }, 404);
+    }
+
     const [pet] = await db
       .select()
       .from(pets)