From 7aa4622deecfb3b3530897cf10f19031037e96a6 Mon Sep 17 00:00:00 2001
From: lmluat-axonivy <luat.luongminh@axonactive.com>
Date: Tue, 17 Dec 2024 11:57:08 +0700
Subject: [PATCH] 
 feature/IVYPORTAL-18034-Information-exposure-through-an-error-message

- Handle security warning
---
 .../axonivy/portal/rest/GlobalSearchRestService.java   | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/AxonIvyPortal/portal/src/com/axonivy/portal/rest/GlobalSearchRestService.java b/AxonIvyPortal/portal/src/com/axonivy/portal/rest/GlobalSearchRestService.java
index efc3629eaef..01f57262ea9 100644
--- a/AxonIvyPortal/portal/src/com/axonivy/portal/rest/GlobalSearchRestService.java
+++ b/AxonIvyPortal/portal/src/com/axonivy/portal/rest/GlobalSearchRestService.java
@@ -11,6 +11,7 @@
 import com.axonivy.portal.response.GlobalSearchResponse;
 import com.axonivy.portal.service.GlobalSearchService;
 
+import ch.ivyteam.ivy.environment.Ivy;
 import ch.ivyteam.ivy.security.ISecurityConstants;
 import io.swagger.v3.oas.annotations.media.Content;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
@@ -30,7 +31,8 @@ public Response processes(SearchPayload payload) {
       GlobalSearchResponse result = service.searchProcesses(payload);
       return Response.ok(result).build();
     } catch (NotFoundException e) {
-      return Response.status(Status.NOT_FOUND).entity(e.getMessage()).build();
+      Ivy.log().error(e);
+      return Response.status(Status.NOT_FOUND).build();
     }
   }
 
@@ -42,7 +44,8 @@ public Response tasks(SearchPayload payload) {
       GlobalSearchResponse result = service.searchTasks(payload);
       return Response.ok(result).build();
     } catch (NotFoundException e) {
-      return Response.status(Status.NOT_FOUND).entity(e.getMessage()).build();
+      Ivy.log().error(e);
+      return Response.status(Status.NOT_FOUND).build();
     }
   }
 
@@ -54,7 +57,8 @@ public Response cases(SearchPayload payload) {
       GlobalSearchResponse result = service.searchCases(payload);
       return Response.ok(result).build();
     } catch (NotFoundException e) {
-      return Response.status(Status.NOT_FOUND).entity(e.getMessage()).build();
+      Ivy.log().error(e);
+      return Response.status(Status.NOT_FOUND).build();
     }
   }
 }