coop-cloud-chaos-patchs/outline
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

More granular error responses

Browse Source
This commit is contained in:
Tom Moor
2018-02-19 23:31:18 -08:00
parent d73196594d
commit 5b6c908215
11 changed files with 67 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
server/api/__snapshots__/team.test.js.snap
View File

@ -17,9 +17,10 @@ Object {
exports[`#team.addAdmin should require admin 1`] = ` exports[`#team.addAdmin should require admin 1`] = `
Object { Object {
"error": "authorization_error", "error": "admin_required",
"message": "Authorization Required", "message": "An admin role is required to access this resource",
"ok": false, "ok": false,
"status": 403,
} }
`; `;
@ -40,15 +41,16 @@ Object {
exports[`#team.removeAdmin should require admin 1`] = ` exports[`#team.removeAdmin should require admin 1`] = `
Object { Object {
"error": "authorization_error", "error": "admin_required",
"message": "Authorization Required", "message": "An admin role is required to access this resource",
"ok": false, "ok": false,
"status": 403,
} }
`; `;
exports[`#team.removeAdmin shouldn't demote admins if only one available 1`] = ` exports[`#team.removeAdmin shouldn't demote admins if only one available 1`] = `
Object { Object {
"error": "at_least_one_admin_is_required", "error": "validation_error",
"message": "At least one admin is required", "message": "At least one admin is required",
"ok": false, "ok": false,
"status": 400, "status": 400,

7
server/api/apiKeys.js
View File

@ -1,6 +1,5 @@
// @flow // @flow
import Router from 'koa-router'; import Router from 'koa-router';
import httpErrors from 'http-errors';
import auth from './middlewares/authentication'; import auth from './middlewares/authentication';
import pagination from './middlewares/pagination'; import pagination from './middlewares/pagination';
@ -55,11 +54,7 @@ router.post('apiKeys.delete', auth(), async ctx => {
const key = await ApiKey.findById(id); const key = await ApiKey.findById(id);
authorize(user, 'delete', key); authorize(user, 'delete', key);
try { await key.destroy();
await key.destroy();
} catch (e) {
throw httpErrors.BadRequest('Error while deleting key');
}
ctx.body = { ctx.body = {
success: true, success: true,

10
server/api/collections.js
View File

@ -1,11 +1,11 @@
// @flow // @flow
import Router from 'koa-router'; import Router from 'koa-router';
import httpErrors from 'http-errors';
import auth from './middlewares/authentication'; import auth from './middlewares/authentication';
import pagination from './middlewares/pagination'; import pagination from './middlewares/pagination';
import { presentCollection } from '../presenters'; import { presentCollection } from '../presenters';
import { Collection } from '../models'; import { Collection } from '../models';
import { ValidationError } from '../errors';
import policy from '../policies'; import policy from '../policies';
const { authorize } = policy; const { authorize } = policy;
@ -95,13 +95,9 @@ router.post('collections.delete', auth(), async ctx => {
authorize(ctx.state.user, 'delete', collection); authorize(ctx.state.user, 'delete', collection);
const total = await Collection.count(); const total = await Collection.count();
if (total === 1) throw httpErrors.BadRequest('Cannot delete last collection'); if (total === 1) throw new ValidationError('Cannot delete last collection');
try { await collection.destroy();
await collection.destroy();
} catch (e) {
throw httpErrors.BadRequest('Error while deleting collection');
}
ctx.body = { ctx.body = {
success: true, success: true,

2
server/api/collections.test.js
View File

@ -57,7 +57,7 @@ describe('#collections.info', async () => {
const res = await server.post('/api/collections.info', { const res = await server.post('/api/collections.info', {
body: { token: user.getJwtToken(), id: collection.id }, body: { token: user.getJwtToken(), id: collection.id },
}); });
expect(res.status).toEqual(404); expect(res.status).toEqual(403);
}); });
}); });

8
server/api/index.js
View File

@ -39,13 +39,7 @@ api.use(async (ctx, next) => {
} }
if (message.match('Authorization error')) { if (message.match('Authorization error')) {
if (ctx.path.match('info')) { ctx.status = 403;
ctx.status = 404;
message = 'Not Found';
} else {
ctx.status = 403;
message = 'Authorization Required';
}
} }
if (ctx.status === 500) { if (ctx.status === 500) {

18
server/api/middlewares/validation.js
View File

@ -1,43 +1,43 @@
// @flow // @flow
import apiError from '../../errors';
import validator from 'validator'; import validator from 'validator';
import { ParamRequiredError, ValidationError } from '../../errors';
import { validateColorHex } from '../../../shared/utils/color'; import { validateColorHex } from '../../../shared/utils/color';
export default function validation() { export default function validation() {
return function validationMiddleware(ctx: Object, next: Function) { return function validationMiddleware(ctx: Object, next: Function) {
ctx.assertPresent = function assertPresent(value, message) { ctx.assertPresent = (value, message) => {
if (value === undefined || value === null || value === '') { if (value === undefined || value === null || value === '') {
throw apiError(400, 'validation_error', message); throw new ParamRequiredError(message);
} }
}; };
ctx.assertNotEmpty = function assertNotEmpty(value, message) { ctx.assertNotEmpty = (value, message) => {
if (value === '') { if (value === '') {
throw apiError(400, 'validation_error', message); throw new ValidationError(message);
} }
}; };
ctx.assertEmail = (value, message) => { ctx.assertEmail = (value, message) => {
if (!validator.isEmail(value)) { if (!validator.isEmail(value)) {
throw apiError(400, 'validation_error', message); throw new ValidationError(message);
} }
}; };
ctx.assertUuid = (value, message) => { ctx.assertUuid = (value, message) => {
if (!validator.isUUID(value)) { if (!validator.isUUID(value)) {
throw apiError(400, 'validation_error', message); throw new ValidationError(message);
} }
}; };
ctx.assertPositiveInteger = (value, message) => { ctx.assertPositiveInteger = (value, message) => {
if (!validator.isInt(value, { min: 0 })) { if (!validator.isInt(value, { min: 0 })) {
throw apiError(400, 'validation_error', message); throw new ValidationError(message);
} }
}; };
ctx.assertHexColor = (value, message) => { ctx.assertHexColor = (value, message) => {
if (!validateColorHex(value)) { if (!validateColorHex(value)) {
throw apiError(400, 'validation_error', message); throw new ValidationError(message);
} }
}; };

5
server/api/team.js
View File

@ -1,7 +1,6 @@
// @flow // @flow
import Router from 'koa-router'; import Router from 'koa-router';
import httpErrors from 'http-errors'; import { ValidationError } from '../errors';
import { Team, User } from '../models'; import { Team, User } from '../models';
import auth from './middlewares/authentication'; import auth from './middlewares/authentication';
@ -61,7 +60,7 @@ router.post('team.removeAdmin', auth(), async ctx => {
try { try {
await team.removeAdmin(user); await team.removeAdmin(user);
} catch (err) { } catch (err) {
throw httpErrors.BadRequest(err.message); throw new ValidationError(err.message);
} }
ctx.body = { ctx.body = {

29
server/errors.js
View File

@ -1,9 +1,28 @@
// @flow // @flow
import httpErrors from 'http-errors'; import httpErrors from 'http-errors';
const apiError = (code: number, id: string, message: string) => { export function ValidationError(message: string = 'Validation failed') {
return httpErrors(code, message, { id }); return httpErrors(400, message, { id: 'validation_error' });
}; }
export default apiError; export function ParamRequiredError(
export { httpErrors }; message: string = 'Required parameter missing'
) {
return httpErrors(400, message, { id: 'param_required' });
}
export function AuthorizationError(
message: string = 'You do not have permission to access this resource'
) {
return httpErrors(403, message, { id: 'permission_required' });
}
export function AdminRequiredError(
message: string = 'An admin role is required to access this resource'
) {
return httpErrors(403, message, { id: 'admin_required' });
}
export function NotFoundError(message: string = 'Resource not found') {
return httpErrors(404, message, { id: 'not_found' });
}

15
server/policies/collection.js
View File

@ -1,6 +1,7 @@
// @flow // @flow
import policy from './policy'; import policy from './policy';
import { Collection, User } from '../models'; import { Collection, User } from '../models';
import { AdminRequiredError } from '../errors';
const { allow } = policy; const { allow } = policy;
@ -13,12 +14,8 @@ allow(
(user, collection) => collection && user.teamId === collection.teamId (user, collection) => collection && user.teamId === collection.teamId
); );
allow( allow(User, 'delete', Collection, (user, collection) => {
User, if (!collection || user.teamId !== collection.teamId) return false;
'delete', if (user.id === collection.creatorId) return true;
Collection, if (!user.isAdmin) throw new AdminRequiredError();
(user, collection) => });
collection &&
user.teamId === collection.teamId &&
(user.id === collection.creatorId || user.isAdmin)
);

27
server/policies/user.js
View File

@ -1,6 +1,7 @@
// @flow // @flow
import policy from './policy'; import policy from './policy';
import { User } from '../models'; import { User } from '../models';
import { AdminRequiredError } from '../errors';
const { allow } = policy; const { allow } = policy;
@ -11,19 +12,15 @@ allow(
(actor, user) => user && user.teamId === actor.teamId (actor, user) => user && user.teamId === actor.teamId
); );
allow( allow(User, ['update', 'delete'], User, (actor, user) => {
User, if (!user || user.teamId !== actor.teamId) return false;
['update', 'delete'], if (user.id === actor.id) return true;
User, if (actor.isAdmin) return true;
(actor, user) => throw new AdminRequiredError();
user && });
user.teamId === actor.teamId &&
(user.id === actor.id || actor.isAdmin)
);
allow( allow(User, ['promote', 'demote'], User, (actor, user) => {
User, if (!user || user.teamId !== actor.teamId) return false;
['promote', 'demote'], if (actor.isAdmin) return true;
User, throw new AdminRequiredError();
(actor, user) => user && user.teamId === actor.teamId && actor.isAdmin });
);

2
server/slack.js
View File

@ -1,7 +1,7 @@
// @flow // @flow
import fetch from 'isomorphic-fetch'; import fetch from 'isomorphic-fetch';
import querystring from 'querystring'; import querystring from 'querystring';
import { httpErrors } from './errors'; import httpErrors from 'http-errors';
const SLACK_API_URL = 'https://slack.com/api'; const SLACK_API_URL = 'https://slack.com/api';