diff options
| author | Chocobozzz <me@florianbigard.com> | 2017-12-28 14:29:57 +0100 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2017-12-28 14:29:57 +0100 |
| commit | eec63bbc0f4fdb39e56f37127b35c449f90a135f (patch) | |
| tree | 2403f5efea3e281698ae4a6b550fea9dfc52e390 /server/middlewares | |
| parent | c5d31dba56d669c0df0209761c43c5a6ac7cec4a (diff) | |
| download | PeerTube-eec63bbc0f4fdb39e56f37127b35c449f90a135f.tar.gz PeerTube-eec63bbc0f4fdb39e56f37127b35c449f90a135f.tar.zst PeerTube-eec63bbc0f4fdb39e56f37127b35c449f90a135f.zip | |
Improve check follow params tests
Diffstat (limited to 'server/middlewares')
| -rw-r--r-- | server/middlewares/oauth.ts | 6 | ||||
| -rw-r--r-- | server/middlewares/user-right.ts | 10 | ||||
| -rw-r--r-- | server/middlewares/validators/follows.ts | 6 |
3 files changed, 18 insertions, 4 deletions
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts index e59168ea8..12872c4a5 100644 --- a/server/middlewares/oauth.ts +++ b/server/middlewares/oauth.ts | |||
| @@ -17,7 +17,11 @@ function authenticate (req: express.Request, res: express.Response, next: expres | |||
| 17 | return res.sendStatus(500) | 17 | return res.sendStatus(500) |
| 18 | } | 18 | } |
| 19 | 19 | ||
| 20 | if (res.statusCode === 401 || res.statusCode === 400 || res.statusCode === 503) return res.end() | 20 | if (res.statusCode === 401 || res.statusCode === 400 || res.statusCode === 503) { |
| 21 | return res.json({ | ||
| 22 | error: 'Authentication failed.' | ||
| 23 | }).end() | ||
| 24 | } | ||
| 21 | 25 | ||
| 22 | return next() | 26 | return next() |
| 23 | }) | 27 | }) |
diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts index 5bb5bdfbd..7cea7aa1e 100644 --- a/server/middlewares/user-right.ts +++ b/server/middlewares/user-right.ts | |||
| @@ -8,8 +8,14 @@ function ensureUserHasRight (userRight: UserRight) { | |||
| 8 | return function (req: express.Request, res: express.Response, next: express.NextFunction) { | 8 | return function (req: express.Request, res: express.Response, next: express.NextFunction) { |
| 9 | const user = res.locals.oauth.token.user as UserModel | 9 | const user = res.locals.oauth.token.user as UserModel |
| 10 | if (user.hasRight(userRight) === false) { | 10 | if (user.hasRight(userRight) === false) { |
| 11 | logger.info('User %s does not have right %s to access to %s.', user.username, UserRight[userRight], req.path) | 11 | const message = `User ${user.username} does not have right ${UserRight[userRight]} to access to ${req.path}.` |
| 12 | return res.sendStatus(403) | 12 | logger.info(message) |
| 13 | |||
| 14 | return res.status(403) | ||
| 15 | .json({ | ||
| 16 | error: message | ||
| 17 | }) | ||
| 18 | .end() | ||
| 13 | } | 19 | } |
| 14 | 20 | ||
| 15 | return next() | 21 | return next() |
diff --git a/server/middlewares/validators/follows.ts b/server/middlewares/validators/follows.ts index 7dadf6a19..991a2e175 100644 --- a/server/middlewares/validators/follows.ts +++ b/server/middlewares/validators/follows.ts | |||
| @@ -41,7 +41,11 @@ const removeFollowingValidator = [ | |||
| 41 | const follow = await ActorFollowModel.loadByActorAndTargetHost(serverActor.id, req.params.host) | 41 | const follow = await ActorFollowModel.loadByActorAndTargetHost(serverActor.id, req.params.host) |
| 42 | 42 | ||
| 43 | if (!follow) { | 43 | if (!follow) { |
| 44 | return res.status(404) | 44 | return res |
| 45 | .status(404) | ||
| 46 | .json({ | ||
| 47 | error: `Follower ${req.params.host} not found.` | ||
| 48 | }) | ||
| 45 | .end() | 49 | .end() |
| 46 | } | 50 | } |
| 47 | 51 | ||