More granular error responses
This commit is contained in:
Tom Moor
@@ -17,9 +17,10 @@ Object {
|
||||
|
||||
exports[`#team.addAdmin should require admin 1`] = `
|
||||
Object {
|
||||
"error": "authorization_error",
|
||||
"message": "Authorization Required",
|
||||
"error": "admin_required",
|
||||
"message": "An admin role is required to access this resource",
|
||||
"ok": false,
|
||||
"status": 403,
|
||||
}
|
||||
`;
|
||||
|
||||
@@ -40,15 +41,16 @@ Object {
|
||||
|
||||
exports[`#team.removeAdmin should require admin 1`] = `
|
||||
Object {
|
||||
"error": "authorization_error",
|
||||
"message": "Authorization Required",
|
||||
"error": "admin_required",
|
||||
"message": "An admin role is required to access this resource",
|
||||
"ok": false,
|
||||
"status": 403,
|
||||
}
|
||||
`;
|
||||
|
||||
exports[`#team.removeAdmin shouldn't demote admins if only one available 1`] = `
|
||||
Object {
|
||||
"error": "at_least_one_admin_is_required",
|
||||
"error": "validation_error",
|
||||
"message": "At least one admin is required",
|
||||
"ok": false,
|
||||
"status": 400,
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
// @flow
|
||||
import Router from 'koa-router';
|
||||
import httpErrors from 'http-errors';
|
||||
|
||||
import auth from './middlewares/authentication';
|
||||
import pagination from './middlewares/pagination';
|
||||
@@ -55,11 +54,7 @@ router.post('apiKeys.delete', auth(), async ctx => {
|
||||
const key = await ApiKey.findById(id);
|
||||
authorize(user, 'delete', key);
|
||||
|
||||
try {
|
||||
await key.destroy();
|
||||
} catch (e) {
|
||||
throw httpErrors.BadRequest('Error while deleting key');
|
||||
}
|
||||
await key.destroy();
|
||||
|
||||
ctx.body = {
|
||||
success: true,
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
// @flow
|
||||
import Router from 'koa-router';
|
||||
import httpErrors from 'http-errors';
|
||||
|
||||
import auth from './middlewares/authentication';
|
||||
import pagination from './middlewares/pagination';
|
||||
import { presentCollection } from '../presenters';
|
||||
import { Collection } from '../models';
|
||||
import { ValidationError } from '../errors';
|
||||
import policy from '../policies';
|
||||
|
||||
const { authorize } = policy;
|
||||
@@ -95,13 +95,9 @@ router.post('collections.delete', auth(), async ctx => {
|
||||
authorize(ctx.state.user, 'delete', collection);
|
||||
|
||||
const total = await Collection.count();
|
||||
if (total === 1) throw httpErrors.BadRequest('Cannot delete last collection');
|
||||
if (total === 1) throw new ValidationError('Cannot delete last collection');
|
||||
|
||||
try {
|
||||
await collection.destroy();
|
||||
} catch (e) {
|
||||
throw httpErrors.BadRequest('Error while deleting collection');
|
||||
}
|
||||
await collection.destroy();
|
||||
|
||||
ctx.body = {
|
||||
success: true,
|
||||
|
||||
@@ -57,7 +57,7 @@ describe('#collections.info', async () => {
|
||||
const res = await server.post('/api/collections.info', {
|
||||
body: { token: user.getJwtToken(), id: collection.id },
|
||||
});
|
||||
expect(res.status).toEqual(404);
|
||||
expect(res.status).toEqual(403);
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
@@ -39,13 +39,7 @@ api.use(async (ctx, next) => {
|
||||
}
|
||||
|
||||
if (message.match('Authorization error')) {
|
||||
if (ctx.path.match('info')) {
|
||||
ctx.status = 404;
|
||||
message = 'Not Found';
|
||||
} else {
|
||||
ctx.status = 403;
|
||||
message = 'Authorization Required';
|
||||
}
|
||||
ctx.status = 403;
|
||||
}
|
||||
|
||||
if (ctx.status === 500) {
|
||||
|
||||
@@ -1,43 +1,43 @@
|
||||
// @flow
|
||||
import apiError from '../../errors';
|
||||
import validator from 'validator';
|
||||
import { ParamRequiredError, ValidationError } from '../../errors';
|
||||
import { validateColorHex } from '../../../shared/utils/color';
|
||||
|
||||
export default function validation() {
|
||||
return function validationMiddleware(ctx: Object, next: Function) {
|
||||
ctx.assertPresent = function assertPresent(value, message) {
|
||||
ctx.assertPresent = (value, message) => {
|
||||
if (value === undefined || value === null || value === '') {
|
||||
throw apiError(400, 'validation_error', message);
|
||||
throw new ParamRequiredError(message);
|
||||
}
|
||||
};
|
||||
|
||||
ctx.assertNotEmpty = function assertNotEmpty(value, message) {
|
||||
ctx.assertNotEmpty = (value, message) => {
|
||||
if (value === '') {
|
||||
throw apiError(400, 'validation_error', message);
|
||||
throw new ValidationError(message);
|
||||
}
|
||||
};
|
||||
|
||||
ctx.assertEmail = (value, message) => {
|
||||
if (!validator.isEmail(value)) {
|
||||
throw apiError(400, 'validation_error', message);
|
||||
throw new ValidationError(message);
|
||||
}
|
||||
};
|
||||
|
||||
ctx.assertUuid = (value, message) => {
|
||||
if (!validator.isUUID(value)) {
|
||||
throw apiError(400, 'validation_error', message);
|
||||
throw new ValidationError(message);
|
||||
}
|
||||
};
|
||||
|
||||
ctx.assertPositiveInteger = (value, message) => {
|
||||
if (!validator.isInt(value, { min: 0 })) {
|
||||
throw apiError(400, 'validation_error', message);
|
||||
throw new ValidationError(message);
|
||||
}
|
||||
};
|
||||
|
||||
ctx.assertHexColor = (value, message) => {
|
||||
if (!validateColorHex(value)) {
|
||||
throw apiError(400, 'validation_error', message);
|
||||
throw new ValidationError(message);
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
// @flow
|
||||
import Router from 'koa-router';
|
||||
import httpErrors from 'http-errors';
|
||||
|
||||
import { ValidationError } from '../errors';
|
||||
import { Team, User } from '../models';
|
||||
|
||||
import auth from './middlewares/authentication';
|
||||
@@ -61,7 +60,7 @@ router.post('team.removeAdmin', auth(), async ctx => {
|
||||
try {
|
||||
await team.removeAdmin(user);
|
||||
} catch (err) {
|
||||
throw httpErrors.BadRequest(err.message);
|
||||
throw new ValidationError(err.message);
|
||||
}
|
||||
|
||||
ctx.body = {
|
||||
|
||||
Reference in New Issue
Block a user