4nk/lecoffre-back
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add error messages for middlewares

Browse Source
This commit is contained in:
OxSaitama 2023-07-11 14:21:16 +02:00
parent ecd9d80d58
commit ae4812c0dc
12 changed files with 42 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/app/middlewares/AuthHandler.ts
View File

@ -8,14 +8,14 @@ export default function authHandler(req: Request, response: Response, next: Next
const token = authHeader && authHeader.split(" ")[1]; const token = authHeader && authHeader.split(" ")[1];
if (!token) { if (!token) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Missing token in authorization header");
return; return;
} }
const authService = Container.get(AuthService); const authService = Container.get(AuthService);
authService.verifyAccessToken(token, (err, userPayload) => { authService.verifyAccessToken(token, (err, userPayload) => {
if (err) { if (err) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Error while verifying token");
return; return;
} }
req.body.user = userPayload; req.body.user = userPayload;

4
src/app/middlewares/CustomerHandler/DocumentHandler.ts
View File

@ -8,7 +8,7 @@ export default async function documentHandler(req: Request, response: Response,
const uid = req.path && req.path.split("/")[5]; const uid = req.path && req.path.split("/")[5];
if(!uid) { if(!uid) {
response.sendStatus(HttpCodes.BAD_REQUEST); response.status(HttpCodes.BAD_REQUEST).send("Missing document uid");
return; return;
} }
@ -16,7 +16,7 @@ export default async function documentHandler(req: Request, response: Response,
const document = await documentService.getByUid(uid); const document = await documentService.getByUid(uid);
if(document?.depositor_uid != customerId) { if(document?.depositor_uid != customerId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
return; return;
} }

8
src/app/middlewares/CustomerHandler/FileHandler.ts
View File

@ -13,11 +13,11 @@ export default async function fileHandler(req: Request, response: Response, next
const fileService = Container.get(FilesService); const fileService = Container.get(FilesService);
const file = await fileService.getByUidWithDocument(uid); const file = await fileService.getByUidWithDocument(uid);
if (!file) { if (!file) {
response.sendStatus(HttpCodes.BAD_REQUEST); response.status(HttpCodes.NOT_FOUND).send("File not found");
return; return;
} }
if (file.document.depositor_uid != customerId) { if (file.document.depositor_uid != customerId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
return; return;
} }
} }
@ -26,11 +26,11 @@ export default async function fileHandler(req: Request, response: Response, next
const documentService = Container.get(DocumentsService); const documentService = Container.get(DocumentsService);
const documentFound = await documentService.getByUid(document.uid!); const documentFound = await documentService.getByUid(document.uid!);
if(!documentFound) { if(!documentFound) {
response.sendStatus(HttpCodes.BAD_REQUEST); response.status(HttpCodes.NOT_FOUND).send("Document not found");
return; return;
} }
if (documentFound.depositor_uid != customerId) { if (documentFound.depositor_uid != customerId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
return; return;
} }
} }

8
src/app/middlewares/OfficeMembershipHandlers/DeedHandler.ts
View File

@ -15,12 +15,12 @@ export default async function deedHandler(req: Request, response: Response, next
const deed = await deedService.getByUidWithOffice(uid); const deed = await deedService.getByUidWithOffice(uid);
if (!deed) { if (!deed) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Deed not found");
return; return;
} }
if (deed.deed_type.office.uid != officeId) { if (deed.deed_type.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }
@ -30,11 +30,11 @@ export default async function deedHandler(req: Request, response: Response, next
documentTypes.forEach(async (documentType) => { documentTypes.forEach(async (documentType) => {
const deedTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!); const deedTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if (!deedTypeWithOffice) { if (!deedTypeWithOffice) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
return; return;
} }
if (deedTypeWithOffice.office?.uid != officeId) { if (deedTypeWithOffice.office?.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
}); });

10
src/app/middlewares/OfficeMembershipHandlers/DeedTypeHandler.ts
View File

@ -12,7 +12,7 @@ export default async function deedTypeHandler(req: Request, response: Response,
const office = req.body.office; const office = req.body.office;
if (office && office.uid != officeId) { if (office && office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
@ -21,12 +21,12 @@ export default async function deedTypeHandler(req: Request, response: Response,
const deedType = await deedTypeService.getByUidWithOffice(uid!); const deedType = await deedTypeService.getByUidWithOffice(uid!);
if (!deedType) { if (!deedType) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
return; return;
} }
if (deedType.office.uid != officeId) { if (deedType.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }
@ -36,11 +36,11 @@ export default async function deedTypeHandler(req: Request, response: Response,
documentTypes.forEach(async (documentType) => { documentTypes.forEach(async (documentType) => {
const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!); const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if (!documentTypeWithOffice) { if (!documentTypeWithOffice) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Document type not found");
return; return;
} }
if (documentTypeWithOffice.office?.uid != officeId) { if (documentTypeWithOffice.office?.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
}); });

8
src/app/middlewares/OfficeMembershipHandlers/DocumentHandler.ts
View File

@ -17,11 +17,11 @@ export default async function documentHandler(req: Request, response: Response,
const officeFolderService = Container.get(OfficeFoldersService); const officeFolderService = Container.get(OfficeFoldersService);
const officeFolderWithOffice = await officeFolderService.getByUidWithOffice(folder.uid!); const officeFolderWithOffice = await officeFolderService.getByUidWithOffice(folder.uid!);
if (!officeFolderWithOffice) { if (!officeFolderWithOffice) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Folder not found");
return; return;
} }
if (officeFolderWithOffice.office?.uid != officeId) { if (officeFolderWithOffice.office?.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }
@ -30,11 +30,11 @@ export default async function documentHandler(req: Request, response: Response,
const documentTypeService = Container.get(DocumentTypesService); const documentTypeService = Container.get(DocumentTypesService);
const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!); const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
if (!documentTypeWithOffice) { if (!documentTypeWithOffice) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Document type not found");
return; return;
} }
if (documentTypeWithOffice.office?.uid != officeId) { if (documentTypeWithOffice.office?.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }

6
src/app/middlewares/OfficeMembershipHandlers/DocumentTypeHandler.ts
View File

@ -9,7 +9,7 @@ export default async function documentTypeHandler(req: Request, response: Respon
const office = req.body.office; const office = req.body.office;
if (office && office.uid != officeId) { if (office && office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
@ -18,12 +18,12 @@ export default async function documentTypeHandler(req: Request, response: Respon
const documentType = await documentTypeService.getByUidWithOffice(uid!); const documentType = await documentTypeService.getByUidWithOffice(uid!);
if (!documentType) { if (!documentType) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Document type not found");
return; return;
} }
if (documentType.office.uid != officeId) { if (documentType.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }

8
src/app/middlewares/OfficeMembershipHandlers/FileHandler.ts
View File

@ -13,11 +13,11 @@ export default async function fileHandler(req: Request, response: Response, next
const documentService = Container.get(DocumentsService); const documentService = Container.get(DocumentsService);
const documentWithOffice = await documentService.getByUidWithOffice(document.uid!); const documentWithOffice = await documentService.getByUidWithOffice(document.uid!);
if (!documentWithOffice) { if (!documentWithOffice) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Document not found");
return; return;
} }
if (documentWithOffice.folder.office?.uid != officeId) { if (documentWithOffice.folder.office?.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }
@ -29,11 +29,11 @@ export default async function fileHandler(req: Request, response: Response, next
const file = await fileService.getByUidWithOffice(uid!); const file = await fileService.getByUidWithOffice(uid!);
if (!file) { if (!file) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("File not found");
return; return;
} }
if (file.document.folder.office.uid != officeId) { if (file.document.folder.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }

11
src/app/middlewares/OfficeMembershipHandlers/FolderHandler.ts
View File

@ -12,7 +12,8 @@ export default async function folderHandler(req: Request, response: Response, ne
const deed = req.body.deed; const deed = req.body.deed;
if (office && office.uid != officeId) { if (office && office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); console.log("wrong office");
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
@ -24,7 +25,7 @@ export default async function folderHandler(req: Request, response: Response, ne
return; return;
} }
if (deedWithOffice.deed_type.office.uid != officeId) { if (deedWithOffice.deed_type.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this deed type");
return; return;
} }
} }
@ -36,7 +37,7 @@ export default async function folderHandler(req: Request, response: Response, ne
where: { folder_number: officeFolderNumber, office: { uid: officeId } }, where: { folder_number: officeFolderNumber, office: { uid: officeId } },
}); });
if (officeFoldersWithSameNumber.length) { if (officeFoldersWithSameNumber.length) {
response.sendStatus(HttpCodes.BAD_REQUEST); response.status(HttpCodes.BAD_REQUEST).send("Office number already used");
return; return;
} }
} }
@ -45,12 +46,12 @@ export default async function folderHandler(req: Request, response: Response, ne
const officeFolder = await officeFolderService.getByUidWithOffice(uid!); const officeFolder = await officeFolderService.getByUidWithOffice(uid!);
if (!officeFolder) { if (!officeFolder) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Office folder not found");
return; return;
} }
if (officeFolder.office.uid != officeId) { if (officeFolder.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }

6
src/app/middlewares/OfficeMembershipHandlers/OfficeRoleHandler.ts
View File

@ -9,7 +9,7 @@ export default async function officeRoleHandler(req: Request, response: Response
const office = req.body.office; const office = req.body.office;
if (office && office.uid != officeId) { if (office && office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
@ -18,12 +18,12 @@ export default async function officeRoleHandler(req: Request, response: Response
const officeRole = await officeRoleService.getByUidWithOffice(uid!); const officeRole = await officeRoleService.getByUidWithOffice(uid!);
if (!officeRole) { if (!officeRole) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("Office role not found");
return; return;
} }
if (officeRole.office.uid != officeId) { if (officeRole.office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }

6
src/app/middlewares/OfficeMembershipHandlers/UserHandler.ts
View File

@ -9,7 +9,7 @@ export default async function userHandler(req: Request, response: Response, next
const office = req.body.office_membership; const office = req.body.office_membership;
if (office && office.uid != officeId) { if (office && office.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
@ -18,12 +18,12 @@ export default async function userHandler(req: Request, response: Response, next
const user = await userService.getByUidWithOffice(uid!); const user = await userService.getByUidWithOffice(uid!);
if (!user) { if (!user) {
response.sendStatus(HttpCodes.NOT_FOUND); response.status(HttpCodes.NOT_FOUND).send("User not found");
return; return;
} }
if (user.office_membership.uid != officeId) { if (user.office_membership.uid != officeId) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
return; return;
} }
} }

4
src/app/middlewares/RulesHandler.ts
View File

@ -8,12 +8,12 @@ export default async function ruleHandler(req: Request, response: Response, next
const role = req.body.user.role; const role = req.body.user.role;
if (namespace != "notary" && role != namespace) { if (namespace != "notary" && role != namespace) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this role");
return; return;
} }
if (!rules.includes(req.method + " " + service)) { if (!rules.includes(req.method + " " + service)) {
response.sendStatus(HttpCodes.UNAUTHORIZED); response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with those rules");
return; return;
} }