add error messages for middlewares
This commit is contained in:
OxSaitama
parent
ecd9d80d58
commit
ae4812c0dc
@ -8,14 +8,14 @@ export default function authHandler(req: Request, response: Response, next: Next
|
||||
const token = authHeader && authHeader.split(" ")[1];
|
||||
|
||||
if (!token) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Missing token in authorization header");
|
||||
return;
|
||||
}
|
||||
|
||||
const authService = Container.get(AuthService);
|
||||
authService.verifyAccessToken(token, (err, userPayload) => {
|
||||
if (err) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Error while verifying token");
|
||||
return;
|
||||
}
|
||||
req.body.user = userPayload;
|
||||
|
||||
@ -8,7 +8,7 @@ export default async function documentHandler(req: Request, response: Response,
|
||||
const uid = req.path && req.path.split("/")[5];
|
||||
|
||||
if(!uid) {
|
||||
response.sendStatus(HttpCodes.BAD_REQUEST);
|
||||
response.status(HttpCodes.BAD_REQUEST).send("Missing document uid");
|
||||
return;
|
||||
}
|
||||
|
||||
@ -16,7 +16,7 @@ export default async function documentHandler(req: Request, response: Response,
|
||||
const document = await documentService.getByUid(uid);
|
||||
|
||||
if(document?.depositor_uid != customerId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@ -13,11 +13,11 @@ export default async function fileHandler(req: Request, response: Response, next
|
||||
const fileService = Container.get(FilesService);
|
||||
const file = await fileService.getByUidWithDocument(uid);
|
||||
if (!file) {
|
||||
response.sendStatus(HttpCodes.BAD_REQUEST);
|
||||
response.status(HttpCodes.NOT_FOUND).send("File not found");
|
||||
return;
|
||||
}
|
||||
if (file.document.depositor_uid != customerId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -26,11 +26,11 @@ export default async function fileHandler(req: Request, response: Response, next
|
||||
const documentService = Container.get(DocumentsService);
|
||||
const documentFound = await documentService.getByUid(document.uid!);
|
||||
if(!documentFound) {
|
||||
response.sendStatus(HttpCodes.BAD_REQUEST);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Document not found");
|
||||
return;
|
||||
}
|
||||
if (documentFound.depositor_uid != customerId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this depositor");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@ -15,12 +15,12 @@ export default async function deedHandler(req: Request, response: Response, next
|
||||
const deed = await deedService.getByUidWithOffice(uid);
|
||||
|
||||
if (!deed) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Deed not found");
|
||||
return;
|
||||
}
|
||||
|
||||
if (deed.deed_type.office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -30,11 +30,11 @@ export default async function deedHandler(req: Request, response: Response, next
|
||||
documentTypes.forEach(async (documentType) => {
|
||||
const deedTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
|
||||
if (!deedTypeWithOffice) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
|
||||
return;
|
||||
}
|
||||
if (deedTypeWithOffice.office?.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
});
|
||||
|
||||
@ -12,7 +12,7 @@ export default async function deedTypeHandler(req: Request, response: Response,
|
||||
const office = req.body.office;
|
||||
|
||||
if (office && office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
|
||||
@ -21,12 +21,12 @@ export default async function deedTypeHandler(req: Request, response: Response,
|
||||
const deedType = await deedTypeService.getByUidWithOffice(uid!);
|
||||
|
||||
if (!deedType) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Deed type not found");
|
||||
return;
|
||||
}
|
||||
|
||||
if (deedType.office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -36,11 +36,11 @@ export default async function deedTypeHandler(req: Request, response: Response,
|
||||
documentTypes.forEach(async (documentType) => {
|
||||
const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
|
||||
if (!documentTypeWithOffice) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Document type not found");
|
||||
return;
|
||||
}
|
||||
if (documentTypeWithOffice.office?.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
});
|
||||
|
||||
@ -17,11 +17,11 @@ export default async function documentHandler(req: Request, response: Response,
|
||||
const officeFolderService = Container.get(OfficeFoldersService);
|
||||
const officeFolderWithOffice = await officeFolderService.getByUidWithOffice(folder.uid!);
|
||||
if (!officeFolderWithOffice) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Folder not found");
|
||||
return;
|
||||
}
|
||||
if (officeFolderWithOffice.office?.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -30,11 +30,11 @@ export default async function documentHandler(req: Request, response: Response,
|
||||
const documentTypeService = Container.get(DocumentTypesService);
|
||||
const documentTypeWithOffice = await documentTypeService.getByUidWithOffice(documentType.uid!);
|
||||
if (!documentTypeWithOffice) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Document type not found");
|
||||
return;
|
||||
}
|
||||
if (documentTypeWithOffice.office?.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@ -9,7 +9,7 @@ export default async function documentTypeHandler(req: Request, response: Respon
|
||||
const office = req.body.office;
|
||||
|
||||
if (office && office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
|
||||
@ -18,12 +18,12 @@ export default async function documentTypeHandler(req: Request, response: Respon
|
||||
const documentType = await documentTypeService.getByUidWithOffice(uid!);
|
||||
|
||||
if (!documentType) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Document type not found");
|
||||
return;
|
||||
}
|
||||
|
||||
if (documentType.office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@ -13,11 +13,11 @@ export default async function fileHandler(req: Request, response: Response, next
|
||||
const documentService = Container.get(DocumentsService);
|
||||
const documentWithOffice = await documentService.getByUidWithOffice(document.uid!);
|
||||
if (!documentWithOffice) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Document not found");
|
||||
return;
|
||||
}
|
||||
if (documentWithOffice.folder.office?.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -29,11 +29,11 @@ export default async function fileHandler(req: Request, response: Response, next
|
||||
const file = await fileService.getByUidWithOffice(uid!);
|
||||
|
||||
if (!file) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("File not found");
|
||||
return;
|
||||
}
|
||||
if (file.document.folder.office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@ -12,7 +12,8 @@ export default async function folderHandler(req: Request, response: Response, ne
|
||||
const deed = req.body.deed;
|
||||
|
||||
if (office && office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
console.log("wrong office");
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
|
||||
@ -24,7 +25,7 @@ export default async function folderHandler(req: Request, response: Response, ne
|
||||
return;
|
||||
}
|
||||
if (deedWithOffice.deed_type.office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this deed type");
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -36,7 +37,7 @@ export default async function folderHandler(req: Request, response: Response, ne
|
||||
where: { folder_number: officeFolderNumber, office: { uid: officeId } },
|
||||
});
|
||||
if (officeFoldersWithSameNumber.length) {
|
||||
response.sendStatus(HttpCodes.BAD_REQUEST);
|
||||
response.status(HttpCodes.BAD_REQUEST).send("Office number already used");
|
||||
return;
|
||||
}
|
||||
}
|
||||
@ -45,12 +46,12 @@ export default async function folderHandler(req: Request, response: Response, ne
|
||||
const officeFolder = await officeFolderService.getByUidWithOffice(uid!);
|
||||
|
||||
if (!officeFolder) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Office folder not found");
|
||||
return;
|
||||
}
|
||||
|
||||
if (officeFolder.office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@ -9,7 +9,7 @@ export default async function officeRoleHandler(req: Request, response: Response
|
||||
const office = req.body.office;
|
||||
|
||||
if (office && office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
|
||||
@ -18,12 +18,12 @@ export default async function officeRoleHandler(req: Request, response: Response
|
||||
const officeRole = await officeRoleService.getByUidWithOffice(uid!);
|
||||
|
||||
if (!officeRole) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("Office role not found");
|
||||
return;
|
||||
}
|
||||
|
||||
if (officeRole.office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@ -9,7 +9,7 @@ export default async function userHandler(req: Request, response: Response, next
|
||||
const office = req.body.office_membership;
|
||||
|
||||
if (office && office.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
|
||||
@ -18,12 +18,12 @@ export default async function userHandler(req: Request, response: Response, next
|
||||
const user = await userService.getByUidWithOffice(uid!);
|
||||
|
||||
if (!user) {
|
||||
response.sendStatus(HttpCodes.NOT_FOUND);
|
||||
response.status(HttpCodes.NOT_FOUND).send("User not found");
|
||||
return;
|
||||
}
|
||||
|
||||
if (user.office_membership.uid != officeId) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this office");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
@ -8,12 +8,12 @@ export default async function ruleHandler(req: Request, response: Response, next
|
||||
const role = req.body.user.role;
|
||||
|
||||
if (namespace != "notary" && role != namespace) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with this role");
|
||||
return;
|
||||
}
|
||||
|
||||
if (!rules.includes(req.method + " " + service)) {
|
||||
response.sendStatus(HttpCodes.UNAUTHORIZED);
|
||||
response.status(HttpCodes.UNAUTHORIZED).send("Not authorized with those rules");
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user