removed 401 errors and replaced with 403
This commit is contained in:
@@ -27,6 +27,7 @@ import fixStartChunkLength from "./utils/fixStartChunkLength";
|
||||
import Folder, { FolderInterface } from "../../models/folder";
|
||||
import addToStoageSize from "./utils/addToStorageSize";
|
||||
import subtractFromStorageSize from "./utils/subtractFromStorageSize";
|
||||
import ForbiddenError from "../../utils/ForbiddenError";
|
||||
const StreamSkip = require("stream-skip");
|
||||
|
||||
const dbUtilsFile = new DbUtilFile();
|
||||
@@ -42,7 +43,7 @@ class FileSystemService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const initVect = crypto.randomBytes(16);
|
||||
|
||||
@@ -113,7 +114,7 @@ class FileSystemService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const initVect = crypto.randomBytes(16);
|
||||
|
||||
@@ -158,7 +159,7 @@ class FileSystemService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const filePath = currentFile.metadata.filePath!;
|
||||
|
||||
@@ -187,7 +188,7 @@ class FileSystemService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const filePath = currentFile.metadata.filePath!;
|
||||
|
||||
@@ -206,13 +207,13 @@ class FileSystemService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface;
|
||||
|
||||
if (thumbnail.owner !== user._id.toString()) {
|
||||
|
||||
throw new NotAuthorizedError('Thumbnail Unauthorized Error');
|
||||
throw new ForbiddenError('Thumbnail Unauthorized Error');
|
||||
}
|
||||
|
||||
const iv = thumbnail.IV!;
|
||||
@@ -242,7 +243,7 @@ class FileSystemService implements ChunkInterface {
|
||||
const password = user.getEncryptionKey();
|
||||
const IV = file.metadata.IV.buffer as Buffer;
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const readStream = fs.createReadStream(file.metadata.filePath!);
|
||||
|
||||
@@ -276,7 +277,7 @@ class FileSystemService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const fileSize = currentFile.metadata.size;
|
||||
|
||||
@@ -381,7 +382,7 @@ class FileSystemService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key");
|
||||
|
||||
const IV = file.metadata.IV.buffer as Buffer;
|
||||
|
||||
|
||||
@@ -22,6 +22,7 @@ import getPrevIVMongo from "./utils/getPrevIVMongo";
|
||||
import awaitStreamVideo from "./utils/awaitStreamVideo";
|
||||
import addToStoageSize from "./utils/addToStorageSize";
|
||||
import subtractFromStorageSize from "./utils/subtractFromStorageSize";
|
||||
import ForbiddenError from "../../utils/ForbiddenError";
|
||||
|
||||
const conn = mongoose.connection;
|
||||
|
||||
@@ -37,7 +38,7 @@ class MongoService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
let bucketStream: GridFSBucketWriteStream;
|
||||
|
||||
@@ -96,7 +97,7 @@ class MongoService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const initVect = crypto.randomBytes(16);
|
||||
|
||||
@@ -140,7 +141,7 @@ class MongoService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const bucket = new mongoose.mongo.GridFSBucket(conn.db);
|
||||
|
||||
@@ -168,7 +169,7 @@ class MongoService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const bucket = new mongoose.mongo.GridFSBucket(conn.db);
|
||||
|
||||
@@ -186,13 +187,13 @@ class MongoService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface;
|
||||
|
||||
if (thumbnail.owner !== user._id.toString()) {
|
||||
|
||||
throw new NotAuthorizedError('Thumbnail Unauthorized Error');
|
||||
throw new ForbiddenError('Thumbnail Unauthorized Error');
|
||||
}
|
||||
|
||||
const iv = thumbnail.data.slice(0, 16);
|
||||
@@ -220,7 +221,7 @@ class MongoService implements ChunkInterface {
|
||||
const password = user.getEncryptionKey();
|
||||
const IV = file.metadata.IV.buffer as Buffer;
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const readStream = bucket.openDownloadStream(new ObjectID(fileID))
|
||||
|
||||
@@ -249,7 +250,7 @@ class MongoService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key");
|
||||
|
||||
const bucket = new mongoose.mongo.GridFSBucket(conn.db);
|
||||
|
||||
@@ -292,7 +293,7 @@ class MongoService implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const fileSize = currentFile.metadata.size;
|
||||
|
||||
|
||||
@@ -26,6 +26,7 @@ import DbUtilFile from "../../db/utils/fileUtils/index";
|
||||
import s3Auth from "../../db/S3Personal";
|
||||
import addToStoageSize from "./utils/addToStorageSize";
|
||||
import subtractFromStorageSize from "./utils/subtractFromStorageSize";
|
||||
import ForbiddenError from "../../utils/ForbiddenError";
|
||||
|
||||
const dbUtilsFile = new DbUtilFile();
|
||||
|
||||
@@ -39,7 +40,7 @@ class S3Service implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const initVect = crypto.randomBytes(16);
|
||||
|
||||
@@ -116,7 +117,7 @@ class S3Service implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const initVect = crypto.randomBytes(16);
|
||||
|
||||
@@ -191,7 +192,7 @@ class S3Service implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key");
|
||||
|
||||
const {s3Storage, bucket} = await this.getS3Auth(currentFile, user);
|
||||
|
||||
@@ -224,7 +225,7 @@ class S3Service implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key");
|
||||
|
||||
const {s3Storage, bucket} = await this.getS3Auth(currentFile, user);
|
||||
|
||||
@@ -258,7 +259,7 @@ class S3Service implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const fileSize = currentFile.metadata.size;
|
||||
|
||||
@@ -367,13 +368,13 @@ class S3Service implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface;
|
||||
|
||||
if (thumbnail.owner !== user._id.toString()) {
|
||||
|
||||
throw new NotAuthorizedError('Thumbnail Unauthorized Error');
|
||||
throw new ForbiddenError('Thumbnail Unauthorized Error');
|
||||
}
|
||||
|
||||
const iv = thumbnail.IV!;
|
||||
@@ -406,7 +407,7 @@ class S3Service implements ChunkInterface {
|
||||
const password = user.getEncryptionKey();
|
||||
const IV = file.metadata.IV.buffer as Buffer;
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const {s3Storage, bucket} = await this.getS3Auth(file, user);
|
||||
|
||||
@@ -439,7 +440,7 @@ class S3Service implements ChunkInterface {
|
||||
|
||||
const password = user.getEncryptionKey();
|
||||
|
||||
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key");
|
||||
|
||||
const IV = file.metadata.IV.buffer as Buffer;
|
||||
|
||||
|
||||
@@ -11,6 +11,7 @@ import { google } from "googleapis";
|
||||
import jwt from "jsonwebtoken"
|
||||
import sendVerificationEmail from "../../utils/sendVerificationEmail";
|
||||
import sendPasswordResetEmail from "../../utils/sendPasswordResetEmail";
|
||||
import ForbiddenError from "../../utils/ForbiddenError";
|
||||
|
||||
type UserDataType = {
|
||||
email: string,
|
||||
@@ -132,7 +133,7 @@ class UserService {
|
||||
|
||||
const isMatch = await bcrypt.compare(oldPassword, user.password);
|
||||
|
||||
if (!isMatch) throw new NotAuthorizedError("Change Passwords Do Not Match Error");
|
||||
if (!isMatch) throw new ForbiddenError("Change Passwords Do Not Match Error");
|
||||
|
||||
const encryptionKey = user.getEncryptionKey();
|
||||
|
||||
@@ -276,7 +277,7 @@ class UserService {
|
||||
user.emailVerified = true;
|
||||
await user.save();
|
||||
} else {
|
||||
throw new NotAuthorizedError('Email Token Verification Failed')
|
||||
throw new ForbiddenError('Email Token Verification Failed')
|
||||
}
|
||||
}
|
||||
|
||||
@@ -294,7 +295,7 @@ class UserService {
|
||||
await sendVerificationEmail(user, emailToken);
|
||||
|
||||
} else {
|
||||
throw new NotAuthorizedError("Email Already Authorized")
|
||||
throw new ForbiddenError("Email Already Authorized")
|
||||
}
|
||||
}
|
||||
|
||||
@@ -333,7 +334,7 @@ class UserService {
|
||||
await user.changeEncryptionKey(encryptionKey!);
|
||||
|
||||
} else {
|
||||
throw new NotAuthorizedError("Reset Password Token Do Not Match")
|
||||
throw new ForbiddenError("Reset Password Token Do Not Match")
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user