removed 401 errors and replaced with 403

This commit is contained in:
kyle hoell
2020-12-03 03:42:12 -05:00
parent 170c93c486
commit 4270852346
4 changed files with 35 additions and 31 deletions
@@ -27,6 +27,7 @@ import fixStartChunkLength from "./utils/fixStartChunkLength";
import Folder, { FolderInterface } from "../../models/folder";
import addToStoageSize from "./utils/addToStorageSize";
import subtractFromStorageSize from "./utils/subtractFromStorageSize";
import ForbiddenError from "../../utils/ForbiddenError";
const StreamSkip = require("stream-skip");
const dbUtilsFile = new DbUtilFile();
@@ -42,7 +43,7 @@ class FileSystemService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const initVect = crypto.randomBytes(16);
@@ -113,7 +114,7 @@ class FileSystemService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const initVect = crypto.randomBytes(16);
@@ -158,7 +159,7 @@ class FileSystemService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const filePath = currentFile.metadata.filePath!;
@@ -187,7 +188,7 @@ class FileSystemService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const filePath = currentFile.metadata.filePath!;
@@ -206,13 +207,13 @@ class FileSystemService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface;
if (thumbnail.owner !== user._id.toString()) {
throw new NotAuthorizedError('Thumbnail Unauthorized Error');
throw new ForbiddenError('Thumbnail Unauthorized Error');
}
const iv = thumbnail.IV!;
@@ -242,7 +243,7 @@ class FileSystemService implements ChunkInterface {
const password = user.getEncryptionKey();
const IV = file.metadata.IV.buffer as Buffer;
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const readStream = fs.createReadStream(file.metadata.filePath!);
@@ -276,7 +277,7 @@ class FileSystemService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const fileSize = currentFile.metadata.size;
@@ -381,7 +382,7 @@ class FileSystemService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
if (!password) throw new ForbiddenError("Invalid Encryption Key");
const IV = file.metadata.IV.buffer as Buffer;
+10 -9
View File
@@ -22,6 +22,7 @@ import getPrevIVMongo from "./utils/getPrevIVMongo";
import awaitStreamVideo from "./utils/awaitStreamVideo";
import addToStoageSize from "./utils/addToStorageSize";
import subtractFromStorageSize from "./utils/subtractFromStorageSize";
import ForbiddenError from "../../utils/ForbiddenError";
const conn = mongoose.connection;
@@ -37,7 +38,7 @@ class MongoService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
let bucketStream: GridFSBucketWriteStream;
@@ -96,7 +97,7 @@ class MongoService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const initVect = crypto.randomBytes(16);
@@ -140,7 +141,7 @@ class MongoService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const bucket = new mongoose.mongo.GridFSBucket(conn.db);
@@ -168,7 +169,7 @@ class MongoService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const bucket = new mongoose.mongo.GridFSBucket(conn.db);
@@ -186,13 +187,13 @@ class MongoService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface;
if (thumbnail.owner !== user._id.toString()) {
throw new NotAuthorizedError('Thumbnail Unauthorized Error');
throw new ForbiddenError('Thumbnail Unauthorized Error');
}
const iv = thumbnail.data.slice(0, 16);
@@ -220,7 +221,7 @@ class MongoService implements ChunkInterface {
const password = user.getEncryptionKey();
const IV = file.metadata.IV.buffer as Buffer;
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const readStream = bucket.openDownloadStream(new ObjectID(fileID))
@@ -249,7 +250,7 @@ class MongoService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
if (!password) throw new ForbiddenError("Invalid Encryption Key");
const bucket = new mongoose.mongo.GridFSBucket(conn.db);
@@ -292,7 +293,7 @@ class MongoService implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const fileSize = currentFile.metadata.size;
+10 -9
View File
@@ -26,6 +26,7 @@ import DbUtilFile from "../../db/utils/fileUtils/index";
import s3Auth from "../../db/S3Personal";
import addToStoageSize from "./utils/addToStorageSize";
import subtractFromStorageSize from "./utils/subtractFromStorageSize";
import ForbiddenError from "../../utils/ForbiddenError";
const dbUtilsFile = new DbUtilFile();
@@ -39,7 +40,7 @@ class S3Service implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const initVect = crypto.randomBytes(16);
@@ -116,7 +117,7 @@ class S3Service implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const initVect = crypto.randomBytes(16);
@@ -191,7 +192,7 @@ class S3Service implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
if (!password) throw new ForbiddenError("Invalid Encryption Key");
const {s3Storage, bucket} = await this.getS3Auth(currentFile, user);
@@ -224,7 +225,7 @@ class S3Service implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
if (!password) throw new ForbiddenError("Invalid Encryption Key");
const {s3Storage, bucket} = await this.getS3Auth(currentFile, user);
@@ -258,7 +259,7 @@ class S3Service implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const fileSize = currentFile.metadata.size;
@@ -367,13 +368,13 @@ class S3Service implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface;
if (thumbnail.owner !== user._id.toString()) {
throw new NotAuthorizedError('Thumbnail Unauthorized Error');
throw new ForbiddenError('Thumbnail Unauthorized Error');
}
const iv = thumbnail.IV!;
@@ -406,7 +407,7 @@ class S3Service implements ChunkInterface {
const password = user.getEncryptionKey();
const IV = file.metadata.IV.buffer as Buffer;
if (!password) throw new NotAuthorizedError("Invalid Encryption Key")
if (!password) throw new ForbiddenError("Invalid Encryption Key")
const {s3Storage, bucket} = await this.getS3Auth(file, user);
@@ -439,7 +440,7 @@ class S3Service implements ChunkInterface {
const password = user.getEncryptionKey();
if (!password) throw new NotAuthorizedError("Invalid Encryption Key");
if (!password) throw new ForbiddenError("Invalid Encryption Key");
const IV = file.metadata.IV.buffer as Buffer;
+5 -4
View File
@@ -11,6 +11,7 @@ import { google } from "googleapis";
import jwt from "jsonwebtoken"
import sendVerificationEmail from "../../utils/sendVerificationEmail";
import sendPasswordResetEmail from "../../utils/sendPasswordResetEmail";
import ForbiddenError from "../../utils/ForbiddenError";
type UserDataType = {
email: string,
@@ -132,7 +133,7 @@ class UserService {
const isMatch = await bcrypt.compare(oldPassword, user.password);
if (!isMatch) throw new NotAuthorizedError("Change Passwords Do Not Match Error");
if (!isMatch) throw new ForbiddenError("Change Passwords Do Not Match Error");
const encryptionKey = user.getEncryptionKey();
@@ -276,7 +277,7 @@ class UserService {
user.emailVerified = true;
await user.save();
} else {
throw new NotAuthorizedError('Email Token Verification Failed')
throw new ForbiddenError('Email Token Verification Failed')
}
}
@@ -294,7 +295,7 @@ class UserService {
await sendVerificationEmail(user, emailToken);
} else {
throw new NotAuthorizedError("Email Already Authorized")
throw new ForbiddenError("Email Already Authorized")
}
}
@@ -333,7 +334,7 @@ class UserService {
await user.changeEncryptionKey(encryptionKey!);
} else {
throw new NotAuthorizedError("Reset Password Token Do Not Match")
throw new ForbiddenError("Reset Password Token Do Not Match")
}
}