lda/telodendria
lda
/
telodendria
forked from Telodendria/Telodendria
1
1
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Set an error message with MatrixErrorCreate whenever applicable (#45) 

Closes #6.

Co-authored-by: Jordan Bancino <jordan@bancino.net>
Reviewed-on: Telodendria/Telodendria#45
Co-authored-by: lda <lda@freetards.xyz>
Co-committed-by: lda <lda@freetards.xyz>
This commit is contained in:
lda 2023-12-02 10:24:08 -05:00 committed by Jordan Bancino
parent 0a91a0c40b
commit 2c6d5194d2
19 changed files with 161 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Routes/RouteChangePwd.c
View File

@ -65,6 +65,8 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
char *token; char *token;
char *newPassword; char *newPassword;
char *msg;
Config *config = ConfigLock(db); Config *config = ConfigLock(db);
if (!config) if (!config)
@ -78,8 +80,9 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "Route only supports POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
@ -118,9 +121,10 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
newPassword = JsonValueAsString(HashMapGet(request, "new_password")); newPassword = JsonValueAsString(HashMapGet(request, "new_password"));
if (!newPassword) if (!newPassword)
{ {
msg = "'new_password' is unset or not a string.";
JsonFree(request); JsonFree(request);
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
goto finish; goto finish;
} }

22
src/Routes/RouteConfig.c
View File

@ -33,6 +33,7 @@ ROUTE_IMPL(RouteConfig, path, argp)
RouteArgs *args = argp; RouteArgs *args = argp;
HashMap *response; HashMap *response;
char *token; char *token;
char *msg;
User *user = NULL; User *user = NULL;
Config *config = NULL; Config *config = NULL;
@ -59,17 +60,19 @@ ROUTE_IMPL(RouteConfig, path, argp)
if (!(UserGetPrivileges(user) & USER_CONFIG)) if (!(UserGetPrivileges(user) & USER_CONFIG))
{ {
msg = "User does not have the 'CONFIG' privilege.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
config = ConfigLock(args->matrixArgs->db); config = ConfigLock(args->matrixArgs->db);
if (!config) if (!config)
{ {
msg = "Internal server error while locking configuration.";
Log(LOG_ERR, "Config endpoint failed to lock configuration."); Log(LOG_ERR, "Config endpoint failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }
@ -90,8 +93,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
newConf = ConfigParse(request); newConf = ConfigParse(request);
if (!newConf) if (!newConf)
{ {
msg = "Internal server error while parsing config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
break; break;
} }
@ -108,8 +112,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
} }
else else
{ {
msg = "Internal server error while writing the config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
} }
} }
else else
@ -137,8 +142,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
if (!newConf) if (!newConf)
{ {
msg = "Internal server error while parsing config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
break; break;
} }
@ -155,8 +161,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
} }
else else
{ {
msg = "Internal server error while writing the config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
} }
} }
else else
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
JsonFree(newJson); JsonFree(newJson);
break; break;
default: default:
msg = "Unknown request method.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method."); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break; break;
} }

3
src/Routes/RouteCreateRoom.c
View File

@ -41,8 +41,9 @@ ROUTE_IMPL(RouteCreateRoom, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
err = "Unknown request method.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method."); response = MatrixErrorCreate(M_UNRECOGNIZED, err);
goto finish; goto finish;
} }

8
src/Routes/RouteDeactivate.c
View File

@ -47,6 +47,8 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
User *user = NULL; User *user = NULL;
Config *config = ConfigLock(db); Config *config = ConfigLock(db);
char *msg;
(void) path; (void) path;
if (!config) if (!config)
@ -59,8 +61,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "Route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
@ -128,8 +131,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL)) if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL))
{ {
msg = "Internal server error: couldn't remove user properly.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }

20
src/Routes/RouteFilter.c
View File

@ -69,6 +69,8 @@ ROUTE_IMPL(RouteFilter, path, argp)
char *userParam = ArrayGet(path, 0); char *userParam = ArrayGet(path, 0);
char *msg;
if (!userParam) if (!userParam)
{ {
/* Should be impossible */ /* Should be impossible */
@ -87,15 +89,17 @@ ROUTE_IMPL(RouteFilter, path, argp)
id = UserIdParse(userParam, serverName); id = UserIdParse(userParam, serverName);
if (!id) if (!id)
{ {
msg = "Invalid user ID.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL); response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish; goto finish;
} }
if (!StrEquals(id->server, serverName)) if (!StrEquals(id->server, serverName))
{ {
msg = "Cannot use /filter for non-local users.";
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
response = MatrixErrorCreate(M_UNAUTHORIZED, NULL); response = MatrixErrorCreate(M_UNAUTHORIZED, msg);
goto finish; goto finish;
} }
@ -115,8 +119,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
if (!StrEquals(id->localpart, UserGetName(user))) if (!StrEquals(id->localpart, UserGetName(user)))
{ {
msg = "Unauthorized to use /filter.";
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL); response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish; goto finish;
} }
@ -126,8 +131,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
if (!ref) if (!ref)
{ {
msg = "The filter for this user was not found.";
HttpResponseStatus(args->context, HTTP_NOT_FOUND); HttpResponseStatus(args->context, HTTP_NOT_FOUND);
response = MatrixErrorCreate(M_NOT_FOUND, NULL); response = MatrixErrorCreate(M_NOT_FOUND, msg);
goto finish; goto finish;
} }
@ -161,8 +167,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
filterId = StrRandom(12); filterId = StrRandom(12);
if (!filterId) if (!filterId)
{ {
msg = "Couldn't generate random filter ID; this is unintended.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
if (!ref) if (!ref)
{ {
Free(filterId); Free(filterId);
msg = "Couldn't write filter to the database, this is unintended.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }

25
src/Routes/RouteLogin.c
View File

@ -107,8 +107,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (loginRequest.type != REQUEST_TYPE_PASSWORD) if (loginRequest.type != REQUEST_TYPE_PASSWORD)
{ {
msg = "Unsupported login type.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break; break;
} }
@ -117,6 +118,7 @@ ROUTE_IMPL(RouteLogin, path, argp)
val = HashMapGet(identifier, "type"); val = HashMapGet(identifier, "type");
if (!val) if (!val)
{ {
msg = "No login identifier type set.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_MISSING_PARAM, NULL); response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
break; break;
@ -124,16 +126,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (JsonValueType(val) != JSON_STRING) if (JsonValueType(val) != JSON_STRING)
{ {
msg = "Invalid login identifier type.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
break; break;
} }
type = JsonValueAsString(val); type = JsonValueAsString(val);
if (!StrEquals(type, "m.id.user")) if (!StrEquals(type, "m.id.user"))
{ {
msg = "Invalid login identifier type.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break; break;
} }
if (!LoginRequestUserIdentifierFromJson(identifier, if (!LoginRequestUserIdentifierFromJson(identifier,
@ -148,16 +152,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
userId = UserIdParse(userIdentifier.user, config->serverName); userId = UserIdParse(userIdentifier.user, config->serverName);
if (!userId) if (!userId)
{ {
msg = "Invalid user ID.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
break; break;
} }
if (!StrEquals(userId->server, config->serverName) if (!StrEquals(userId->server, config->serverName)
|| !UserExists(db, userId->localpart)) || !UserExists(db, userId->localpart))
{ {
msg = "Unknown user ID.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
break; break;
} }
@ -171,8 +177,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (!user) if (!user)
{ {
msg = "Couldn't lock user.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
break; break;
} }
@ -190,10 +197,11 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (!loginInfo) if (!loginInfo)
{ {
msg = "Invalid creditentials for user.";
UserUnlock(user); UserUnlock(user);
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
break; break;
} }
@ -229,8 +237,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
break; break;
default: default:
msg = "Route only accepts GET and POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break; break;
} }

8
src/Routes/RouteLogout.c
View File

@ -38,14 +38,17 @@ ROUTE_IMPL(RouteLogout, path, argp)
char *tokenstr; char *tokenstr;
char *msg;
Db *db = args->matrixArgs->db; Db *db = args->matrixArgs->db;
User *user; User *user;
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "This route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
response = MatrixGetAccessToken(args->context, &tokenstr); response = MatrixGetAccessToken(args->context, &tokenstr);
@ -84,8 +87,9 @@ ROUTE_IMPL(RouteLogout, path, argp)
{ {
if (!UserDeleteToken(user, tokenstr)) if (!UserDeleteToken(user, tokenstr))
{ {
msg = "Internal server error: couldn't delete token.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }

17
src/Routes/RoutePrivileges.c
View File

@ -39,6 +39,8 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
JsonValue *val; JsonValue *val;
int privileges; int privileges;
char *msg;
response = MatrixGetAccessToken(args->context, &token); response = MatrixGetAccessToken(args->context, &token);
if (response) if (response)
{ {
@ -55,8 +57,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES)) if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES))
{ {
msg = "User doesn't have the GRANT_PRIVILEGES privilege";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
@ -68,8 +71,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
user = UserLock(args->matrixArgs->db, ArrayGet(path, 0)); user = UserLock(args->matrixArgs->db, ArrayGet(path, 0));
if (!user) if (!user)
{ {
msg = "Unknown user.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL); response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish; goto finish;
} }
} }
@ -90,8 +94,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
val = HashMapGet(request, "privileges"); val = HashMapGet(request, "privileges");
if (!val || JsonValueType(val) != JSON_ARRAY) if (!val || JsonValueType(val) != JSON_ARRAY)
{ {
msg = "'privileges' is unset or not an array.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
break; break;
} }
@ -116,8 +121,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
if (!UserSetPrivileges(user, privileges)) if (!UserSetPrivileges(user, privileges))
{ {
msg = "Internal server error: couldn't set privileges.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
break; break;
} }
@ -127,8 +133,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user)))); HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user))));
break; break;
default: default:
msg = "Route only accepts POST, PUT, DELETE, and GET.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
break; break;
} }

11
src/Routes/RouteProcControl.c
View File

@ -37,6 +37,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
char *op = ArrayGet(path, 0); char *op = ArrayGet(path, 0);
HashMap *response; HashMap *response;
char *token; char *token;
char *msg;
User *user = NULL; User *user = NULL;
response = MatrixGetAccessToken(args->context, &token); response = MatrixGetAccessToken(args->context, &token);
@ -55,11 +56,13 @@ ROUTE_IMPL(RouteProcControl, path, argp)
if (!(UserGetPrivileges(user) & USER_PROC_CONTROL)) if (!(UserGetPrivileges(user) & USER_PROC_CONTROL))
{ {
msg = "User doesn't have PROC_CONTROL privilege.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
msg = "Unknown operation.";
switch (HttpRequestMethodGet(args->context)) switch (HttpRequestMethodGet(args->context))
{ {
case HTTP_POST: case HTTP_POST:
@ -74,7 +77,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
else else
{ {
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
break; break;
@ -106,12 +109,12 @@ ROUTE_IMPL(RouteProcControl, path, argp)
else else
{ {
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
default: default:
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
break; break;
} }

8
src/Routes/RouteRefresh.c
View File

@ -45,6 +45,8 @@ ROUTE_IMPL(RouteRefresh, path, argp)
UserAccessToken *newAccessToken; UserAccessToken *newAccessToken;
char *deviceId; char *deviceId;
char *msg;
Db *db = args->matrixArgs->db; Db *db = args->matrixArgs->db;
User *user = NULL; User *user = NULL;
@ -55,8 +57,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "This route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
request = JsonDecode(HttpServerStream(args->context)); request = JsonDecode(HttpServerStream(args->context));
@ -69,8 +72,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
val = HashMapGet(request, "refresh_token"); val = HashMapGet(request, "refresh_token");
if (!val || JsonValueType(val) != JSON_STRING) if (!val || JsonValueType(val) != JSON_STRING)
{ {
msg = "'refresh_token' is unset or not a string.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
goto finish; goto finish;
} }

6
src/Routes/RouteRegister.c
View File

@ -86,9 +86,10 @@ ROUTE_IMPL(RouteRegister, path, argp)
if (!config) if (!config)
{ {
msg = "Internal server error while locking configuration.";
Log(LOG_ERR, "Registration endpoint failed to lock configuration."); Log(LOG_ERR, "Registration endpoint failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL); return MatrixErrorCreate(M_UNKNOWN, msg);
} }
if (ArraySize(path) == 0) if (ArraySize(path) == 0)
@ -254,8 +255,9 @@ finish:
if (!username) if (!username)
{ {
msg = "'username' path parameter is not set.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_MISSING_PARAM, NULL); response = MatrixErrorCreate(M_MISSING_PARAM, msg);
} }
else if (!UserValidate(username, config->serverName)) else if (!UserValidate(username, config->serverName))
{ {

3
src/Routes/RouteRequestToken.c
View File

@ -54,8 +54,9 @@ ROUTE_IMPL(RouteRequestToken, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "This route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
request = JsonDecode(HttpServerStream(args->context)); request = JsonDecode(HttpServerStream(args->context));

4
src/Routes/RouteStaticResources.c
View File

@ -47,8 +47,8 @@ ROUTE_IMPL(RouteStaticResources, path, argp)
"function findGetParameter(parameterName) {" "function findGetParameter(parameterName) {"
" var result = null;" " var result = null;"
" var tmp = [];" " var tmp = [];"
" var items = location.search.substr(1).split(\"&\");" " var items = location.search.substr(1).split(\"&\");"
" for (var index = 0; index < items.length; index++) {" " for (var index = 0; index < items.length; index++) {"
" tmp = items[index].split(\"=\");" " tmp = items[index].split(\"=\");"
" if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);" " if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);"
" }" " }"

4
src/Routes/RouteTokenValid.c
View File

@ -41,13 +41,15 @@ ROUTE_IMPL(RouteTokenValid, path, argp)
RegTokenInfo *info = NULL; RegTokenInfo *info = NULL;
char *tokenstr; char *tokenstr;
char *msg;
(void) path; (void) path;
if (HttpRequestMethodGet(args->context) != HTTP_GET) if (HttpRequestMethodGet(args->context) != HTTP_GET)
{ {
msg = "This route only accepts GET.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
request = JsonDecode(HttpServerStream(args->context)); request = JsonDecode(HttpServerStream(args->context));

51
src/Routes/RouteUiaFallback.c
View File

@ -36,6 +36,8 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
char *authType = ArrayGet(path, 0); char *authType = ArrayGet(path, 0);
char *sessionId; char *sessionId;
char *msg;
if (!authType) if (!authType)
{ {
/* This should never happen */ /* This should never happen */
@ -56,9 +58,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
config = ConfigLock(args->matrixArgs->db); config = ConfigLock(args->matrixArgs->db);
if (!config) if (!config)
{ {
msg = "Internal server error: failed to lock configuration.";
Log(LOG_ERR, "UIA fallback failed to lock configuration."); Log(LOG_ERR, "UIA fallback failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL); return MatrixErrorCreate(M_UNKNOWN, msg);
} }
request = JsonDecode(HttpServerStream(args->context)); request = JsonDecode(HttpServerStream(args->context));
@ -93,15 +96,17 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
} }
else if (HttpRequestMethodGet(args->context) != HTTP_GET) else if (HttpRequestMethodGet(args->context) != HTTP_GET)
{ {
msg = "Route only supports GET.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
sessionId = HashMapGet(requestParams, "session"); sessionId = HashMapGet(requestParams, "session");
if (!sessionId) if (!sessionId)
{ {
msg = "'session' parameter is unset.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_MISSING_PARAM, NULL); return MatrixErrorCreate(M_MISSING_PARAM, msg);
} }
HttpResponseHeader(args->context, "Content-Type", "text/html"); HttpResponseHeader(args->context, "Content-Type", "text/html");
@ -121,25 +126,25 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
HtmlEndForm(stream); HtmlEndForm(stream);
HtmlBeginJs(stream); HtmlBeginJs(stream);
StreamPrintf(stream, StreamPrintf(stream,
"function buildRequest() {" "function buildRequest() {"
" let user = document.getElementById('user').value;" " let user = document.getElementById('user').value;"
" let pass = document.getElementById('password').value;" " let pass = document.getElementById('password').value;"
" if (!user || !pass) {" " if (!user || !pass) {"
" setFormError('Please specify a username and password.');" " setFormError('Please specify a username and password.');"
" return false;" " return false;"
" }" " }"
" return {" " return {"
" auth: {" " auth: {"
" type: '%s'," " type: '%s',"
" identifier: {" " identifier: {"
" type: 'm.id.user'," " type: 'm.id.user',"
" user: user" " user: user"
" }," " },"
" password: pass," " password: pass,"
" session: '%s'" " session: '%s'"
" }" " }"
" };" " };"
"}", authType, sessionId); "}", authType, sessionId);
HtmlEndJs(stream); HtmlEndJs(stream);
} }
else if (StrEquals(authType, "m.login.registration_token")) else if (StrEquals(authType, "m.login.registration_token"))
@ -186,10 +191,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
"function processResponse(xhr) {" "function processResponse(xhr) {"
" let r = JSON.parse(xhr.responseText);" " let r = JSON.parse(xhr.responseText);"
" console.log(r);" " console.log(r);"
" if (xhr.status == 200 || r.completed.includes('%s')) {" " if (xhr.status == 200 || r.completed.includes('%s')) {"
" if (window.onAuthDone) {" " if (window.onAuthDone) {"
" window.onAuthDone();" " window.onAuthDone();"
" } else if (window.opener && window.opener.postMessage) {" " } else if (window.opener && window.opener.postMessage) {"
" window.opener.postMessage('authDone', '*');" " window.opener.postMessage('authDone', '*');"
" } else {" " } else {"
" setFormError('Client error.');" " setFormError('Client error.');"

23
src/Routes/RouteUserProfile.c
View File

@ -48,6 +48,8 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
char *token = NULL; char *token = NULL;
char *value = NULL; char *value = NULL;
char *msg;
Config *config = ConfigLock(db); Config *config = ConfigLock(db);
if (!config) if (!config)
@ -63,15 +65,18 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
userId = UserIdParse(username, serverName); userId = UserIdParse(username, serverName);
if (!userId) if (!userId)
{ {
msg = "Invalid user ID.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL); response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish; goto finish;
} }
if (strcmp(userId->server, serverName)) if (strcmp(userId->server, serverName))
{ {
/* TODO: Implement lookup over federation. */ /* TODO: Implement lookup over federation. */
msg = "User profile endpoint currently doesn't support lookup over "
"federation.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
@ -82,8 +87,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
user = UserLock(db, userId->localpart); user = UserLock(db, userId->localpart);
if (!user) if (!user)
{ {
msg = "Couldn't lock user.";
HttpResponseStatus(args->context, HTTP_NOT_FOUND); HttpResponseStatus(args->context, HTTP_NOT_FOUND);
response = MatrixErrorCreate(M_NOT_FOUND, NULL); response = MatrixErrorCreate(M_NOT_FOUND, msg);
goto finish; goto finish;
} }
@ -138,7 +144,7 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
StrEquals(entry, "avatar_url")) StrEquals(entry, "avatar_url"))
{ {
/* Check if user has privilege to do that action. */ /* Check if user has privilege to do that action. */
if (strcmp(userId->localpart, UserGetName(user)) == 0) if (StrEquals(userId->localpart, UserGetName(user)))
{ {
value = JsonValueAsString(HashMapGet(request, entry)); value = JsonValueAsString(HashMapGet(request, entry));
/* TODO: Make UserSetProfile notify other /* TODO: Make UserSetProfile notify other
@ -148,14 +154,16 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
goto finish; goto finish;
} }
/* User is not allowed to carry-on the action */ /* User is not allowed to carry-on the action */
msg = "Cannot change another user's profile.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
else else
{ {
msg = "Invalid property being changed.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
} }
@ -166,8 +174,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
goto finish; goto finish;
} }
default: default:
msg = "Route only accepts GET and PUT.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
break; break;
} }
finish: finish:

5
src/Routes/RouteWellKnown.c
View File

@ -37,11 +37,14 @@ ROUTE_IMPL(RouteWellKnown, path, argp)
Config *config = ConfigLock(args->matrixArgs->db); Config *config = ConfigLock(args->matrixArgs->db);
char *msg;
if (!config) if (!config)
{ {
Log(LOG_ERR, "Well-known endpoint failed to lock configuration."); Log(LOG_ERR, "Well-known endpoint failed to lock configuration.");
msg = "Internal server error: couldn't lock database.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL); return MatrixErrorCreate(M_UNKNOWN, msg);
} }
if (StrEquals(ArrayGet(path, 0), "client")) if (StrEquals(ArrayGet(path, 0), "client"))

4
src/Routes/RouteWhoami.c
View File

@ -42,14 +42,16 @@ ROUTE_IMPL(RouteWhoami, path, argp)
char *token; char *token;
char *userID; char *userID;
char *deviceID; char *deviceID;
char *msg;
Config *config = ConfigLock(db); Config *config = ConfigLock(db);
if (!config) if (!config)
{ {
msg = "Internal server error: couldn't lock database.";
Log(LOG_ERR, "Who am I endpoint failed to lock configuration."); Log(LOG_ERR, "Who am I endpoint failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL); return MatrixErrorCreate(M_UNKNOWN, msg);
} }
(void) path; (void) path;

11
src/Uia.c
View File

@ -222,6 +222,8 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
HashMap *dbJson; HashMap *dbJson;
int ret; int ret;
char *msg;
if (!flows) if (!flows)
{ {
return -1; return -1;
@ -242,8 +244,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
if (JsonValueType(val) != JSON_OBJECT) if (JsonValueType(val) != JSON_OBJECT)
{ {
msg = "'auth' is not an object.";
HttpResponseStatus(context, HTTP_BAD_REQUEST); HttpResponseStatus(context, HTTP_BAD_REQUEST);
*response = MatrixErrorCreate(M_BAD_JSON, NULL); *response = MatrixErrorCreate(M_BAD_JSON, msg);
return 0; return 0;
} }
@ -252,8 +255,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
if (!val || JsonValueType(val) != JSON_STRING) if (!val || JsonValueType(val) != JSON_STRING)
{ {
msg = "'auth->session' is unset or not a string.";
HttpResponseStatus(context, HTTP_BAD_REQUEST); HttpResponseStatus(context, HTTP_BAD_REQUEST);
*response = MatrixErrorCreate(M_BAD_JSON, NULL); *response = MatrixErrorCreate(M_BAD_JSON, msg);
return 0; return 0;
} }
@ -311,8 +315,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
if (!val || JsonValueType(val) != JSON_STRING) if (!val || JsonValueType(val) != JSON_STRING)
{ {
msg = "'auth->type' is unset or not a string.";
HttpResponseStatus(context, HTTP_BAD_REQUEST); HttpResponseStatus(context, HTTP_BAD_REQUEST);
*response = MatrixErrorCreate(M_BAD_JSON, NULL); *response = MatrixErrorCreate(M_BAD_JSON, msg);
ret = 0; ret = 0;
goto finish; goto finish;
} }