Merge branch 'master' of https://git.telodendria.io/Telodendria/Telodendria into replace-config-j2s

This commit is contained in:
lda 2023-12-02 17:15:38 +01:00
commit f6313101fd
19 changed files with 161 additions and 80 deletions

View file

@ -65,6 +65,8 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
char *token; char *token;
char *newPassword; char *newPassword;
char *msg;
Config *config = ConfigLock(db); Config *config = ConfigLock(db);
if (!config) if (!config)
@ -78,8 +80,9 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "Route only supports POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
@ -118,9 +121,10 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
newPassword = JsonValueAsString(HashMapGet(request, "new_password")); newPassword = JsonValueAsString(HashMapGet(request, "new_password"));
if (!newPassword) if (!newPassword)
{ {
msg = "'new_password' is unset or not a string.";
JsonFree(request); JsonFree(request);
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
goto finish; goto finish;
} }

View file

@ -33,6 +33,7 @@ ROUTE_IMPL(RouteConfig, path, argp)
RouteArgs *args = argp; RouteArgs *args = argp;
HashMap *response; HashMap *response;
char *token; char *token;
char *msg;
User *user = NULL; User *user = NULL;
Config *config = NULL; Config *config = NULL;
@ -59,17 +60,19 @@ ROUTE_IMPL(RouteConfig, path, argp)
if (!(UserGetPrivileges(user) & USER_CONFIG)) if (!(UserGetPrivileges(user) & USER_CONFIG))
{ {
msg = "User does not have the 'CONFIG' privilege.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
config = ConfigLock(args->matrixArgs->db); config = ConfigLock(args->matrixArgs->db);
if (!config) if (!config)
{ {
msg = "Internal server error while locking configuration.";
Log(LOG_ERR, "Config endpoint failed to lock configuration."); Log(LOG_ERR, "Config endpoint failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }
@ -90,8 +93,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
newConf = ConfigParse(request); newConf = ConfigParse(request);
if (!newConf) if (!newConf)
{ {
msg = "Internal server error while parsing config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
break; break;
} }
@ -108,8 +112,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
} }
else else
{ {
msg = "Internal server error while writing the config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
} }
} }
else else
@ -137,8 +142,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
if (!newConf) if (!newConf)
{ {
msg = "Internal server error while parsing config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
break; break;
} }
@ -155,8 +161,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
} }
else else
{ {
msg = "Internal server error while writing the config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
} }
} }
else else
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
JsonFree(newJson); JsonFree(newJson);
break; break;
default: default:
msg = "Unknown request method.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method."); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break; break;
} }

View file

@ -41,8 +41,9 @@ ROUTE_IMPL(RouteCreateRoom, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
err = "Unknown request method.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method."); response = MatrixErrorCreate(M_UNRECOGNIZED, err);
goto finish; goto finish;
} }

View file

@ -47,6 +47,8 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
User *user = NULL; User *user = NULL;
Config *config = ConfigLock(db); Config *config = ConfigLock(db);
char *msg;
(void) path; (void) path;
if (!config) if (!config)
@ -59,8 +61,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "Route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
@ -128,8 +131,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL)) if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL))
{ {
msg = "Internal server error: couldn't remove user properly.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }

View file

@ -69,6 +69,8 @@ ROUTE_IMPL(RouteFilter, path, argp)
char *userParam = ArrayGet(path, 0); char *userParam = ArrayGet(path, 0);
char *msg;
if (!userParam) if (!userParam)
{ {
/* Should be impossible */ /* Should be impossible */
@ -87,15 +89,17 @@ ROUTE_IMPL(RouteFilter, path, argp)
id = UserIdParse(userParam, serverName); id = UserIdParse(userParam, serverName);
if (!id) if (!id)
{ {
msg = "Invalid user ID.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL); response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish; goto finish;
} }
if (!StrEquals(id->server, serverName)) if (!StrEquals(id->server, serverName))
{ {
msg = "Cannot use /filter for non-local users.";
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
response = MatrixErrorCreate(M_UNAUTHORIZED, NULL); response = MatrixErrorCreate(M_UNAUTHORIZED, msg);
goto finish; goto finish;
} }
@ -115,8 +119,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
if (!StrEquals(id->localpart, UserGetName(user))) if (!StrEquals(id->localpart, UserGetName(user)))
{ {
msg = "Unauthorized to use /filter.";
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL); response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish; goto finish;
} }
@ -126,8 +131,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
if (!ref) if (!ref)
{ {
msg = "The filter for this user was not found.";
HttpResponseStatus(args->context, HTTP_NOT_FOUND); HttpResponseStatus(args->context, HTTP_NOT_FOUND);
response = MatrixErrorCreate(M_NOT_FOUND, NULL); response = MatrixErrorCreate(M_NOT_FOUND, msg);
goto finish; goto finish;
} }
@ -161,8 +167,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
filterId = StrRandom(12); filterId = StrRandom(12);
if (!filterId) if (!filterId)
{ {
msg = "Couldn't generate random filter ID; this is unintended.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
if (!ref) if (!ref)
{ {
Free(filterId); Free(filterId);
msg = "Couldn't write filter to the database, this is unintended.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }

View file

@ -107,8 +107,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (loginRequest.type != REQUEST_TYPE_PASSWORD) if (loginRequest.type != REQUEST_TYPE_PASSWORD)
{ {
msg = "Unsupported login type.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break; break;
} }
@ -117,6 +118,7 @@ ROUTE_IMPL(RouteLogin, path, argp)
val = HashMapGet(identifier, "type"); val = HashMapGet(identifier, "type");
if (!val) if (!val)
{ {
msg = "No login identifier type set.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_MISSING_PARAM, NULL); response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
break; break;
@ -124,16 +126,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (JsonValueType(val) != JSON_STRING) if (JsonValueType(val) != JSON_STRING)
{ {
msg = "Invalid login identifier type.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
break; break;
} }
type = JsonValueAsString(val); type = JsonValueAsString(val);
if (!StrEquals(type, "m.id.user")) if (!StrEquals(type, "m.id.user"))
{ {
msg = "Invalid login identifier type.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break; break;
} }
if (!LoginRequestUserIdentifierFromJson(identifier, if (!LoginRequestUserIdentifierFromJson(identifier,
@ -148,16 +152,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
userId = UserIdParse(userIdentifier.user, config->serverName); userId = UserIdParse(userIdentifier.user, config->serverName);
if (!userId) if (!userId)
{ {
msg = "Invalid user ID.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
break; break;
} }
if (!StrEquals(userId->server, config->serverName) if (!StrEquals(userId->server, config->serverName)
|| !UserExists(db, userId->localpart)) || !UserExists(db, userId->localpart))
{ {
msg = "Unknown user ID.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
break; break;
} }
@ -171,8 +177,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (!user) if (!user)
{ {
msg = "Couldn't lock user.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
break; break;
} }
@ -190,10 +197,11 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (!loginInfo) if (!loginInfo)
{ {
msg = "Invalid creditentials for user.";
UserUnlock(user); UserUnlock(user);
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
break; break;
} }
@ -229,8 +237,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
break; break;
default: default:
msg = "Route only accepts GET and POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break; break;
} }

View file

@ -38,14 +38,17 @@ ROUTE_IMPL(RouteLogout, path, argp)
char *tokenstr; char *tokenstr;
char *msg;
Db *db = args->matrixArgs->db; Db *db = args->matrixArgs->db;
User *user; User *user;
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "This route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
response = MatrixGetAccessToken(args->context, &tokenstr); response = MatrixGetAccessToken(args->context, &tokenstr);
@ -84,8 +87,9 @@ ROUTE_IMPL(RouteLogout, path, argp)
{ {
if (!UserDeleteToken(user, tokenstr)) if (!UserDeleteToken(user, tokenstr))
{ {
msg = "Internal server error: couldn't delete token.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish; goto finish;
} }

View file

@ -39,6 +39,8 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
JsonValue *val; JsonValue *val;
int privileges; int privileges;
char *msg;
response = MatrixGetAccessToken(args->context, &token); response = MatrixGetAccessToken(args->context, &token);
if (response) if (response)
{ {
@ -55,8 +57,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES)) if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES))
{ {
msg = "User doesn't have the GRANT_PRIVILEGES privilege";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
@ -68,8 +71,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
user = UserLock(args->matrixArgs->db, ArrayGet(path, 0)); user = UserLock(args->matrixArgs->db, ArrayGet(path, 0));
if (!user) if (!user)
{ {
msg = "Unknown user.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL); response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish; goto finish;
} }
} }
@ -90,8 +94,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
val = HashMapGet(request, "privileges"); val = HashMapGet(request, "privileges");
if (!val || JsonValueType(val) != JSON_ARRAY) if (!val || JsonValueType(val) != JSON_ARRAY)
{ {
msg = "'privileges' is unset or not an array.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
break; break;
} }
@ -116,8 +121,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
if (!UserSetPrivileges(user, privileges)) if (!UserSetPrivileges(user, privileges))
{ {
msg = "Internal server error: couldn't set privileges.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
break; break;
} }
@ -127,8 +133,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user)))); HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user))));
break; break;
default: default:
msg = "Route only accepts POST, PUT, DELETE, and GET.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
break; break;
} }

View file

@ -37,6 +37,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
char *op = ArrayGet(path, 0); char *op = ArrayGet(path, 0);
HashMap *response; HashMap *response;
char *token; char *token;
char *msg;
User *user = NULL; User *user = NULL;
response = MatrixGetAccessToken(args->context, &token); response = MatrixGetAccessToken(args->context, &token);
@ -55,11 +56,13 @@ ROUTE_IMPL(RouteProcControl, path, argp)
if (!(UserGetPrivileges(user) & USER_PROC_CONTROL)) if (!(UserGetPrivileges(user) & USER_PROC_CONTROL))
{ {
msg = "User doesn't have PROC_CONTROL privilege.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
msg = "Unknown operation.";
switch (HttpRequestMethodGet(args->context)) switch (HttpRequestMethodGet(args->context))
{ {
case HTTP_POST: case HTTP_POST:
@ -74,7 +77,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
else else
{ {
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
break; break;
@ -106,12 +109,12 @@ ROUTE_IMPL(RouteProcControl, path, argp)
else else
{ {
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
default: default:
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
break; break;
} }

View file

@ -45,6 +45,8 @@ ROUTE_IMPL(RouteRefresh, path, argp)
UserAccessToken *newAccessToken; UserAccessToken *newAccessToken;
char *deviceId; char *deviceId;
char *msg;
Db *db = args->matrixArgs->db; Db *db = args->matrixArgs->db;
User *user = NULL; User *user = NULL;
@ -55,8 +57,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "This route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
request = JsonDecode(HttpServerStream(args->context)); request = JsonDecode(HttpServerStream(args->context));
@ -69,8 +72,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
val = HashMapGet(request, "refresh_token"); val = HashMapGet(request, "refresh_token");
if (!val || JsonValueType(val) != JSON_STRING) if (!val || JsonValueType(val) != JSON_STRING)
{ {
msg = "'refresh_token' is unset or not a string.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL); response = MatrixErrorCreate(M_BAD_JSON, msg);
goto finish; goto finish;
} }

View file

@ -86,9 +86,10 @@ ROUTE_IMPL(RouteRegister, path, argp)
if (!config) if (!config)
{ {
msg = "Internal server error while locking configuration.";
Log(LOG_ERR, "Registration endpoint failed to lock configuration."); Log(LOG_ERR, "Registration endpoint failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL); return MatrixErrorCreate(M_UNKNOWN, msg);
} }
if (ArraySize(path) == 0) if (ArraySize(path) == 0)
@ -254,8 +255,9 @@ finish:
if (!username) if (!username)
{ {
msg = "'username' path parameter is not set.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_MISSING_PARAM, NULL); response = MatrixErrorCreate(M_MISSING_PARAM, msg);
} }
else if (!UserValidate(username, config->serverName)) else if (!UserValidate(username, config->serverName))
{ {

View file

@ -54,8 +54,9 @@ ROUTE_IMPL(RouteRequestToken, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST) if (HttpRequestMethodGet(args->context) != HTTP_POST)
{ {
msg = "This route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
request = JsonDecode(HttpServerStream(args->context)); request = JsonDecode(HttpServerStream(args->context));

View file

@ -47,8 +47,8 @@ ROUTE_IMPL(RouteStaticResources, path, argp)
"function findGetParameter(parameterName) {" "function findGetParameter(parameterName) {"
" var result = null;" " var result = null;"
" var tmp = [];" " var tmp = [];"
" var items = location.search.substr(1).split(\"&\");" " var items = location.search.substr(1).split(\"&\");"
" for (var index = 0; index < items.length; index++) {" " for (var index = 0; index < items.length; index++) {"
" tmp = items[index].split(\"=\");" " tmp = items[index].split(\"=\");"
" if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);" " if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);"
" }" " }"

View file

@ -41,13 +41,15 @@ ROUTE_IMPL(RouteTokenValid, path, argp)
RegTokenInfo *info = NULL; RegTokenInfo *info = NULL;
char *tokenstr; char *tokenstr;
char *msg;
(void) path; (void) path;
if (HttpRequestMethodGet(args->context) != HTTP_GET) if (HttpRequestMethodGet(args->context) != HTTP_GET)
{ {
msg = "This route only accepts GET.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
request = JsonDecode(HttpServerStream(args->context)); request = JsonDecode(HttpServerStream(args->context));

View file

@ -36,6 +36,8 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
char *authType = ArrayGet(path, 0); char *authType = ArrayGet(path, 0);
char *sessionId; char *sessionId;
char *msg;
if (!authType) if (!authType)
{ {
/* This should never happen */ /* This should never happen */
@ -56,9 +58,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
config = ConfigLock(args->matrixArgs->db); config = ConfigLock(args->matrixArgs->db);
if (!config) if (!config)
{ {
msg = "Internal server error: failed to lock configuration.";
Log(LOG_ERR, "UIA fallback failed to lock configuration."); Log(LOG_ERR, "UIA fallback failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL); return MatrixErrorCreate(M_UNKNOWN, msg);
} }
request = JsonDecode(HttpServerStream(args->context)); request = JsonDecode(HttpServerStream(args->context));
@ -93,15 +96,17 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
} }
else if (HttpRequestMethodGet(args->context) != HTTP_GET) else if (HttpRequestMethodGet(args->context) != HTTP_GET)
{ {
msg = "Route only supports GET.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL); return MatrixErrorCreate(M_UNRECOGNIZED, msg);
} }
sessionId = HashMapGet(requestParams, "session"); sessionId = HashMapGet(requestParams, "session");
if (!sessionId) if (!sessionId)
{ {
msg = "'session' parameter is unset.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_MISSING_PARAM, NULL); return MatrixErrorCreate(M_MISSING_PARAM, msg);
} }
HttpResponseHeader(args->context, "Content-Type", "text/html"); HttpResponseHeader(args->context, "Content-Type", "text/html");
@ -121,25 +126,25 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
HtmlEndForm(stream); HtmlEndForm(stream);
HtmlBeginJs(stream); HtmlBeginJs(stream);
StreamPrintf(stream, StreamPrintf(stream,
"function buildRequest() {" "function buildRequest() {"
" let user = document.getElementById('user').value;" " let user = document.getElementById('user').value;"
" let pass = document.getElementById('password').value;" " let pass = document.getElementById('password').value;"
" if (!user || !pass) {" " if (!user || !pass) {"
" setFormError('Please specify a username and password.');" " setFormError('Please specify a username and password.');"
" return false;" " return false;"
" }" " }"
" return {" " return {"
" auth: {" " auth: {"
" type: '%s'," " type: '%s',"
" identifier: {" " identifier: {"
" type: 'm.id.user'," " type: 'm.id.user',"
" user: user" " user: user"
" }," " },"
" password: pass," " password: pass,"
" session: '%s'" " session: '%s'"
" }" " }"
" };" " };"
"}", authType, sessionId); "}", authType, sessionId);
HtmlEndJs(stream); HtmlEndJs(stream);
} }
else if (StrEquals(authType, "m.login.registration_token")) else if (StrEquals(authType, "m.login.registration_token"))
@ -186,10 +191,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
"function processResponse(xhr) {" "function processResponse(xhr) {"
" let r = JSON.parse(xhr.responseText);" " let r = JSON.parse(xhr.responseText);"
" console.log(r);" " console.log(r);"
" if (xhr.status == 200 || r.completed.includes('%s')) {" " if (xhr.status == 200 || r.completed.includes('%s')) {"
" if (window.onAuthDone) {" " if (window.onAuthDone) {"
" window.onAuthDone();" " window.onAuthDone();"
" } else if (window.opener && window.opener.postMessage) {" " } else if (window.opener && window.opener.postMessage) {"
" window.opener.postMessage('authDone', '*');" " window.opener.postMessage('authDone', '*');"
" } else {" " } else {"
" setFormError('Client error.');" " setFormError('Client error.');"

View file

@ -48,6 +48,8 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
char *token = NULL; char *token = NULL;
char *value = NULL; char *value = NULL;
char *msg;
Config *config = ConfigLock(db); Config *config = ConfigLock(db);
if (!config) if (!config)
@ -63,15 +65,18 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
userId = UserIdParse(username, serverName); userId = UserIdParse(username, serverName);
if (!userId) if (!userId)
{ {
msg = "Invalid user ID.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL); response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish; goto finish;
} }
if (strcmp(userId->server, serverName)) if (strcmp(userId->server, serverName))
{ {
/* TODO: Implement lookup over federation. */ /* TODO: Implement lookup over federation. */
msg = "User profile endpoint currently doesn't support lookup over "
"federation.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
@ -82,8 +87,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
user = UserLock(db, userId->localpart); user = UserLock(db, userId->localpart);
if (!user) if (!user)
{ {
msg = "Couldn't lock user.";
HttpResponseStatus(args->context, HTTP_NOT_FOUND); HttpResponseStatus(args->context, HTTP_NOT_FOUND);
response = MatrixErrorCreate(M_NOT_FOUND, NULL); response = MatrixErrorCreate(M_NOT_FOUND, msg);
goto finish; goto finish;
} }
@ -138,7 +144,7 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
StrEquals(entry, "avatar_url")) StrEquals(entry, "avatar_url"))
{ {
/* Check if user has privilege to do that action. */ /* Check if user has privilege to do that action. */
if (strcmp(userId->localpart, UserGetName(user)) == 0) if (StrEquals(userId->localpart, UserGetName(user)))
{ {
value = JsonValueAsString(HashMapGet(request, entry)); value = JsonValueAsString(HashMapGet(request, entry));
/* TODO: Make UserSetProfile notify other /* TODO: Make UserSetProfile notify other
@ -148,14 +154,16 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
goto finish; goto finish;
} }
/* User is not allowed to carry-on the action */ /* User is not allowed to carry-on the action */
msg = "Cannot change another user's profile.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN); HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL); response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish; goto finish;
} }
else else
{ {
msg = "Invalid property being changed.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish; goto finish;
} }
} }
@ -166,8 +174,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
goto finish; goto finish;
} }
default: default:
msg = "Route only accepts GET and PUT.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST); HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNKNOWN, NULL); response = MatrixErrorCreate(M_UNKNOWN, msg);
break; break;
} }
finish: finish:

View file

@ -37,11 +37,14 @@ ROUTE_IMPL(RouteWellKnown, path, argp)
Config *config = ConfigLock(args->matrixArgs->db); Config *config = ConfigLock(args->matrixArgs->db);
char *msg;
if (!config) if (!config)
{ {
Log(LOG_ERR, "Well-known endpoint failed to lock configuration."); Log(LOG_ERR, "Well-known endpoint failed to lock configuration.");
msg = "Internal server error: couldn't lock database.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL); return MatrixErrorCreate(M_UNKNOWN, msg);
} }
if (StrEquals(ArrayGet(path, 0), "client")) if (StrEquals(ArrayGet(path, 0), "client"))

View file

@ -42,14 +42,16 @@ ROUTE_IMPL(RouteWhoami, path, argp)
char *token; char *token;
char *userID; char *userID;
char *deviceID; char *deviceID;
char *msg;
Config *config = ConfigLock(db); Config *config = ConfigLock(db);
if (!config) if (!config)
{ {
msg = "Internal server error: couldn't lock database.";
Log(LOG_ERR, "Who am I endpoint failed to lock configuration."); Log(LOG_ERR, "Who am I endpoint failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL); return MatrixErrorCreate(M_UNKNOWN, msg);
} }
(void) path; (void) path;

View file

@ -222,6 +222,8 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
HashMap *dbJson; HashMap *dbJson;
int ret; int ret;
char *msg;
if (!flows) if (!flows)
{ {
return -1; return -1;
@ -242,8 +244,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
if (JsonValueType(val) != JSON_OBJECT) if (JsonValueType(val) != JSON_OBJECT)
{ {
msg = "'auth' is not an object.";
HttpResponseStatus(context, HTTP_BAD_REQUEST); HttpResponseStatus(context, HTTP_BAD_REQUEST);
*response = MatrixErrorCreate(M_BAD_JSON, NULL); *response = MatrixErrorCreate(M_BAD_JSON, msg);
return 0; return 0;
} }
@ -252,8 +255,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
if (!val || JsonValueType(val) != JSON_STRING) if (!val || JsonValueType(val) != JSON_STRING)
{ {
msg = "'auth->session' is unset or not a string.";
HttpResponseStatus(context, HTTP_BAD_REQUEST); HttpResponseStatus(context, HTTP_BAD_REQUEST);
*response = MatrixErrorCreate(M_BAD_JSON, NULL); *response = MatrixErrorCreate(M_BAD_JSON, msg);
return 0; return 0;
} }
@ -311,8 +315,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
if (!val || JsonValueType(val) != JSON_STRING) if (!val || JsonValueType(val) != JSON_STRING)
{ {
msg = "'auth->type' is unset or not a string.";
HttpResponseStatus(context, HTTP_BAD_REQUEST); HttpResponseStatus(context, HTTP_BAD_REQUEST);
*response = MatrixErrorCreate(M_BAD_JSON, NULL); *response = MatrixErrorCreate(M_BAD_JSON, msg);
ret = 0; ret = 0;
goto finish; goto finish;
} }