forked from Telodendria/Telodendria
Compare commits
2 commits
18488d463e
...
12061afe62
Author | SHA1 | Date | |
---|---|---|---|
12061afe62 | |||
2c6d5194d2 |
19 changed files with 161 additions and 80 deletions
|
@ -65,6 +65,8 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
|
|||
char *token;
|
||||
char *newPassword;
|
||||
|
||||
char *msg;
|
||||
|
||||
Config *config = ConfigLock(db);
|
||||
|
||||
if (!config)
|
||||
|
@ -78,8 +80,9 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
|
|||
|
||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||
{
|
||||
msg = "Route only supports POST.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -118,9 +121,10 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
|
|||
newPassword = JsonValueAsString(HashMapGet(request, "new_password"));
|
||||
if (!newPassword)
|
||||
{
|
||||
msg = "'new_password' is unset or not a string.";
|
||||
JsonFree(request);
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
|
|
@ -33,6 +33,7 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
|||
RouteArgs *args = argp;
|
||||
HashMap *response;
|
||||
char *token;
|
||||
char *msg;
|
||||
|
||||
User *user = NULL;
|
||||
Config *config = NULL;
|
||||
|
@ -59,17 +60,19 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
|||
|
||||
if (!(UserGetPrivileges(user) & USER_CONFIG))
|
||||
{
|
||||
msg = "User does not have the 'CONFIG' privilege.";
|
||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
config = ConfigLock(args->matrixArgs->db);
|
||||
if (!config)
|
||||
{
|
||||
msg = "Internal server error while locking configuration.";
|
||||
Log(LOG_ERR, "Config endpoint failed to lock configuration.");
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -90,8 +93,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
|||
newConf = ConfigParse(request);
|
||||
if (!newConf)
|
||||
{
|
||||
msg = "Internal server error while parsing config.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -108,8 +112,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
|||
}
|
||||
else
|
||||
{
|
||||
msg = "Internal server error while writing the config.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
}
|
||||
}
|
||||
else
|
||||
|
@ -137,8 +142,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
|||
|
||||
if (!newConf)
|
||||
{
|
||||
msg = "Internal server error while parsing config.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -155,8 +161,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
|||
}
|
||||
else
|
||||
{
|
||||
msg = "Internal server error while writing the config.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
}
|
||||
}
|
||||
else
|
||||
|
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
|||
JsonFree(newJson);
|
||||
break;
|
||||
default:
|
||||
msg = "Unknown request method.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method.");
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
|
@ -41,8 +41,9 @@ ROUTE_IMPL(RouteCreateRoom, path, argp)
|
|||
|
||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||
{
|
||||
err = "Unknown request method.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method.");
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, err);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
|
|
@ -47,6 +47,8 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
|
|||
User *user = NULL;
|
||||
Config *config = ConfigLock(db);
|
||||
|
||||
char *msg;
|
||||
|
||||
(void) path;
|
||||
|
||||
if (!config)
|
||||
|
@ -59,8 +61,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
|
|||
|
||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||
{
|
||||
msg = "Route only accepts POST.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -128,8 +131,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
|
|||
|
||||
if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL))
|
||||
{
|
||||
msg = "Internal server error: couldn't remove user properly.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
|
|
@ -69,6 +69,8 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
|||
|
||||
char *userParam = ArrayGet(path, 0);
|
||||
|
||||
char *msg;
|
||||
|
||||
if (!userParam)
|
||||
{
|
||||
/* Should be impossible */
|
||||
|
@ -87,15 +89,17 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
|||
id = UserIdParse(userParam, serverName);
|
||||
if (!id)
|
||||
{
|
||||
msg = "Invalid user ID.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
if (!StrEquals(id->server, serverName))
|
||||
{
|
||||
msg = "Cannot use /filter for non-local users.";
|
||||
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
||||
response = MatrixErrorCreate(M_UNAUTHORIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNAUTHORIZED, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -115,8 +119,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
|||
|
||||
if (!StrEquals(id->localpart, UserGetName(user)))
|
||||
{
|
||||
msg = "Unauthorized to use /filter.";
|
||||
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -126,8 +131,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
|||
|
||||
if (!ref)
|
||||
{
|
||||
msg = "The filter for this user was not found.";
|
||||
HttpResponseStatus(args->context, HTTP_NOT_FOUND);
|
||||
response = MatrixErrorCreate(M_NOT_FOUND, NULL);
|
||||
response = MatrixErrorCreate(M_NOT_FOUND, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -161,8 +167,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
|||
filterId = StrRandom(12);
|
||||
if (!filterId)
|
||||
{
|
||||
msg = "Couldn't generate random filter ID; this is unintended.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
|||
if (!ref)
|
||||
{
|
||||
Free(filterId);
|
||||
msg = "Couldn't write filter to the database, this is unintended.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
|
|
@ -107,8 +107,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
|||
|
||||
if (loginRequest.type != REQUEST_TYPE_PASSWORD)
|
||||
{
|
||||
msg = "Unsupported login type.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -117,6 +118,7 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
|||
val = HashMapGet(identifier, "type");
|
||||
if (!val)
|
||||
{
|
||||
msg = "No login identifier type set.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
|
||||
break;
|
||||
|
@ -124,16 +126,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
|||
|
||||
if (JsonValueType(val) != JSON_STRING)
|
||||
{
|
||||
msg = "Invalid login identifier type.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
type = JsonValueAsString(val);
|
||||
if (!StrEquals(type, "m.id.user"))
|
||||
{
|
||||
msg = "Invalid login identifier type.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
break;
|
||||
}
|
||||
if (!LoginRequestUserIdentifierFromJson(identifier,
|
||||
|
@ -148,16 +152,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
|||
userId = UserIdParse(userIdentifier.user, config->serverName);
|
||||
if (!userId)
|
||||
{
|
||||
msg = "Invalid user ID.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
if (!StrEquals(userId->server, config->serverName)
|
||||
|| !UserExists(db, userId->localpart))
|
||||
{
|
||||
msg = "Unknown user ID.";
|
||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -171,8 +177,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
|||
|
||||
if (!user)
|
||||
{
|
||||
msg = "Couldn't lock user.";
|
||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -190,10 +197,11 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
|||
|
||||
if (!loginInfo)
|
||||
{
|
||||
msg = "Invalid creditentials for user.";
|
||||
UserUnlock(user);
|
||||
|
||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -229,8 +237,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
|||
|
||||
break;
|
||||
default:
|
||||
msg = "Route only accepts GET and POST.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
|
@ -38,14 +38,17 @@ ROUTE_IMPL(RouteLogout, path, argp)
|
|||
|
||||
char *tokenstr;
|
||||
|
||||
char *msg;
|
||||
|
||||
Db *db = args->matrixArgs->db;
|
||||
|
||||
User *user;
|
||||
|
||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||
{
|
||||
msg = "This route only accepts POST.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
}
|
||||
|
||||
response = MatrixGetAccessToken(args->context, &tokenstr);
|
||||
|
@ -84,8 +87,9 @@ ROUTE_IMPL(RouteLogout, path, argp)
|
|||
{
|
||||
if (!UserDeleteToken(user, tokenstr))
|
||||
{
|
||||
msg = "Internal server error: couldn't delete token.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
|
|
@ -39,6 +39,8 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
|||
JsonValue *val;
|
||||
int privileges;
|
||||
|
||||
char *msg;
|
||||
|
||||
response = MatrixGetAccessToken(args->context, &token);
|
||||
if (response)
|
||||
{
|
||||
|
@ -55,8 +57,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
|||
|
||||
if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES))
|
||||
{
|
||||
msg = "User doesn't have the GRANT_PRIVILEGES privilege";
|
||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -68,8 +71,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
|||
user = UserLock(args->matrixArgs->db, ArrayGet(path, 0));
|
||||
if (!user)
|
||||
{
|
||||
msg = "Unknown user.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
|
@ -90,8 +94,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
|||
val = HashMapGet(request, "privileges");
|
||||
if (!val || JsonValueType(val) != JSON_ARRAY)
|
||||
{
|
||||
msg = "'privileges' is unset or not an array.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -116,8 +121,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
|||
|
||||
if (!UserSetPrivileges(user, privileges))
|
||||
{
|
||||
msg = "Internal server error: couldn't set privileges.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -127,8 +133,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
|||
HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user))));
|
||||
break;
|
||||
default:
|
||||
msg = "Route only accepts POST, PUT, DELETE, and GET.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
goto finish;
|
||||
break;
|
||||
}
|
||||
|
|
|
@ -37,6 +37,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
|
|||
char *op = ArrayGet(path, 0);
|
||||
HashMap *response;
|
||||
char *token;
|
||||
char *msg;
|
||||
User *user = NULL;
|
||||
|
||||
response = MatrixGetAccessToken(args->context, &token);
|
||||
|
@ -55,11 +56,13 @@ ROUTE_IMPL(RouteProcControl, path, argp)
|
|||
|
||||
if (!(UserGetPrivileges(user) & USER_PROC_CONTROL))
|
||||
{
|
||||
msg = "User doesn't have PROC_CONTROL privilege.";
|
||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
msg = "Unknown operation.";
|
||||
switch (HttpRequestMethodGet(args->context))
|
||||
{
|
||||
case HTTP_POST:
|
||||
|
@ -74,7 +77,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
|
|||
else
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
goto finish;
|
||||
}
|
||||
break;
|
||||
|
@ -106,12 +109,12 @@ ROUTE_IMPL(RouteProcControl, path, argp)
|
|||
else
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
goto finish;
|
||||
}
|
||||
default:
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
goto finish;
|
||||
break;
|
||||
}
|
||||
|
|
|
@ -45,6 +45,8 @@ ROUTE_IMPL(RouteRefresh, path, argp)
|
|||
UserAccessToken *newAccessToken;
|
||||
char *deviceId;
|
||||
|
||||
char *msg;
|
||||
|
||||
Db *db = args->matrixArgs->db;
|
||||
|
||||
User *user = NULL;
|
||||
|
@ -55,8 +57,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
|
|||
|
||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||
{
|
||||
msg = "This route only accepts POST.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
}
|
||||
|
||||
request = JsonDecode(HttpServerStream(args->context));
|
||||
|
@ -69,8 +72,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
|
|||
val = HashMapGet(request, "refresh_token");
|
||||
if (!val || JsonValueType(val) != JSON_STRING)
|
||||
{
|
||||
msg = "'refresh_token' is unset or not a string.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
|
|
@ -86,9 +86,10 @@ ROUTE_IMPL(RouteRegister, path, argp)
|
|||
|
||||
if (!config)
|
||||
{
|
||||
msg = "Internal server error while locking configuration.";
|
||||
Log(LOG_ERR, "Registration endpoint failed to lock configuration.");
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
return MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
return MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
}
|
||||
|
||||
if (ArraySize(path) == 0)
|
||||
|
@ -254,8 +255,9 @@ finish:
|
|||
|
||||
if (!username)
|
||||
{
|
||||
msg = "'username' path parameter is not set.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
|
||||
response = MatrixErrorCreate(M_MISSING_PARAM, msg);
|
||||
}
|
||||
else if (!UserValidate(username, config->serverName))
|
||||
{
|
||||
|
|
|
@ -54,8 +54,9 @@ ROUTE_IMPL(RouteRequestToken, path, argp)
|
|||
|
||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||
{
|
||||
msg = "This route only accepts POST.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
}
|
||||
|
||||
request = JsonDecode(HttpServerStream(args->context));
|
||||
|
|
|
@ -47,8 +47,8 @@ ROUTE_IMPL(RouteStaticResources, path, argp)
|
|||
"function findGetParameter(parameterName) {"
|
||||
" var result = null;"
|
||||
" var tmp = [];"
|
||||
" var items = location.search.substr(1).split(\"&\");"
|
||||
" for (var index = 0; index < items.length; index++) {"
|
||||
" var items = location.search.substr(1).split(\"&\");"
|
||||
" for (var index = 0; index < items.length; index++) {"
|
||||
" tmp = items[index].split(\"=\");"
|
||||
" if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);"
|
||||
" }"
|
||||
|
|
|
@ -41,13 +41,15 @@ ROUTE_IMPL(RouteTokenValid, path, argp)
|
|||
RegTokenInfo *info = NULL;
|
||||
|
||||
char *tokenstr;
|
||||
char *msg;
|
||||
|
||||
(void) path;
|
||||
|
||||
if (HttpRequestMethodGet(args->context) != HTTP_GET)
|
||||
{
|
||||
msg = "This route only accepts GET.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
}
|
||||
|
||||
request = JsonDecode(HttpServerStream(args->context));
|
||||
|
|
|
@ -36,6 +36,8 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
|||
char *authType = ArrayGet(path, 0);
|
||||
char *sessionId;
|
||||
|
||||
char *msg;
|
||||
|
||||
if (!authType)
|
||||
{
|
||||
/* This should never happen */
|
||||
|
@ -56,9 +58,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
|||
config = ConfigLock(args->matrixArgs->db);
|
||||
if (!config)
|
||||
{
|
||||
msg = "Internal server error: failed to lock configuration.";
|
||||
Log(LOG_ERR, "UIA fallback failed to lock configuration.");
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
return MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
return MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
}
|
||||
|
||||
request = JsonDecode(HttpServerStream(args->context));
|
||||
|
@ -93,15 +96,17 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
|||
}
|
||||
else if (HttpRequestMethodGet(args->context) != HTTP_GET)
|
||||
{
|
||||
msg = "Route only supports GET.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
}
|
||||
|
||||
sessionId = HashMapGet(requestParams, "session");
|
||||
if (!sessionId)
|
||||
{
|
||||
msg = "'session' parameter is unset.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
return MatrixErrorCreate(M_MISSING_PARAM, NULL);
|
||||
return MatrixErrorCreate(M_MISSING_PARAM, msg);
|
||||
}
|
||||
|
||||
HttpResponseHeader(args->context, "Content-Type", "text/html");
|
||||
|
@ -121,25 +126,25 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
|||
HtmlEndForm(stream);
|
||||
HtmlBeginJs(stream);
|
||||
StreamPrintf(stream,
|
||||
"function buildRequest() {"
|
||||
"function buildRequest() {"
|
||||
" let user = document.getElementById('user').value;"
|
||||
" let pass = document.getElementById('password').value;"
|
||||
" if (!user || !pass) {"
|
||||
" setFormError('Please specify a username and password.');"
|
||||
" return false;"
|
||||
" }"
|
||||
" return {"
|
||||
" auth: {"
|
||||
" type: '%s',"
|
||||
" identifier: {"
|
||||
" type: 'm.id.user',"
|
||||
" user: user"
|
||||
" },"
|
||||
" password: pass,"
|
||||
" session: '%s'"
|
||||
" }"
|
||||
" };"
|
||||
"}", authType, sessionId);
|
||||
" let pass = document.getElementById('password').value;"
|
||||
" if (!user || !pass) {"
|
||||
" setFormError('Please specify a username and password.');"
|
||||
" return false;"
|
||||
" }"
|
||||
" return {"
|
||||
" auth: {"
|
||||
" type: '%s',"
|
||||
" identifier: {"
|
||||
" type: 'm.id.user',"
|
||||
" user: user"
|
||||
" },"
|
||||
" password: pass,"
|
||||
" session: '%s'"
|
||||
" }"
|
||||
" };"
|
||||
"}", authType, sessionId);
|
||||
HtmlEndJs(stream);
|
||||
}
|
||||
else if (StrEquals(authType, "m.login.registration_token"))
|
||||
|
@ -186,10 +191,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
|||
"function processResponse(xhr) {"
|
||||
" let r = JSON.parse(xhr.responseText);"
|
||||
" console.log(r);"
|
||||
" if (xhr.status == 200 || r.completed.includes('%s')) {"
|
||||
" if (xhr.status == 200 || r.completed.includes('%s')) {"
|
||||
" if (window.onAuthDone) {"
|
||||
" window.onAuthDone();"
|
||||
" } else if (window.opener && window.opener.postMessage) {"
|
||||
" } else if (window.opener && window.opener.postMessage) {"
|
||||
" window.opener.postMessage('authDone', '*');"
|
||||
" } else {"
|
||||
" setFormError('Client error.');"
|
||||
|
|
|
@ -48,6 +48,8 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
|||
char *token = NULL;
|
||||
char *value = NULL;
|
||||
|
||||
char *msg;
|
||||
|
||||
Config *config = ConfigLock(db);
|
||||
|
||||
if (!config)
|
||||
|
@ -63,15 +65,18 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
|||
userId = UserIdParse(username, serverName);
|
||||
if (!userId)
|
||||
{
|
||||
msg = "Invalid user ID.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
|
||||
goto finish;
|
||||
}
|
||||
if (strcmp(userId->server, serverName))
|
||||
{
|
||||
/* TODO: Implement lookup over federation. */
|
||||
msg = "User profile endpoint currently doesn't support lookup over "
|
||||
"federation.";
|
||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -82,8 +87,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
|||
user = UserLock(db, userId->localpart);
|
||||
if (!user)
|
||||
{
|
||||
msg = "Couldn't lock user.";
|
||||
HttpResponseStatus(args->context, HTTP_NOT_FOUND);
|
||||
response = MatrixErrorCreate(M_NOT_FOUND, NULL);
|
||||
response = MatrixErrorCreate(M_NOT_FOUND, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
|
@ -138,7 +144,7 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
|||
StrEquals(entry, "avatar_url"))
|
||||
{
|
||||
/* Check if user has privilege to do that action. */
|
||||
if (strcmp(userId->localpart, UserGetName(user)) == 0)
|
||||
if (StrEquals(userId->localpart, UserGetName(user)))
|
||||
{
|
||||
value = JsonValueAsString(HashMapGet(request, entry));
|
||||
/* TODO: Make UserSetProfile notify other
|
||||
|
@ -148,14 +154,16 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
|||
goto finish;
|
||||
}
|
||||
/* User is not allowed to carry-on the action */
|
||||
msg = "Cannot change another user's profile.";
|
||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
||||
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||
goto finish;
|
||||
}
|
||||
else
|
||||
{
|
||||
msg = "Invalid property being changed.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
||||
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
|
@ -166,8 +174,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
|||
goto finish;
|
||||
}
|
||||
default:
|
||||
msg = "Route only accepts GET and PUT.";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
break;
|
||||
}
|
||||
finish:
|
||||
|
|
|
@ -37,11 +37,14 @@ ROUTE_IMPL(RouteWellKnown, path, argp)
|
|||
|
||||
Config *config = ConfigLock(args->matrixArgs->db);
|
||||
|
||||
char *msg;
|
||||
|
||||
if (!config)
|
||||
{
|
||||
Log(LOG_ERR, "Well-known endpoint failed to lock configuration.");
|
||||
msg = "Internal server error: couldn't lock database.";
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
return MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
return MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
}
|
||||
|
||||
if (StrEquals(ArrayGet(path, 0), "client"))
|
||||
|
|
|
@ -42,14 +42,16 @@ ROUTE_IMPL(RouteWhoami, path, argp)
|
|||
char *token;
|
||||
char *userID;
|
||||
char *deviceID;
|
||||
char *msg;
|
||||
|
||||
Config *config = ConfigLock(db);
|
||||
|
||||
if (!config)
|
||||
{
|
||||
msg = "Internal server error: couldn't lock database.";
|
||||
Log(LOG_ERR, "Who am I endpoint failed to lock configuration.");
|
||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||
return MatrixErrorCreate(M_UNKNOWN, NULL);
|
||||
return MatrixErrorCreate(M_UNKNOWN, msg);
|
||||
}
|
||||
|
||||
(void) path;
|
||||
|
|
11
src/Uia.c
11
src/Uia.c
|
@ -222,6 +222,8 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
|||
HashMap *dbJson;
|
||||
int ret;
|
||||
|
||||
char *msg;
|
||||
|
||||
if (!flows)
|
||||
{
|
||||
return -1;
|
||||
|
@ -242,8 +244,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
|||
|
||||
if (JsonValueType(val) != JSON_OBJECT)
|
||||
{
|
||||
msg = "'auth' is not an object.";
|
||||
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
||||
*response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
*response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -252,8 +255,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
|||
|
||||
if (!val || JsonValueType(val) != JSON_STRING)
|
||||
{
|
||||
msg = "'auth->session' is unset or not a string.";
|
||||
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
||||
*response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
*response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -311,8 +315,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
|||
|
||||
if (!val || JsonValueType(val) != JSON_STRING)
|
||||
{
|
||||
msg = "'auth->type' is unset or not a string.";
|
||||
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
||||
*response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
*response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
ret = 0;
|
||||
goto finish;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue