forked from Telodendria/Telodendria
Compare commits
2 commits
fbc4486930
...
f6313101fd
Author | SHA1 | Date | |
---|---|---|---|
f6313101fd | |||
2c6d5194d2 |
19 changed files with 161 additions and 80 deletions
|
@ -65,6 +65,8 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
|
||||||
char *token;
|
char *token;
|
||||||
char *newPassword;
|
char *newPassword;
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
Config *config = ConfigLock(db);
|
Config *config = ConfigLock(db);
|
||||||
|
|
||||||
if (!config)
|
if (!config)
|
||||||
|
@ -78,8 +80,9 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
|
||||||
|
|
||||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||||
{
|
{
|
||||||
|
msg = "Route only supports POST.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -118,9 +121,10 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
|
||||||
newPassword = JsonValueAsString(HashMapGet(request, "new_password"));
|
newPassword = JsonValueAsString(HashMapGet(request, "new_password"));
|
||||||
if (!newPassword)
|
if (!newPassword)
|
||||||
{
|
{
|
||||||
|
msg = "'new_password' is unset or not a string.";
|
||||||
JsonFree(request);
|
JsonFree(request);
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -33,6 +33,7 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
||||||
RouteArgs *args = argp;
|
RouteArgs *args = argp;
|
||||||
HashMap *response;
|
HashMap *response;
|
||||||
char *token;
|
char *token;
|
||||||
|
char *msg;
|
||||||
|
|
||||||
User *user = NULL;
|
User *user = NULL;
|
||||||
Config *config = NULL;
|
Config *config = NULL;
|
||||||
|
@ -59,17 +60,19 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
||||||
|
|
||||||
if (!(UserGetPrivileges(user) & USER_CONFIG))
|
if (!(UserGetPrivileges(user) & USER_CONFIG))
|
||||||
{
|
{
|
||||||
|
msg = "User does not have the 'CONFIG' privilege.";
|
||||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
config = ConfigLock(args->matrixArgs->db);
|
config = ConfigLock(args->matrixArgs->db);
|
||||||
if (!config)
|
if (!config)
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error while locking configuration.";
|
||||||
Log(LOG_ERR, "Config endpoint failed to lock configuration.");
|
Log(LOG_ERR, "Config endpoint failed to lock configuration.");
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -90,8 +93,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
||||||
newConf = ConfigParse(request);
|
newConf = ConfigParse(request);
|
||||||
if (!newConf)
|
if (!newConf)
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error while parsing config.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -108,8 +112,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error while writing the config.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@ -137,8 +142,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
||||||
|
|
||||||
if (!newConf)
|
if (!newConf)
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error while parsing config.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -155,8 +161,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error while writing the config.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
|
||||||
JsonFree(newJson);
|
JsonFree(newJson);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
msg = "Unknown request method.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method.");
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -41,8 +41,9 @@ ROUTE_IMPL(RouteCreateRoom, path, argp)
|
||||||
|
|
||||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||||
{
|
{
|
||||||
|
err = "Unknown request method.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method.");
|
response = MatrixErrorCreate(M_UNRECOGNIZED, err);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -47,6 +47,8 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
|
||||||
User *user = NULL;
|
User *user = NULL;
|
||||||
Config *config = ConfigLock(db);
|
Config *config = ConfigLock(db);
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
(void) path;
|
(void) path;
|
||||||
|
|
||||||
if (!config)
|
if (!config)
|
||||||
|
@ -59,8 +61,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
|
||||||
|
|
||||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||||
{
|
{
|
||||||
|
msg = "Route only accepts POST.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -128,8 +131,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
|
||||||
|
|
||||||
if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL))
|
if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL))
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error: couldn't remove user properly.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -69,6 +69,8 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
||||||
|
|
||||||
char *userParam = ArrayGet(path, 0);
|
char *userParam = ArrayGet(path, 0);
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
if (!userParam)
|
if (!userParam)
|
||||||
{
|
{
|
||||||
/* Should be impossible */
|
/* Should be impossible */
|
||||||
|
@ -87,15 +89,17 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
||||||
id = UserIdParse(userParam, serverName);
|
id = UserIdParse(userParam, serverName);
|
||||||
if (!id)
|
if (!id)
|
||||||
{
|
{
|
||||||
|
msg = "Invalid user ID.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
|
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!StrEquals(id->server, serverName))
|
if (!StrEquals(id->server, serverName))
|
||||||
{
|
{
|
||||||
|
msg = "Cannot use /filter for non-local users.";
|
||||||
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
||||||
response = MatrixErrorCreate(M_UNAUTHORIZED, NULL);
|
response = MatrixErrorCreate(M_UNAUTHORIZED, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -115,8 +119,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
||||||
|
|
||||||
if (!StrEquals(id->localpart, UserGetName(user)))
|
if (!StrEquals(id->localpart, UserGetName(user)))
|
||||||
{
|
{
|
||||||
|
msg = "Unauthorized to use /filter.";
|
||||||
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
|
||||||
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
|
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -126,8 +131,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
||||||
|
|
||||||
if (!ref)
|
if (!ref)
|
||||||
{
|
{
|
||||||
|
msg = "The filter for this user was not found.";
|
||||||
HttpResponseStatus(args->context, HTTP_NOT_FOUND);
|
HttpResponseStatus(args->context, HTTP_NOT_FOUND);
|
||||||
response = MatrixErrorCreate(M_NOT_FOUND, NULL);
|
response = MatrixErrorCreate(M_NOT_FOUND, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -161,8 +167,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
||||||
filterId = StrRandom(12);
|
filterId = StrRandom(12);
|
||||||
if (!filterId)
|
if (!filterId)
|
||||||
{
|
{
|
||||||
|
msg = "Couldn't generate random filter ID; this is unintended.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
|
||||||
if (!ref)
|
if (!ref)
|
||||||
{
|
{
|
||||||
Free(filterId);
|
Free(filterId);
|
||||||
|
msg = "Couldn't write filter to the database, this is unintended.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -107,8 +107,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
||||||
|
|
||||||
if (loginRequest.type != REQUEST_TYPE_PASSWORD)
|
if (loginRequest.type != REQUEST_TYPE_PASSWORD)
|
||||||
{
|
{
|
||||||
|
msg = "Unsupported login type.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -117,6 +118,7 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
||||||
val = HashMapGet(identifier, "type");
|
val = HashMapGet(identifier, "type");
|
||||||
if (!val)
|
if (!val)
|
||||||
{
|
{
|
||||||
|
msg = "No login identifier type set.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
|
response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
|
||||||
break;
|
break;
|
||||||
|
@ -124,16 +126,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
||||||
|
|
||||||
if (JsonValueType(val) != JSON_STRING)
|
if (JsonValueType(val) != JSON_STRING)
|
||||||
{
|
{
|
||||||
|
msg = "Invalid login identifier type.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
type = JsonValueAsString(val);
|
type = JsonValueAsString(val);
|
||||||
if (!StrEquals(type, "m.id.user"))
|
if (!StrEquals(type, "m.id.user"))
|
||||||
{
|
{
|
||||||
|
msg = "Invalid login identifier type.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (!LoginRequestUserIdentifierFromJson(identifier,
|
if (!LoginRequestUserIdentifierFromJson(identifier,
|
||||||
|
@ -148,16 +152,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
||||||
userId = UserIdParse(userIdentifier.user, config->serverName);
|
userId = UserIdParse(userIdentifier.user, config->serverName);
|
||||||
if (!userId)
|
if (!userId)
|
||||||
{
|
{
|
||||||
|
msg = "Invalid user ID.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!StrEquals(userId->server, config->serverName)
|
if (!StrEquals(userId->server, config->serverName)
|
||||||
|| !UserExists(db, userId->localpart))
|
|| !UserExists(db, userId->localpart))
|
||||||
{
|
{
|
||||||
|
msg = "Unknown user ID.";
|
||||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -171,8 +177,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
||||||
|
|
||||||
if (!user)
|
if (!user)
|
||||||
{
|
{
|
||||||
|
msg = "Couldn't lock user.";
|
||||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -190,10 +197,11 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
||||||
|
|
||||||
if (!loginInfo)
|
if (!loginInfo)
|
||||||
{
|
{
|
||||||
|
msg = "Invalid creditentials for user.";
|
||||||
UserUnlock(user);
|
UserUnlock(user);
|
||||||
|
|
||||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -229,8 +237,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
|
||||||
|
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
msg = "Route only accepts GET and POST.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -38,14 +38,17 @@ ROUTE_IMPL(RouteLogout, path, argp)
|
||||||
|
|
||||||
char *tokenstr;
|
char *tokenstr;
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
Db *db = args->matrixArgs->db;
|
Db *db = args->matrixArgs->db;
|
||||||
|
|
||||||
User *user;
|
User *user;
|
||||||
|
|
||||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||||
{
|
{
|
||||||
|
msg = "This route only accepts POST.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
response = MatrixGetAccessToken(args->context, &tokenstr);
|
response = MatrixGetAccessToken(args->context, &tokenstr);
|
||||||
|
@ -84,8 +87,9 @@ ROUTE_IMPL(RouteLogout, path, argp)
|
||||||
{
|
{
|
||||||
if (!UserDeleteToken(user, tokenstr))
|
if (!UserDeleteToken(user, tokenstr))
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error: couldn't delete token.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -39,6 +39,8 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
||||||
JsonValue *val;
|
JsonValue *val;
|
||||||
int privileges;
|
int privileges;
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
response = MatrixGetAccessToken(args->context, &token);
|
response = MatrixGetAccessToken(args->context, &token);
|
||||||
if (response)
|
if (response)
|
||||||
{
|
{
|
||||||
|
@ -55,8 +57,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
||||||
|
|
||||||
if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES))
|
if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES))
|
||||||
{
|
{
|
||||||
|
msg = "User doesn't have the GRANT_PRIVILEGES privilege";
|
||||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -68,8 +71,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
||||||
user = UserLock(args->matrixArgs->db, ArrayGet(path, 0));
|
user = UserLock(args->matrixArgs->db, ArrayGet(path, 0));
|
||||||
if (!user)
|
if (!user)
|
||||||
{
|
{
|
||||||
|
msg = "Unknown user.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
|
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -90,8 +94,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
||||||
val = HashMapGet(request, "privileges");
|
val = HashMapGet(request, "privileges");
|
||||||
if (!val || JsonValueType(val) != JSON_ARRAY)
|
if (!val || JsonValueType(val) != JSON_ARRAY)
|
||||||
{
|
{
|
||||||
|
msg = "'privileges' is unset or not an array.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -116,8 +121,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
||||||
|
|
||||||
if (!UserSetPrivileges(user, privileges))
|
if (!UserSetPrivileges(user, privileges))
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error: couldn't set privileges.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -127,8 +133,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
|
||||||
HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user))));
|
HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user))));
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
msg = "Route only accepts POST, PUT, DELETE, and GET.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,6 +37,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
|
||||||
char *op = ArrayGet(path, 0);
|
char *op = ArrayGet(path, 0);
|
||||||
HashMap *response;
|
HashMap *response;
|
||||||
char *token;
|
char *token;
|
||||||
|
char *msg;
|
||||||
User *user = NULL;
|
User *user = NULL;
|
||||||
|
|
||||||
response = MatrixGetAccessToken(args->context, &token);
|
response = MatrixGetAccessToken(args->context, &token);
|
||||||
|
@ -55,11 +56,13 @@ ROUTE_IMPL(RouteProcControl, path, argp)
|
||||||
|
|
||||||
if (!(UserGetPrivileges(user) & USER_PROC_CONTROL))
|
if (!(UserGetPrivileges(user) & USER_PROC_CONTROL))
|
||||||
{
|
{
|
||||||
|
msg = "User doesn't have PROC_CONTROL privilege.";
|
||||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
msg = "Unknown operation.";
|
||||||
switch (HttpRequestMethodGet(args->context))
|
switch (HttpRequestMethodGet(args->context))
|
||||||
{
|
{
|
||||||
case HTTP_POST:
|
case HTTP_POST:
|
||||||
|
@ -74,7 +77,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
@ -106,12 +109,12 @@ ROUTE_IMPL(RouteProcControl, path, argp)
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,6 +45,8 @@ ROUTE_IMPL(RouteRefresh, path, argp)
|
||||||
UserAccessToken *newAccessToken;
|
UserAccessToken *newAccessToken;
|
||||||
char *deviceId;
|
char *deviceId;
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
Db *db = args->matrixArgs->db;
|
Db *db = args->matrixArgs->db;
|
||||||
|
|
||||||
User *user = NULL;
|
User *user = NULL;
|
||||||
|
@ -55,8 +57,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
|
||||||
|
|
||||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||||
{
|
{
|
||||||
|
msg = "This route only accepts POST.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
request = JsonDecode(HttpServerStream(args->context));
|
request = JsonDecode(HttpServerStream(args->context));
|
||||||
|
@ -69,8 +72,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
|
||||||
val = HashMapGet(request, "refresh_token");
|
val = HashMapGet(request, "refresh_token");
|
||||||
if (!val || JsonValueType(val) != JSON_STRING)
|
if (!val || JsonValueType(val) != JSON_STRING)
|
||||||
{
|
{
|
||||||
|
msg = "'refresh_token' is unset or not a string.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -86,9 +86,10 @@ ROUTE_IMPL(RouteRegister, path, argp)
|
||||||
|
|
||||||
if (!config)
|
if (!config)
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error while locking configuration.";
|
||||||
Log(LOG_ERR, "Registration endpoint failed to lock configuration.");
|
Log(LOG_ERR, "Registration endpoint failed to lock configuration.");
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
return MatrixErrorCreate(M_UNKNOWN, NULL);
|
return MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ArraySize(path) == 0)
|
if (ArraySize(path) == 0)
|
||||||
|
@ -254,8 +255,9 @@ finish:
|
||||||
|
|
||||||
if (!username)
|
if (!username)
|
||||||
{
|
{
|
||||||
|
msg = "'username' path parameter is not set.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
|
response = MatrixErrorCreate(M_MISSING_PARAM, msg);
|
||||||
}
|
}
|
||||||
else if (!UserValidate(username, config->serverName))
|
else if (!UserValidate(username, config->serverName))
|
||||||
{
|
{
|
||||||
|
|
|
@ -54,8 +54,9 @@ ROUTE_IMPL(RouteRequestToken, path, argp)
|
||||||
|
|
||||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||||
{
|
{
|
||||||
|
msg = "This route only accepts POST.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
request = JsonDecode(HttpServerStream(args->context));
|
request = JsonDecode(HttpServerStream(args->context));
|
||||||
|
|
|
@ -47,8 +47,8 @@ ROUTE_IMPL(RouteStaticResources, path, argp)
|
||||||
"function findGetParameter(parameterName) {"
|
"function findGetParameter(parameterName) {"
|
||||||
" var result = null;"
|
" var result = null;"
|
||||||
" var tmp = [];"
|
" var tmp = [];"
|
||||||
" var items = location.search.substr(1).split(\"&\");"
|
" var items = location.search.substr(1).split(\"&\");"
|
||||||
" for (var index = 0; index < items.length; index++) {"
|
" for (var index = 0; index < items.length; index++) {"
|
||||||
" tmp = items[index].split(\"=\");"
|
" tmp = items[index].split(\"=\");"
|
||||||
" if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);"
|
" if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);"
|
||||||
" }"
|
" }"
|
||||||
|
|
|
@ -41,13 +41,15 @@ ROUTE_IMPL(RouteTokenValid, path, argp)
|
||||||
RegTokenInfo *info = NULL;
|
RegTokenInfo *info = NULL;
|
||||||
|
|
||||||
char *tokenstr;
|
char *tokenstr;
|
||||||
|
char *msg;
|
||||||
|
|
||||||
(void) path;
|
(void) path;
|
||||||
|
|
||||||
if (HttpRequestMethodGet(args->context) != HTTP_GET)
|
if (HttpRequestMethodGet(args->context) != HTTP_GET)
|
||||||
{
|
{
|
||||||
|
msg = "This route only accepts GET.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
request = JsonDecode(HttpServerStream(args->context));
|
request = JsonDecode(HttpServerStream(args->context));
|
||||||
|
|
|
@ -36,6 +36,8 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
||||||
char *authType = ArrayGet(path, 0);
|
char *authType = ArrayGet(path, 0);
|
||||||
char *sessionId;
|
char *sessionId;
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
if (!authType)
|
if (!authType)
|
||||||
{
|
{
|
||||||
/* This should never happen */
|
/* This should never happen */
|
||||||
|
@ -56,9 +58,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
||||||
config = ConfigLock(args->matrixArgs->db);
|
config = ConfigLock(args->matrixArgs->db);
|
||||||
if (!config)
|
if (!config)
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error: failed to lock configuration.";
|
||||||
Log(LOG_ERR, "UIA fallback failed to lock configuration.");
|
Log(LOG_ERR, "UIA fallback failed to lock configuration.");
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
return MatrixErrorCreate(M_UNKNOWN, NULL);
|
return MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
request = JsonDecode(HttpServerStream(args->context));
|
request = JsonDecode(HttpServerStream(args->context));
|
||||||
|
@ -93,15 +96,17 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
||||||
}
|
}
|
||||||
else if (HttpRequestMethodGet(args->context) != HTTP_GET)
|
else if (HttpRequestMethodGet(args->context) != HTTP_GET)
|
||||||
{
|
{
|
||||||
|
msg = "Route only supports GET.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
sessionId = HashMapGet(requestParams, "session");
|
sessionId = HashMapGet(requestParams, "session");
|
||||||
if (!sessionId)
|
if (!sessionId)
|
||||||
{
|
{
|
||||||
|
msg = "'session' parameter is unset.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
return MatrixErrorCreate(M_MISSING_PARAM, NULL);
|
return MatrixErrorCreate(M_MISSING_PARAM, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
HttpResponseHeader(args->context, "Content-Type", "text/html");
|
HttpResponseHeader(args->context, "Content-Type", "text/html");
|
||||||
|
@ -121,25 +126,25 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
||||||
HtmlEndForm(stream);
|
HtmlEndForm(stream);
|
||||||
HtmlBeginJs(stream);
|
HtmlBeginJs(stream);
|
||||||
StreamPrintf(stream,
|
StreamPrintf(stream,
|
||||||
"function buildRequest() {"
|
"function buildRequest() {"
|
||||||
" let user = document.getElementById('user').value;"
|
" let user = document.getElementById('user').value;"
|
||||||
" let pass = document.getElementById('password').value;"
|
" let pass = document.getElementById('password').value;"
|
||||||
" if (!user || !pass) {"
|
" if (!user || !pass) {"
|
||||||
" setFormError('Please specify a username and password.');"
|
" setFormError('Please specify a username and password.');"
|
||||||
" return false;"
|
" return false;"
|
||||||
" }"
|
" }"
|
||||||
" return {"
|
" return {"
|
||||||
" auth: {"
|
" auth: {"
|
||||||
" type: '%s',"
|
" type: '%s',"
|
||||||
" identifier: {"
|
" identifier: {"
|
||||||
" type: 'm.id.user',"
|
" type: 'm.id.user',"
|
||||||
" user: user"
|
" user: user"
|
||||||
" },"
|
" },"
|
||||||
" password: pass,"
|
" password: pass,"
|
||||||
" session: '%s'"
|
" session: '%s'"
|
||||||
" }"
|
" }"
|
||||||
" };"
|
" };"
|
||||||
"}", authType, sessionId);
|
"}", authType, sessionId);
|
||||||
HtmlEndJs(stream);
|
HtmlEndJs(stream);
|
||||||
}
|
}
|
||||||
else if (StrEquals(authType, "m.login.registration_token"))
|
else if (StrEquals(authType, "m.login.registration_token"))
|
||||||
|
@ -186,10 +191,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
|
||||||
"function processResponse(xhr) {"
|
"function processResponse(xhr) {"
|
||||||
" let r = JSON.parse(xhr.responseText);"
|
" let r = JSON.parse(xhr.responseText);"
|
||||||
" console.log(r);"
|
" console.log(r);"
|
||||||
" if (xhr.status == 200 || r.completed.includes('%s')) {"
|
" if (xhr.status == 200 || r.completed.includes('%s')) {"
|
||||||
" if (window.onAuthDone) {"
|
" if (window.onAuthDone) {"
|
||||||
" window.onAuthDone();"
|
" window.onAuthDone();"
|
||||||
" } else if (window.opener && window.opener.postMessage) {"
|
" } else if (window.opener && window.opener.postMessage) {"
|
||||||
" window.opener.postMessage('authDone', '*');"
|
" window.opener.postMessage('authDone', '*');"
|
||||||
" } else {"
|
" } else {"
|
||||||
" setFormError('Client error.');"
|
" setFormError('Client error.');"
|
||||||
|
|
|
@ -48,6 +48,8 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
||||||
char *token = NULL;
|
char *token = NULL;
|
||||||
char *value = NULL;
|
char *value = NULL;
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
Config *config = ConfigLock(db);
|
Config *config = ConfigLock(db);
|
||||||
|
|
||||||
if (!config)
|
if (!config)
|
||||||
|
@ -63,15 +65,18 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
||||||
userId = UserIdParse(username, serverName);
|
userId = UserIdParse(username, serverName);
|
||||||
if (!userId)
|
if (!userId)
|
||||||
{
|
{
|
||||||
|
msg = "Invalid user ID.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
|
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
if (strcmp(userId->server, serverName))
|
if (strcmp(userId->server, serverName))
|
||||||
{
|
{
|
||||||
/* TODO: Implement lookup over federation. */
|
/* TODO: Implement lookup over federation. */
|
||||||
|
msg = "User profile endpoint currently doesn't support lookup over "
|
||||||
|
"federation.";
|
||||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -82,8 +87,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
||||||
user = UserLock(db, userId->localpart);
|
user = UserLock(db, userId->localpart);
|
||||||
if (!user)
|
if (!user)
|
||||||
{
|
{
|
||||||
|
msg = "Couldn't lock user.";
|
||||||
HttpResponseStatus(args->context, HTTP_NOT_FOUND);
|
HttpResponseStatus(args->context, HTTP_NOT_FOUND);
|
||||||
response = MatrixErrorCreate(M_NOT_FOUND, NULL);
|
response = MatrixErrorCreate(M_NOT_FOUND, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -138,7 +144,7 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
||||||
StrEquals(entry, "avatar_url"))
|
StrEquals(entry, "avatar_url"))
|
||||||
{
|
{
|
||||||
/* Check if user has privilege to do that action. */
|
/* Check if user has privilege to do that action. */
|
||||||
if (strcmp(userId->localpart, UserGetName(user)) == 0)
|
if (StrEquals(userId->localpart, UserGetName(user)))
|
||||||
{
|
{
|
||||||
value = JsonValueAsString(HashMapGet(request, entry));
|
value = JsonValueAsString(HashMapGet(request, entry));
|
||||||
/* TODO: Make UserSetProfile notify other
|
/* TODO: Make UserSetProfile notify other
|
||||||
|
@ -148,14 +154,16 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
/* User is not allowed to carry-on the action */
|
/* User is not allowed to carry-on the action */
|
||||||
|
msg = "Cannot change another user's profile.";
|
||||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||||
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
|
response = MatrixErrorCreate(M_FORBIDDEN, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
msg = "Invalid property being changed.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
|
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -166,8 +174,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
|
msg = "Route only accepts GET and PUT.";
|
||||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||||
response = MatrixErrorCreate(M_UNKNOWN, NULL);
|
response = MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
finish:
|
finish:
|
||||||
|
|
|
@ -37,11 +37,14 @@ ROUTE_IMPL(RouteWellKnown, path, argp)
|
||||||
|
|
||||||
Config *config = ConfigLock(args->matrixArgs->db);
|
Config *config = ConfigLock(args->matrixArgs->db);
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
if (!config)
|
if (!config)
|
||||||
{
|
{
|
||||||
Log(LOG_ERR, "Well-known endpoint failed to lock configuration.");
|
Log(LOG_ERR, "Well-known endpoint failed to lock configuration.");
|
||||||
|
msg = "Internal server error: couldn't lock database.";
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
return MatrixErrorCreate(M_UNKNOWN, NULL);
|
return MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (StrEquals(ArrayGet(path, 0), "client"))
|
if (StrEquals(ArrayGet(path, 0), "client"))
|
||||||
|
|
|
@ -42,14 +42,16 @@ ROUTE_IMPL(RouteWhoami, path, argp)
|
||||||
char *token;
|
char *token;
|
||||||
char *userID;
|
char *userID;
|
||||||
char *deviceID;
|
char *deviceID;
|
||||||
|
char *msg;
|
||||||
|
|
||||||
Config *config = ConfigLock(db);
|
Config *config = ConfigLock(db);
|
||||||
|
|
||||||
if (!config)
|
if (!config)
|
||||||
{
|
{
|
||||||
|
msg = "Internal server error: couldn't lock database.";
|
||||||
Log(LOG_ERR, "Who am I endpoint failed to lock configuration.");
|
Log(LOG_ERR, "Who am I endpoint failed to lock configuration.");
|
||||||
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
|
||||||
return MatrixErrorCreate(M_UNKNOWN, NULL);
|
return MatrixErrorCreate(M_UNKNOWN, msg);
|
||||||
}
|
}
|
||||||
|
|
||||||
(void) path;
|
(void) path;
|
||||||
|
|
11
src/Uia.c
11
src/Uia.c
|
@ -222,6 +222,8 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
||||||
HashMap *dbJson;
|
HashMap *dbJson;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
char *msg;
|
||||||
|
|
||||||
if (!flows)
|
if (!flows)
|
||||||
{
|
{
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -242,8 +244,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
||||||
|
|
||||||
if (JsonValueType(val) != JSON_OBJECT)
|
if (JsonValueType(val) != JSON_OBJECT)
|
||||||
{
|
{
|
||||||
|
msg = "'auth' is not an object.";
|
||||||
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
||||||
*response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
*response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -252,8 +255,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
||||||
|
|
||||||
if (!val || JsonValueType(val) != JSON_STRING)
|
if (!val || JsonValueType(val) != JSON_STRING)
|
||||||
{
|
{
|
||||||
|
msg = "'auth->session' is unset or not a string.";
|
||||||
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
||||||
*response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
*response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -311,8 +315,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
||||||
|
|
||||||
if (!val || JsonValueType(val) != JSON_STRING)
|
if (!val || JsonValueType(val) != JSON_STRING)
|
||||||
{
|
{
|
||||||
|
msg = "'auth->type' is unset or not a string.";
|
||||||
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
||||||
*response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
*response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||||
ret = 0;
|
ret = 0;
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue