From c39a9430a2e945d85cefb3efd64af136febd7951 Mon Sep 17 00:00:00 2001 From: Philip Molares Date: Sun, 8 Jan 2023 16:08:51 +0100 Subject: [PATCH] feat(backend): add RegistrationDisabledError This error is thrown by RegistrationEnabledGuard instead of directly throwing an http error. The new RegistrationDisabledError is mapped to the Forbidden HTTP code 403, since this better represents the actual error. Signed-off-by: Philip Molares --- backend/src/api/private/auth/auth.controller.ts | 4 ++-- backend/src/api/utils/registration-enabled.guard.ts | 12 ++++-------- backend/src/errors/error-mapping.ts | 7 ++++++- backend/src/errors/errors.ts | 6 +++++- 4 files changed, 17 insertions(+), 12 deletions(-) diff --git a/backend/src/api/private/auth/auth.controller.ts b/backend/src/api/private/auth/auth.controller.ts index 501d5a8a8..6dbdb9ade 100644 --- a/backend/src/api/private/auth/auth.controller.ts +++ b/backend/src/api/private/auth/auth.controller.ts @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file) + * SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file) * * SPDX-License-Identifier: AGPL-3.0-only */ @@ -53,7 +53,7 @@ export class AuthController { @UseGuards(RegistrationEnabledGuard) @Post('local') - @OpenApi(201, 400, 409) + @OpenApi(201, 400, 403, 409) async registerUser( @Req() request: RequestWithSession, @Body() registerDto: RegisterDto, diff --git a/backend/src/api/utils/registration-enabled.guard.ts b/backend/src/api/utils/registration-enabled.guard.ts index 6289f857f..8d4cce503 100644 --- a/backend/src/api/utils/registration-enabled.guard.ts +++ b/backend/src/api/utils/registration-enabled.guard.ts @@ -1,16 +1,12 @@ /* - * SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file) + * SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file) * * SPDX-License-Identifier: AGPL-3.0-only */ -import { - BadRequestException, - CanActivate, - Inject, - Injectable, -} from '@nestjs/common'; +import { CanActivate, Inject, Injectable } from '@nestjs/common'; import authConfiguration, { AuthConfig } from '../../config/auth.config'; +import { RegistrationDisabledError } from '../../errors/errors'; import { ConsoleLoggerService } from '../../logger/console-logger.service'; @Injectable() @@ -26,7 +22,7 @@ export class RegistrationEnabledGuard implements CanActivate { canActivate(): boolean { if (!this.authConfig.local.enableRegister) { this.logger.debug('User registration is disabled.', 'canActivate'); - throw new BadRequestException('User registration is disabled.'); + throw new RegistrationDisabledError(); } return true; } diff --git a/backend/src/errors/error-mapping.ts b/backend/src/errors/error-mapping.ts index 92de02444..0a31e1ff4 100644 --- a/backend/src/errors/error-mapping.ts +++ b/backend/src/errors/error-mapping.ts @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file) + * SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file) * * SPDX-License-Identifier: AGPL-3.0-only */ @@ -8,6 +8,7 @@ import { BadRequestException, Catch, ConflictException, + ForbiddenException, InternalServerErrorException, NotFoundException, PayloadTooLargeException, @@ -75,6 +76,10 @@ const mapOfHedgeDocErrorsToHttpErrors: Map = 'MaximumDocumentLengthExceededError', (object): HttpException => new PayloadTooLargeException(object), ], + [ + 'RegistrationDisabledError', + (object): HttpException => new ForbiddenException(object), + ], ]); @Catch() diff --git a/backend/src/errors/errors.ts b/backend/src/errors/errors.ts index edfe0936f..4010d420f 100644 --- a/backend/src/errors/errors.ts +++ b/backend/src/errors/errors.ts @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file) + * SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file) * * SPDX-License-Identifier: AGPL-3.0-only */ @@ -59,3 +59,7 @@ export class PasswordTooWeakError extends Error { export class MaximumDocumentLengthExceededError extends Error { name = 'MaximumDocumentLengthExceededError'; } + +export class RegistrationDisabledError extends Error { + name = 'RegistrationDisabledError'; +}