Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Throw internal error with invalid ACL.

Browse Source
This commit is contained in:
Joachim Van Herwegen 2021-07-15 13:01:44 +02:00
parent d4bb1095c0
commit e43b579ae7
4 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/authorization/WebAclAuthorizer.ts
View File

@ -8,7 +8,9 @@ import type { ResourceIdentifier } from '../ldp/representation/ResourceIdentifie
import { getLoggerFor } from '../logging/LogUtil'; import { getLoggerFor } from '../logging/LogUtil';
import type { ResourceStore } from '../storage/ResourceStore'; import type { ResourceStore } from '../storage/ResourceStore';
import { INTERNAL_QUADS } from '../util/ContentTypes'; import { INTERNAL_QUADS } from '../util/ContentTypes';
import { createErrorMessage } from '../util/errors/ErrorUtil';
import { ForbiddenHttpError } from '../util/errors/ForbiddenHttpError'; import { ForbiddenHttpError } from '../util/errors/ForbiddenHttpError';
import { InternalServerError } from '../util/errors/InternalServerError';
import { NotFoundHttpError } from '../util/errors/NotFoundHttpError'; import { NotFoundHttpError } from '../util/errors/NotFoundHttpError';
import { NotImplementedHttpError } from '../util/errors/NotImplementedHttpError'; import { NotImplementedHttpError } from '../util/errors/NotImplementedHttpError';
import { UnauthorizedHttpError } from '../util/errors/UnauthorizedHttpError'; import { UnauthorizedHttpError } from '../util/errors/UnauthorizedHttpError';
@ -214,13 +216,14 @@ export class WebAclAuthorizer extends Authorizer {
const data = await this.resourceStore.getRepresentation(acl, { type: { [INTERNAL_QUADS]: 1 }}); const data = await this.resourceStore.getRepresentation(acl, { type: { [INTERNAL_QUADS]: 1 }});
this.logger.info(`Reading ACL statements from ${acl.path}`); this.logger.info(`Reading ACL statements from ${acl.path}`);
return this.filterData(data, recurse ? ACL.default : ACL.accessTo, id.path); return await this.filterData(data, recurse ? ACL.default : ACL.accessTo, id.path);
} catch (error: unknown) { } catch (error: unknown) {
if (NotFoundHttpError.isInstance(error)) { if (NotFoundHttpError.isInstance(error)) {
this.logger.debug(`No direct ACL document found for ${id.path}`); this.logger.debug(`No direct ACL document found for ${id.path}`);
} else { } else {
this.logger.error(`Error reading ACL for ${id.path}: ${(error as Error).message}`, { error }); const message = `Error reading ACL for ${id.path}: ${createErrorMessage(error)}`;
throw error; this.logger.error(message);
throw new InternalServerError(message, { cause: error });
} }
} }

6
src/init/AclInitializer.ts
View File

@ -48,9 +48,9 @@ export class AclInitializer extends Initializer {
try { try {
await this.store.setRepresentation(rootAcl, new BasicRepresentation(aclDocument, rootAcl, TEXT_TURTLE)); await this.store.setRepresentation(rootAcl, new BasicRepresentation(aclDocument, rootAcl, TEXT_TURTLE));
} catch (error: unknown) { } catch (error: unknown) {
const msg = `There was an issue initializing the root .acl resource: ${createErrorMessage(error)}`; const message = `Issue initializing the root ACL resource: ${createErrorMessage(error)}`;
this.logger.error(msg); this.logger.error(message);
throw new InternalServerError(msg, { cause: error }); throw new InternalServerError(message, { cause: error });
} }
} }
} }

7
test/unit/authorization/WebAclAuthorizer.test.ts
View File

@ -8,6 +8,7 @@ import type { Representation } from '../../../src/ldp/representation/Representat
import type { ResourceIdentifier } from '../../../src/ldp/representation/ResourceIdentifier'; import type { ResourceIdentifier } from '../../../src/ldp/representation/ResourceIdentifier';
import type { ResourceStore } from '../../../src/storage/ResourceStore'; import type { ResourceStore } from '../../../src/storage/ResourceStore';
import { ForbiddenHttpError } from '../../../src/util/errors/ForbiddenHttpError'; import { ForbiddenHttpError } from '../../../src/util/errors/ForbiddenHttpError';
import { InternalServerError } from '../../../src/util/errors/InternalServerError';
import { NotFoundHttpError } from '../../../src/util/errors/NotFoundHttpError'; import { NotFoundHttpError } from '../../../src/util/errors/NotFoundHttpError';
import { NotImplementedHttpError } from '../../../src/util/errors/NotImplementedHttpError'; import { NotImplementedHttpError } from '../../../src/util/errors/NotImplementedHttpError';
import { UnauthorizedHttpError } from '../../../src/util/errors/UnauthorizedHttpError'; import { UnauthorizedHttpError } from '../../../src/util/errors/UnauthorizedHttpError';
@ -145,11 +146,13 @@ describe('A WebAclAuthorizer', (): void => {
await expect(authorizer.handle({ identifier, permissions, credentials })).rejects.toThrow(ForbiddenHttpError); await expect(authorizer.handle({ identifier, permissions, credentials })).rejects.toThrow(ForbiddenHttpError);
}); });
it('passes errors of the ResourceStore along.', async(): Promise<void> => { it('re-throws ResourceStore errors as internal errors.', async(): Promise<void> => {
store.getRepresentation = async(): Promise<Representation> => { store.getRepresentation = async(): Promise<Representation> => {
throw new Error('TEST!'); throw new Error('TEST!');
}; };
await expect(authorizer.handle({ identifier, permissions, credentials })).rejects.toThrow('TEST!'); const promise = authorizer.handle({ identifier, permissions, credentials });
await expect(promise).rejects.toThrow(`Error reading ACL for ${identifier.path}: TEST!`);
await expect(promise).rejects.toThrow(InternalServerError);
}); });
it('errors if the root container has no corresponding acl document.', async(): Promise<void> => { it('errors if the root container has no corresponding acl document.', async(): Promise<void> => {

2
test/unit/init/AclInitializer.test.ts
View File

@ -77,7 +77,7 @@ describe('AclInitializer', (): void => {
const initializer = new AclInitializer({ baseUrl, store, aclStrategy }); const initializer = new AclInitializer({ baseUrl, store, aclStrategy });
const prom = initializer.handle(); const prom = initializer.handle();
await expect(prom).rejects.toThrow('There was an issue initializing the root .acl resource: Fatal'); await expect(prom).rejects.toThrow('Issue initializing the root ACL resource: Fatal');
await expect(prom).rejects.toThrow(InternalServerError); await expect(prom).rejects.toThrow(InternalServerError);
}); });
}); });