Skip to content
Snippets Groups Projects
Commit d8ac5668 authored by michael.minelli's avatar michael.minelli
Browse files

GitlabManager => checkTemplateAccess: Return boolean if res is undefined

parent 9f589825
No related branches found
No related tags found
1 merge request!3Return error when client headers are missing (issue #19)
Pipeline #30020 passed
......@@ -64,12 +64,14 @@ class Session {
Send a response to the client
Information: Data could be a promise or an object. If it's a promise, we wait on the data to be resolved before sending the response
*/
sendResponse(res: express.Response, code: number, data?: unknown, descriptionOverride?: string, internalCode?: number) {
Promise.resolve(data).then((toReturn: unknown) => {
this.getResponse(internalCode ?? code, toReturn, descriptionOverride).then(response => {
res.status(code).json(response);
sendResponse(res: express.Response | undefined, code: number, data?: unknown, descriptionOverride?: string, internalCode?: number) {
if ( res ) {
Promise.resolve(data).then((toReturn: unknown) => {
this.getResponse(internalCode ?? code, toReturn, descriptionOverride).then(response => {
res.status(code).json(response);
});
});
});
}
}
}
......
import Config from '../config/Config';
import { StatusCodes } from 'http-status-codes';
import { CustomValidator, ErrorMessage, FieldMessageFactory, Meta } from 'express-validator/src/base';
import { BailOptions, ValidationChain } from 'express-validator/src/chain';
import GitlabManager from '../managers/GitlabManager';
......@@ -63,7 +62,7 @@ class DojoValidators {
const template = this.getParamValue(req, path) as string;
if ( template ) {
GitlabManager.checkTemplateAccess(template, req).then(templateAccess => {
templateAccess !== StatusCodes.OK ? reject() : resolve(true);
templateAccess ? resolve(true) : reject();
});
}
resolve(true);
......
......@@ -170,18 +170,18 @@ class GitlabManager {
return response.data;
}
async checkTemplateAccess(projectIdOrNamespace: string, req: express.Request, res: express.Response) {
async checkTemplateAccess(projectIdOrNamespace: string, req: express.Request, res?: express.Response): Promise<boolean> {
// Get the Gitlab project and check if it have public or internal visibility
try {
const project: GitlabRepository = await this.getRepository(projectIdOrNamespace);
if ( [ GitlabVisibility.PUBLIC.valueOf(), GitlabVisibility.INTERNAL.valueOf() ].includes(project.visibility) ) {
req.session.sendResponse(res, StatusCodes.OK);
return;
return true;
}
} catch ( e ) {
req.session.sendResponse(res, StatusCodes.NOT_FOUND, undefined, 'Template not found', DojoStatusCode.GITLAB_TEMPLATE_NOT_FOUND);
return;
return false;
}
// Check if the user and dojo are members (with at least reporter access) of the project
......@@ -202,8 +202,10 @@ class GitlabManager {
if ( isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ) {
req.session.sendResponse(res, StatusCodes.OK);
return true;
} else {
req.session.sendResponse(res, StatusCodes.UNAUTHORIZED, undefined, 'Template access unauthorized', DojoStatusCode.GITLAB_TEMPLATE_ACCESS_UNAUTHORIZED);
return false;
}
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment