diff --git a/ExpressAPI/src/controllers/Session.ts b/ExpressAPI/src/controllers/Session.ts
index 7be2dea13261c51b0ffe270ca5ba183eb3277a4a..d264c7aa4a86ffdeea59c8f9cf55a82d7e049022 100644
--- a/ExpressAPI/src/controllers/Session.ts
+++ b/ExpressAPI/src/controllers/Session.ts
@@ -64,12 +64,14 @@ class Session {
Send a response to the client
Information: Data could be a promise or an object. If it's a promise, we wait on the data to be resolved before sending the response
*/
- sendResponse(res: express.Response, code: number, data?: unknown, descriptionOverride?: string, internalCode?: number) {
- Promise.resolve(data).then((toReturn: unknown) => {
- this.getResponse(internalCode ?? code, toReturn, descriptionOverride).then(response => {
- res.status(code).json(response);
+ sendResponse(res: express.Response | undefined, code: number, data?: unknown, descriptionOverride?: string, internalCode?: number) {
+ if ( res ) {
+ Promise.resolve(data).then((toReturn: unknown) => {
+ this.getResponse(internalCode ?? code, toReturn, descriptionOverride).then(response => {
+ res.status(code).json(response);
+ });
});
- });
+ }
}
}
diff --git a/ExpressAPI/src/helpers/DojoValidators.ts b/ExpressAPI/src/helpers/DojoValidators.ts
index 2f3797f5a0bb62604b920dc2b725a4382d334911..442f1608730d62f94772846d00fdfc28235d4406 100644
--- a/ExpressAPI/src/helpers/DojoValidators.ts
+++ b/ExpressAPI/src/helpers/DojoValidators.ts
@@ -1,5 +1,4 @@
import Config from '../config/Config';
-import { StatusCodes } from 'http-status-codes';
import { CustomValidator, ErrorMessage, FieldMessageFactory, Meta } from 'express-validator/src/base';
import { BailOptions, ValidationChain } from 'express-validator/src/chain';
import GitlabManager from '../managers/GitlabManager';
@@ -63,7 +62,7 @@ class DojoValidators {
const template = this.getParamValue(req, path) as string;
if ( template ) {
GitlabManager.checkTemplateAccess(template, req).then(templateAccess => {
- templateAccess !== StatusCodes.OK ? reject() : resolve(true);
+ templateAccess ? resolve(true) : reject();
});
}
resolve(true);
diff --git a/ExpressAPI/src/managers/GitlabManager.ts b/ExpressAPI/src/managers/GitlabManager.ts
index c03c34b2d31cb260f4f2a0c7cf3fe0602cc9312c..528d24dd41e5da167008484c70f0802eb05b0353 100644
--- a/ExpressAPI/src/managers/GitlabManager.ts
+++ b/ExpressAPI/src/managers/GitlabManager.ts
@@ -170,18 +170,18 @@ class GitlabManager {
return response.data;
}
- async checkTemplateAccess(projectIdOrNamespace: string, req: express.Request, res: express.Response) {
+ async checkTemplateAccess(projectIdOrNamespace: string, req: express.Request, res?: express.Response): Promise<boolean> {
// Get the Gitlab project and check if it have public or internal visibility
try {
const project: GitlabRepository = await this.getRepository(projectIdOrNamespace);
if ( [ GitlabVisibility.PUBLIC.valueOf(), GitlabVisibility.INTERNAL.valueOf() ].includes(project.visibility) ) {
req.session.sendResponse(res, StatusCodes.OK);
- return;
+ return true;
}
} catch ( e ) {
req.session.sendResponse(res, StatusCodes.NOT_FOUND, undefined, 'Template not found', DojoStatusCode.GITLAB_TEMPLATE_NOT_FOUND);
- return;
+ return false;
}
// Check if the user and dojo are members (with at least reporter access) of the project
@@ -202,8 +202,10 @@ class GitlabManager {
if ( isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ) {
req.session.sendResponse(res, StatusCodes.OK);
+ return true;
} else {
req.session.sendResponse(res, StatusCodes.UNAUTHORIZED, undefined, 'Template access unauthorized', DojoStatusCode.GITLAB_TEMPLATE_ACCESS_UNAUTHORIZED);
+ return false;
}
}