diff --git a/src/accesscontrol.js b/src/accesscontrol.js index e5a5431c1..64999ae78 100644 --- a/src/accesscontrol.js +++ b/src/accesscontrol.js @@ -31,7 +31,6 @@ var assert = require('assert'), debug = require('debug')('box:accesscontrol'), tokendb = require('./tokendb.js'), users = require('./users.js'), - UsersError = users.UsersError, _ = require('underscore'); // returns scopes that does not have wildcards and is sorted @@ -125,7 +124,7 @@ function validateToken(accessToken, callback) { if (error) return callback(error); // this triggers 'internal error' in passport users.get(token.identifier, function (error, user) { - if (error && error.reason === UsersError.NOT_FOUND) return callback(null, null /* user */, 'Invalid Token'); // will end up as a 401 + if (error && error.reason === BoxError.NOT_FOUND) return callback(null, null /* user */, 'Invalid Token'); // will end up as a 401 if (error) return callback(error); if (!user.active) return callback(null, null /* user */, 'Invalid Token'); // will end up as a 401 diff --git a/src/clients.js b/src/clients.js index b6a810b52..1acd1cf46 100644 --- a/src/clients.js +++ b/src/clients.js @@ -37,7 +37,6 @@ var apps = require('./apps.js'), accesscontrol = require('./accesscontrol.js'), tokendb = require('./tokendb.js'), users = require('./users.js'), - UsersError = users.UsersError, uuid = require('uuid'), _ = require('underscore'); @@ -239,11 +238,10 @@ function addTokenByUserId(clientId, userId, expiresAt, options, callback) { if (error) return callback(error); users.get(userId, function (error, user) { - if (error && error.reason === UsersError.NOT_FOUND) return callback(new BoxError(BoxError.NOT_FOUND, 'No such user')); - if (error) return callback(new BoxError(BoxError.INTERNAL_ERROR, error)); + if (error) return callback(error); accesscontrol.scopesForUser(user, function (error, userScopes) { - if (error) return callback(new BoxError(BoxError.INTERNAL_ERROR, error)); + if (error) return callback(error); const scope = accesscontrol.canonicalScopeString(result.scope); const authorizedScopes = accesscontrol.intersectScopes(userScopes, scope.split(',')); diff --git a/src/externalldap.js b/src/externalldap.js index faa305681..c7d8b84eb 100644 --- a/src/externalldap.js +++ b/src/externalldap.js @@ -17,8 +17,7 @@ var assert = require('assert'), ldap = require('ldapjs'), settings = require('./settings.js'), tasks = require('./tasks.js'), - users = require('./users.js'), - UserError = users.UsersError; + users = require('./users.js'); // performs service bind if required function getClient(externalLdapConfig, callback) { @@ -164,7 +163,7 @@ function sync(progressCallback, callback) { if (user.dn === externalLdapConfig.bindDn) return callback(); users.getByUsername(user.uid, function (error, result) { - if (error && error.reason !== UserError.NOT_FOUND) { + if (error && error.reason !== BoxError.NOT_FOUND) { console.error(error); return callback(); } diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js index 760c6ea77..9e8c64fcd 100644 --- a/src/routes/oauth2.js +++ b/src/routes/oauth2.js @@ -38,7 +38,6 @@ var apps = require('../apps.js'), speakeasy = require('speakeasy'), url = require('url'), users = require('../users.js'), - UsersError = users.UsersError, util = require('util'), _ = require('underscore'); @@ -301,7 +300,7 @@ function passwordResetRequest(req, res, next) { debug('passwordResetRequest: email or username %s.', req.body.identifier); users.resetPasswordByIdentifier(req.body.identifier, function (error) { - if (error && error.reason !== UsersError.NOT_FOUND) { + if (error && error.reason !== BoxError.NOT_FOUND) { console.error(error); return sendErrorPageOrRedirect(req, res, 'User not found'); } @@ -355,9 +354,9 @@ function accountSetup(req, res, next) { var data = _.pick(req.body, 'username', 'displayName'); users.update(userObject.id, data, auditSource(req), function (error) { - if (error && error.reason === UsersError.ALREADY_EXISTS) return renderAccountSetupSite(res, req, userObject, 'Username already exists'); - if (error && error.reason === UsersError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); - if (error && error.reason === UsersError.NOT_FOUND) return renderAccountSetupSite(res, req, userObject, 'No such user'); + if (error && error.reason === BoxError.ALREADY_EXISTS) return renderAccountSetupSite(res, req, userObject, 'Username already exists'); + if (error && error.reason === BoxError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); + if (error && error.reason === BoxError.NOT_FOUND) return renderAccountSetupSite(res, req, userObject, 'No such user'); if (error) return next(new HttpError(500, error)); userObject.username = req.body.username; @@ -365,7 +364,7 @@ function accountSetup(req, res, next) { // setPassword clears the resetToken users.setPassword(userObject.id, req.body.password, function (error) { - if (error && error.reason === UsersError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); + if (error && error.reason === BoxError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); if (error) return next(new HttpError(500, error)); clients.addTokenByUserId('cid-webadmin', userObject.id, Date.now() + constants.DEFAULT_TOKEN_EXPIRATION, {}, function (error, result) { @@ -413,7 +412,7 @@ function passwordReset(req, res, next) { // setPassword clears the resetToken users.setPassword(userObject.id, req.body.password, function (error) { - if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(406, error.message)); + if (error && error.reason === BoxError.BAD_FIELD) return next(new HttpError(406, error.message)); if (error) return next(new HttpError(500, error)); clients.addTokenByUserId('cid-webadmin', userObject.id, Date.now() + constants.DEFAULT_TOKEN_EXPIRATION, {}, function (error, result) { diff --git a/src/routes/users.js b/src/routes/users.js index aac74c946..97c65678b 100644 --- a/src/routes/users.js +++ b/src/routes/users.js @@ -25,6 +25,7 @@ function toHttpError(error) { case BoxError.NOT_FOUND: return new HttpError(404, error); case BoxError.ALREADY_EXISTS: + case BoxError.CONFLICT: return new HttpError(409, error); case BoxError.BAD_FIELD: return new HttpError(400, error); diff --git a/src/test/users-test.js b/src/test/users-test.js index 28afe09db..e0b1464d4 100644 --- a/src/test/users-test.js +++ b/src/test/users-test.js @@ -6,6 +6,7 @@ 'use strict'; var async = require('async'), + BoxError = require('../boxerror.js'), database = require('../database.js'), constants = require('../constants.js'), expect = require('expect.js'), @@ -19,8 +20,7 @@ var async = require('async'), mailer = require('../mailer.js'), settings = require('../settings.js'), userdb = require('../userdb.js'), - users = require('../users.js'), - UsersError = users.UsersError; + users = require('../users.js'); var USERNAME = 'noBody'; var USERNAME_NEW = 'noBodyNew'; @@ -115,7 +115,7 @@ describe('User', function () { users.create(USERNAME, 'Fo$%23', EMAIL, DISPLAY_NAME, { }, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.BAD_FIELD); + expect(error.reason).to.equal(BoxError.BAD_FIELD); done(); }); @@ -125,7 +125,7 @@ describe('User', function () { users.create('admin', PASSWORD, EMAIL, DISPLAY_NAME, { }, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.BAD_FIELD); + expect(error.reason).to.equal(BoxError.BAD_FIELD); done(); }); @@ -135,7 +135,7 @@ describe('User', function () { users.create('moo+daemon', PASSWORD, EMAIL, DISPLAY_NAME, { }, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.BAD_FIELD); + expect(error.reason).to.equal(BoxError.BAD_FIELD); done(); }); @@ -145,7 +145,7 @@ describe('User', function () { users.create('', PASSWORD, EMAIL, DISPLAY_NAME, { }, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.BAD_FIELD); + expect(error.reason).to.equal(BoxError.BAD_FIELD); done(); }); @@ -155,7 +155,7 @@ describe('User', function () { users.create(new Array(257).fill('Z').join(''), PASSWORD, EMAIL, DISPLAY_NAME, { }, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.BAD_FIELD); + expect(error.reason).to.equal(BoxError.BAD_FIELD); done(); }); @@ -165,7 +165,7 @@ describe('User', function () { users.create('maybe.app', PASSWORD, EMAIL, DISPLAY_NAME, { }, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.BAD_FIELD); + expect(error.reason).to.equal(BoxError.BAD_FIELD); done(); }); @@ -187,7 +187,7 @@ describe('User', function () { users.create(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, { }, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).not.to.be.ok(); - expect(error.reason).to.equal(UsersError.ALREADY_EXISTS); + expect(error.reason).to.equal(BoxError.ALREADY_EXISTS); done(); }); @@ -197,7 +197,7 @@ describe('User', function () { users.create(USERNAME, '', EMAIL, DISPLAY_NAME, { }, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).not.to.be.ok(); - expect(error.reason).to.equal(UsersError.BAD_FIELD); + expect(error.reason).to.equal(BoxError.BAD_FIELD); done(); }); @@ -210,7 +210,7 @@ describe('User', function () { it('fails because there is no owner', function (done) { users.getOwner(function (error) { - expect(error.reason).to.be(UsersError.NOT_FOUND); + expect(error.reason).to.be(BoxError.NOT_FOUND); done(); }); }); @@ -236,7 +236,7 @@ describe('User', function () { users.verify('somerandomid', PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.NOT_FOUND); + expect(error.reason).to.equal(BoxError.NOT_FOUND); done(); }); @@ -246,7 +246,7 @@ describe('User', function () { users.verify(userObject.id, '', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); @@ -256,7 +256,7 @@ describe('User', function () { users.verify(userObject.id, PASSWORD+PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); @@ -273,8 +273,8 @@ describe('User', function () { it('fails for ghost if not enabled', function (done) { users.verify(userObject.id, 'foobar', function (error) { - expect(error).to.be.a(UsersError); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error).to.be.a(BoxError); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); }); @@ -287,8 +287,8 @@ describe('User', function () { users.verify(userObject.id, 'foobar', function (error) { fs.unlinkSync(constants.GHOST_USER_FILE); - expect(error).to.be.a(UsersError); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error).to.be.a(BoxError); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); }); @@ -336,7 +336,7 @@ describe('User', function () { users.verifyWithUsername(USERNAME+USERNAME, PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.NOT_FOUND); + expect(error.reason).to.equal(BoxError.NOT_FOUND); done(); }); @@ -346,7 +346,7 @@ describe('User', function () { users.verifyWithUsername(USERNAME, '', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); @@ -356,7 +356,7 @@ describe('User', function () { users.verifyWithUsername(USERNAME, PASSWORD+PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); @@ -389,8 +389,8 @@ describe('User', function () { users.verifyWithUsername(USERNAME, 'foobar', function (error) { fs.unlinkSync(constants.GHOST_USER_FILE); - expect(error).to.be.a(UsersError); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error).to.be.a(BoxError); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); }); @@ -423,7 +423,7 @@ describe('User', function () { users.verifyWithEmail(EMAIL+EMAIL, PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.NOT_FOUND); + expect(error.reason).to.equal(BoxError.NOT_FOUND); done(); }); @@ -433,7 +433,7 @@ describe('User', function () { users.verifyWithEmail(EMAIL, '', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); @@ -443,7 +443,7 @@ describe('User', function () { users.verifyWithEmail(EMAIL, PASSWORD+PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); @@ -476,8 +476,8 @@ describe('User', function () { users.verifyWithEmail(EMAIL, 'foobar', function (error) { fs.unlinkSync(constants.GHOST_USER_FILE); - expect(error).to.be.a(UsersError); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error).to.be.a(BoxError); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); }); @@ -512,7 +512,7 @@ describe('User', function () { users.verify(userObject.id, PASSWORD, function (error) { expect(error).to.be.ok(); - expect(error.reason).to.equal(UsersError.NOT_FOUND); + expect(error.reason).to.equal(BoxError.NOT_FOUND); done(); }); @@ -586,8 +586,8 @@ describe('User', function () { it('fails due to unknown userid', function (done) { var data = { username: USERNAME_NEW, email: EMAIL_NEW, displayName: DISPLAY_NAME_NEW }; users.update(USERNAME, data, AUDIT_SOURCE, function (error) { - expect(error).to.be.a(UsersError); - expect(error.reason).to.equal(UsersError.NOT_FOUND); + expect(error).to.be.a(BoxError); + expect(error.reason).to.equal(BoxError.NOT_FOUND); done(); }); @@ -596,8 +596,8 @@ describe('User', function () { it('fails due to invalid email', function (done) { var data = { username: USERNAME_NEW, email: 'brokenemailaddress', displayName: DISPLAY_NAME_NEW }; users.update(userObject.id, data, AUDIT_SOURCE, function (error) { - expect(error).to.be.a(UsersError); - expect(error.reason).to.equal(UsersError.BAD_FIELD); + expect(error).to.be.a(BoxError); + expect(error.reason).to.equal(BoxError.BAD_FIELD); done(); }); @@ -804,7 +804,7 @@ describe('User', function () { users.verify(userObject.id, PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UsersError.INVALID_CREDENTIALS); + expect(error.reason).to.equal(BoxError.INVALID_CREDENTIALS); done(); }); }); @@ -824,16 +824,16 @@ describe('User', function () { it('fails due to unkown email', function (done) { users.resetPasswordByIdentifier('unknown@mail.com', function (error) { - expect(error).to.be.an(UsersError); - expect(error.reason).to.eql(UsersError.NOT_FOUND); + expect(error).to.be.an(BoxError); + expect(error.reason).to.eql(BoxError.NOT_FOUND); done(); }); }); it('fails due to unkown username', function (done) { users.resetPasswordByIdentifier('unknown', function (error) { - expect(error).to.be.an(UsersError); - expect(error.reason).to.eql(UsersError.NOT_FOUND); + expect(error).to.be.an(BoxError); + expect(error.reason).to.eql(BoxError.NOT_FOUND); done(); }); }); @@ -859,8 +859,8 @@ describe('User', function () { it('fails for unknown user', function (done) { users.sendInvite('unknown user', { }, function (error) { - expect(error).to.be.a(UsersError); - expect(error.reason).to.equal(UsersError.NOT_FOUND); + expect(error).to.be.a(BoxError); + expect(error.reason).to.equal(BoxError.NOT_FOUND); checkMails(0, done); }); @@ -895,7 +895,7 @@ describe('User', function () { it('fails for unknown user', function (done) { users.remove('unknown', AUDIT_SOURCE, function (error) { - expect(error.reason).to.be(UsersError.NOT_FOUND); + expect(error.reason).to.be(BoxError.NOT_FOUND); done(); }); }); diff --git a/src/users.js b/src/users.js index e1a036092..af8e330e3 100644 --- a/src/users.js +++ b/src/users.js @@ -553,7 +553,7 @@ function sendInvite(userId, options, callback) { userdb.get(userId, function (error, userObject) { if (error) return callback(error); - if (!userObject.resetToken) return callback(new BoxError(BoxError.BAD_FIELD, 'Must generate resetToken to send inivitation')); + if (!userObject.resetToken) return callback(new BoxError(BoxError.CONFLICT, 'Must generate resetToken to send invitation')); mailer.sendInvite(userObject, options.invitor || null);