diff --git a/src/auth.js b/src/auth.js index 1d39e328d..518041d3e 100644 --- a/src/auth.js +++ b/src/auth.js @@ -20,7 +20,7 @@ var assert = require('assert'), passport = require('passport'), tokendb = require('./tokendb'), users = require('./users.js'), - UserssError = users.UserssError, + UsersError = users.UsersError, _ = require('underscore'); function initialize(callback) { @@ -44,16 +44,16 @@ function initialize(callback) { passport.use(new LocalStrategy(function (username, password, callback) { if (username.indexOf('@') === -1) { users.verifyWithUsername(username, password, function (error, result) { - if (error && error.reason === UserssError.NOT_FOUND) return callback(null, false); - if (error && error.reason === UserssError.WRONG_PASSWORD) return callback(null, false); + if (error && error.reason === UsersError.NOT_FOUND) return callback(null, false); + if (error && error.reason === UsersError.WRONG_PASSWORD) return callback(null, false); if (error) return callback(error); if (!result) return callback(null, false); callback(null, result); }); } else { users.verifyWithEmail(username, password, function (error, result) { - if (error && error.reason === UserssError.NOT_FOUND) return callback(null, false); - if (error && error.reason === UserssError.WRONG_PASSWORD) return callback(null, false); + if (error && error.reason === UsersError.NOT_FOUND) return callback(null, false); + if (error && error.reason === UsersError.WRONG_PASSWORD) return callback(null, false); if (error) return callback(error); if (!result) return callback(null, false); callback(null, result); @@ -74,8 +74,8 @@ function initialize(callback) { }); } else { users.verifyWithUsername(username, password, function (error, result) { - if (error && error.reason === UserssError.NOT_FOUND) return callback(null, false); - if (error && error.reason === UserssError.WRONG_PASSWORD) return callback(null, false); + if (error && error.reason === UsersError.NOT_FOUND) return callback(null, false); + if (error && error.reason === UsersError.WRONG_PASSWORD) return callback(null, false); if (error) return callback(error); if (!result) return callback(null, false); callback(null, result); @@ -116,7 +116,7 @@ function accessTokenAuth(accessToken, callback) { var info = { scope: token.scope }; users.get(token.identifier, function (error, user) { - if (error && error.reason === UserssError.NOT_FOUND) return callback(null, false); + if (error && error.reason === UsersError.NOT_FOUND) return callback(null, false); if (error) return callback(error); callback(null, user, info); diff --git a/src/ldap.js b/src/ldap.js index a4d1ad899..d144170d9 100644 --- a/src/ldap.js +++ b/src/ldap.js @@ -14,7 +14,7 @@ var assert = require('assert'), debug = require('debug')('box:ldap'), eventlog = require('./eventlog.js'), users = require('./users.js'), - UserssError = users.UserssError, + UsersError = users.UsersError, ldap = require('ldapjs'), mail = require('./mail.js'), MailError = mail.MailError, @@ -388,8 +388,8 @@ function authenticateUser(req, res, next) { } api(commonName, req.credentials || '', function (error, user) { - if (error && error.reason === UserssError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString())); - if (error && error.reason === UserssError.WRONG_PASSWORD) return next(new ldap.InvalidCredentialsError(req.dn.toString())); + if (error && error.reason === UsersError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString())); + if (error && error.reason === UsersError.WRONG_PASSWORD) return next(new ldap.InvalidCredentialsError(req.dn.toString())); if (error) return next(new ldap.OperationsError(error.message)); req.user = user; @@ -452,8 +452,8 @@ function authenticateMailbox(req, res, next) { if (!domain.enabled) return next(new ldap.NoSuchObjectError(req.dn.toString())); users.verify(mailbox.ownerId, req.credentials || '', function (error, result) { - if (error && error.reason === UserssError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString())); - if (error && error.reason === UserssError.WRONG_PASSWORD) return next(new ldap.InvalidCredentialsError(req.dn.toString())); + if (error && error.reason === UsersError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString())); + if (error && error.reason === UsersError.WRONG_PASSWORD) return next(new ldap.InvalidCredentialsError(req.dn.toString())); if (error) return next(new ldap.OperationsError(error.message)); eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', mailboxId: email }, { userId: result.id, user: users.removePrivateFields(result) }); diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js index fa7d1d942..560f45328 100644 --- a/src/routes/oauth2.js +++ b/src/routes/oauth2.js @@ -22,7 +22,7 @@ var apps = require('../apps'), tokendb = require('../tokendb'), url = require('url'), users = require('../users.js'), - UserssError = users.UserssError, + UsersError = users.UsersError, util = require('util'), _ = require('underscore'); @@ -300,7 +300,7 @@ function passwordResetRequest(req, res, next) { debug('passwordResetRequest: email or username %s.', req.body.identifier); users.resetPasswordByIdentifier(req.body.identifier, function (error) { - if (error && error.reason !== UserssError.NOT_FOUND) { + if (error && error.reason !== UsersError.NOT_FOUND) { console.error(error); return sendErrorPageOrRedirect(req, res, 'User not found'); } @@ -351,9 +351,9 @@ function accountSetup(req, res, next) { var data = _.pick(req.body, 'username', 'displayName'); users.update(userObject.id, data, auditSource(req), function (error) { - if (error && error.reason === UserssError.ALREADY_EXISTS) return renderAccountSetupSite(res, req, userObject, 'Username already exists'); - if (error && error.reason === UserssError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); - if (error && error.reason === UserssError.NOT_FOUND) return renderAccountSetupSite(res, req, userObject, 'No such user'); + if (error && error.reason === UsersError.ALREADY_EXISTS) return renderAccountSetupSite(res, req, userObject, 'Username already exists'); + if (error && error.reason === UsersError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); + if (error && error.reason === UsersError.NOT_FOUND) return renderAccountSetupSite(res, req, userObject, 'No such user'); if (error) return next(new HttpError(500, error)); userObject.username = req.body.username; @@ -361,7 +361,7 @@ function accountSetup(req, res, next) { // setPassword clears the resetToken users.setPassword(userObject.id, req.body.password, function (error, result) { - if (error && error.reason === UserssError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); + if (error && error.reason === UsersError.BAD_FIELD) return renderAccountSetupSite(res, req, userObject, error.message); if (error) return next(new HttpError(500, error)); @@ -403,7 +403,7 @@ function passwordReset(req, res, next) { // setPassword clears the resetToken users.setPassword(userObject.id, req.body.password, function (error, result) { - if (error && error.reason === UserssError.BAD_FIELD) return next(new HttpError(406, error.message)); + if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(406, error.message)); if (error) return next(new HttpError(500, error)); res.redirect(util.format('%s?accessToken=%s&expiresAt=%s', config.adminOrigin(), result.token, result.expiresAt)); diff --git a/src/routes/profile.js b/src/routes/profile.js index 67a34ce81..87176e9fd 100644 --- a/src/routes/profile.js +++ b/src/routes/profile.js @@ -13,7 +13,7 @@ var assert = require('assert'), HttpError = require('connect-lastmile').HttpError, HttpSuccess = require('connect-lastmile').HttpSuccess, users = require('../users.js'), - UserssError = users.UserssError, + UsersError = users.UsersError, _ = require('underscore'); function auditSource(req) { @@ -46,9 +46,9 @@ function update(req, res, next) { var data = _.pick(req.body, 'email', 'fallbackEmail', 'displayName'); users.update(req.user.id, data, auditSource(req), function (error) { - if (error && error.reason === UserssError.BAD_FIELD) return next(new HttpError(400, error.message)); - if (error && error.reason === UserssError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); - if (error && error.reason === UserssError.NOT_FOUND) return next(new HttpError(404, 'User not found')); + if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(400, error.message)); + if (error && error.reason === UsersError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); + if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'User not found')); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(204)); @@ -62,8 +62,8 @@ function changePassword(req, res, next) { if (typeof req.body.newPassword !== 'string') return next(new HttpError(400, 'newPassword must be a string')); users.setPassword(req.user.id, req.body.newPassword, function (error) { - if (error && error.reason === UserssError.BAD_FIELD) return next(new HttpError(400, error.message)); - if (error && error.reason === UserssError.NOT_FOUND) return next(new HttpError(403, 'Wrong password')); + if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(400, error.message)); + if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(403, 'Wrong password')); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(204)); @@ -74,7 +74,7 @@ function setTwoFactorAuthenticationSecret(req, res, next) { assert.strictEqual(typeof req.user, 'object'); users.setTwoFactorAuthenticationSecret(req.user.id, function (error, result) { - if (error && error.reason === UserssError.ALREADY_EXISTS) return next(new HttpError(409, 'TwoFactor Authentication is enabled, disable first')); + if (error && error.reason === UsersError.ALREADY_EXISTS) return next(new HttpError(409, 'TwoFactor Authentication is enabled, disable first')); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(201, { secret: result.secret, qrcode: result.qrcode })); @@ -88,9 +88,9 @@ function enableTwoFactorAuthentication(req, res, next) { if (!req.body.totpToken || typeof req.body.totpToken !== 'string') return next(new HttpError(400, 'totpToken must be a nonempty string')); users.enableTwoFactorAuthentication(req.user.id, req.body.totpToken, function (error) { - if (error && error.reason === UserssError.NOT_FOUND) return next(new HttpError(404, 'User not found')); - if (error && error.reason === UserssError.BAD_TOKEN) return next(new HttpError(403, 'Invalid token')); - if (error && error.reason === UserssError.ALREADY_EXISTS) return next(new HttpError(409, 'TwoFactor Authentication is already enabled')); + if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'User not found')); + if (error && error.reason === UsersError.BAD_TOKEN) return next(new HttpError(403, 'Invalid token')); + if (error && error.reason === UsersError.ALREADY_EXISTS) return next(new HttpError(409, 'TwoFactor Authentication is already enabled')); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(202, {})); diff --git a/src/routes/users.js b/src/routes/users.js index 4b0d8a0ac..bdbad3e7c 100644 --- a/src/routes/users.js +++ b/src/routes/users.js @@ -19,7 +19,7 @@ var accesscontrol = require('../accesscontrol.js'), HttpError = require('connect-lastmile').HttpError, HttpSuccess = require('connect-lastmile').HttpSuccess, users = require('../users.js'), - UserssError = users.UserssError; + UsersError = users.UsersError; function auditSource(req) { var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null; @@ -42,8 +42,8 @@ function create(req, res, next) { var displayName = req.body.displayName || ''; users.create(username, password, email, displayName, auditSource(req), { invitor: req.user, sendInvite: sendInvite }, function (error, user) { - if (error && error.reason === UserssError.BAD_FIELD) return next(new HttpError(400, error.message)); - if (error && error.reason === UserssError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); + if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(400, error.message)); + if (error && error.reason === UsersError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); if (error) return next(new HttpError(500, error)); var userInfo = { @@ -74,9 +74,9 @@ function update(req, res, next) { if (req.user.id !== req.params.userId && !req.user.admin) return next(new HttpError(403, 'Not allowed')); users.update(req.params.userId, req.body, auditSource(req), function (error) { - if (error && error.reason === UserssError.BAD_FIELD) return next(new HttpError(400, error.message)); - if (error && error.reason === UserssError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); - if (error && error.reason === UserssError.NOT_FOUND) return next(new HttpError(404, 'User not found')); + if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(400, error.message)); + if (error && error.reason === UsersError.ALREADY_EXISTS) return next(new HttpError(409, error.message)); + if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'User not found')); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(204)); @@ -100,7 +100,7 @@ function get(req, res, next) { if (req.user.id !== req.params.userId && !req.user.admin) return next(new HttpError(403, 'Not allowed')); users.get(req.params.userId, function (error, result) { - if (error && error.reason === UserssError.NOT_FOUND) return next(new HttpError(404, 'No such user')); + if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'No such user')); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(200, users.removePrivateFields(result))); @@ -118,8 +118,8 @@ function remove(req, res, next) { if (req.user.id === req.params.userId) return next(new HttpError(403, 'Not allowed to remove yourself.')); users.remove(req.params.userId, auditSource(req), function (error) { - if (error && error.reason === UserssError.BAD_FIELD) return next(new HttpError(400, error.message)); - if (error && error.reason === UserssError.NOT_FOUND) return next(new HttpError(404, 'No such user')); + if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(400, error.message)); + if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'No such user')); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(204)); @@ -136,8 +136,8 @@ function verifyPassword(req, res, next) { if (typeof req.body.password !== 'string') return next(new HttpError(400, 'API call requires user password')); users.verifyWithUsername(req.user.username, req.body.password, function (error) { - if (error && error.reason === UserssError.WRONG_PASSWORD) return next(new HttpError(403, 'Password incorrect')); - if (error && error.reason === UserssError.NOT_FOUND) return next(new HttpError(403, 'Password incorrect')); + if (error && error.reason === UsersError.WRONG_PASSWORD) return next(new HttpError(403, 'Password incorrect')); + if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(403, 'Password incorrect')); if (error) return next(new HttpError(500, error)); req.body.password = ''; // this will prevent logs from displaying plain text password @@ -161,7 +161,7 @@ function sendInvite(req, res, next) { assert.strictEqual(typeof req.params.userId, 'string'); users.sendInvite(req.params.userId, { invitor: req.user }, function (error, result) { - if (error && error.reason === UserssError.NOT_FOUND) return next(new HttpError(404, 'User not found')); + if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'User not found')); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(200, { resetToken: result })); @@ -178,7 +178,7 @@ function setGroups(req, res, next) { if (req.user.id === req.params.userId && req.body.groupIds.indexOf(constants.ADMIN_GROUP_ID) === -1) return next(new HttpError(403, 'Admin removing itself from admins is not allowed')); users.setGroups(req.params.userId, req.body.groupIds, function (error) { - if (error && error.reason === UserssError.NOT_FOUND) return next(new HttpError(404, 'One or more groups not found')); + if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'One or more groups not found')); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(204)); diff --git a/src/setup.js b/src/setup.js index cb827811f..fabf7fa80 100644 --- a/src/setup.js +++ b/src/setup.js @@ -38,7 +38,7 @@ var assert = require('assert'), sysinfo = require('./sysinfo.js'), tokendb = require('./tokendb.js'), users = require('./users.js'), - UserssError = users.UserssError, + UsersError = users.UsersError, tld = require('tldjs'), util = require('util'); @@ -241,8 +241,8 @@ function activate(username, password, email, displayName, ip, auditSource, callb setTimeZone(ip, function () { }); // TODO: get this from user. note that timezone is detected based on the browser location and not the cloudron region users.createOwner(username, password, email, displayName, auditSource, function (error, userObject) { - if (error && error.reason === UserssError.ALREADY_EXISTS) return callback(new SetupError(SetupError.ALREADY_PROVISIONED)); - if (error && error.reason === UserssError.BAD_FIELD) return callback(new SetupError(SetupError.BAD_FIELD, error.message)); + if (error && error.reason === UsersError.ALREADY_EXISTS) return callback(new SetupError(SetupError.ALREADY_PROVISIONED)); + if (error && error.reason === UsersError.BAD_FIELD) return callback(new SetupError(SetupError.BAD_FIELD, error.message)); if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error)); clients.get('cid-webadmin', function (error, result) { diff --git a/src/test/users-test.js b/src/test/users-test.js index efecd1f95..d035791de 100644 --- a/src/test/users-test.js +++ b/src/test/users-test.js @@ -20,7 +20,7 @@ var async = require('async'), mailer = require('../mailer.js'), userdb = require('../userdb.js'), users = require('../users.js'), - UserssError = users.UserssError; + UsersError = users.UsersError; var USERNAME = 'noBody'; var USERNAME_NEW = 'noBodyNew'; @@ -122,7 +122,7 @@ describe('User', function () { users.create(USERNAME, 'Fo$%23', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -132,7 +132,7 @@ describe('User', function () { users.create(USERNAME, 'thisiseightch%$234arslong', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -142,7 +142,7 @@ describe('User', function () { users.create(USERNAME, 'foobaRASDF%', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -152,7 +152,7 @@ describe('User', function () { users.create(USERNAME, 'foobaRASDF23423', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -162,7 +162,7 @@ describe('User', function () { users.create('admin', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -172,7 +172,7 @@ describe('User', function () { users.create('moo-daemon', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -182,7 +182,7 @@ describe('User', function () { users.create('', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -192,7 +192,7 @@ describe('User', function () { users.create(new Array(257).fill('Z').join(''), PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -202,7 +202,7 @@ describe('User', function () { users.create('maybe-app', PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -248,7 +248,7 @@ describe('User', function () { users.create(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).not.to.be.ok(); - expect(error.reason).to.equal(UserssError.ALREADY_EXISTS); + expect(error.reason).to.equal(UsersError.ALREADY_EXISTS); done(); }); @@ -258,7 +258,7 @@ describe('User', function () { users.create(USERNAME, '', EMAIL, DISPLAY_NAME, AUDIT_SOURCE, function (error, result) { expect(error).to.be.ok(); expect(result).not.to.be.ok(); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -293,7 +293,7 @@ describe('User', function () { it('fails because there is no owner', function (done) { users.getOwner(function (error) { - expect(error.reason).to.be(UserssError.NOT_FOUND); + expect(error.reason).to.be(UsersError.NOT_FOUND); done(); }); }); @@ -319,7 +319,7 @@ describe('User', function () { users.verify('somerandomid', PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.NOT_FOUND); + expect(error.reason).to.equal(UsersError.NOT_FOUND); done(); }); @@ -329,7 +329,7 @@ describe('User', function () { users.verify(userObject.id, '', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); @@ -339,7 +339,7 @@ describe('User', function () { users.verify(userObject.id, PASSWORD+PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); @@ -356,8 +356,8 @@ describe('User', function () { it('fails for ghost if not enabled', function (done) { users.verify(userObject.id, 'foobar', function (error) { - expect(error).to.be.a(UserssError); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error).to.be.a(UsersError); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); }); @@ -370,8 +370,8 @@ describe('User', function () { users.verify(userObject.id, 'foobar', function (error) { fs.unlinkSync(constants.GHOST_USER_FILE); - expect(error).to.be.a(UserssError); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error).to.be.a(UsersError); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); }); @@ -419,7 +419,7 @@ describe('User', function () { users.verifyWithUsername(USERNAME+USERNAME, PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.NOT_FOUND); + expect(error.reason).to.equal(UsersError.NOT_FOUND); done(); }); @@ -429,7 +429,7 @@ describe('User', function () { users.verifyWithUsername(USERNAME, '', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); @@ -439,7 +439,7 @@ describe('User', function () { users.verifyWithUsername(USERNAME, PASSWORD+PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); @@ -472,8 +472,8 @@ describe('User', function () { users.verifyWithUsername(USERNAME, 'foobar', function (error) { fs.unlinkSync(constants.GHOST_USER_FILE); - expect(error).to.be.a(UserssError); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error).to.be.a(UsersError); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); }); @@ -506,7 +506,7 @@ describe('User', function () { users.verifyWithEmail(EMAIL+EMAIL, PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.NOT_FOUND); + expect(error.reason).to.equal(UsersError.NOT_FOUND); done(); }); @@ -516,7 +516,7 @@ describe('User', function () { users.verifyWithEmail(EMAIL, '', function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); @@ -526,7 +526,7 @@ describe('User', function () { users.verifyWithEmail(EMAIL, PASSWORD+PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); @@ -559,8 +559,8 @@ describe('User', function () { users.verifyWithEmail(EMAIL, 'foobar', function (error) { fs.unlinkSync(constants.GHOST_USER_FILE); - expect(error).to.be.a(UserssError); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error).to.be.a(UsersError); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); }); @@ -639,8 +639,8 @@ describe('User', function () { it('fails due to unknown userid', function (done) { var data = { username: USERNAME_NEW, email: EMAIL_NEW, displayName: DISPLAY_NAME_NEW }; users.update(USERNAME, data, AUDIT_SOURCE, function (error) { - expect(error).to.be.a(UserssError); - expect(error.reason).to.equal(UserssError.NOT_FOUND); + expect(error).to.be.a(UsersError); + expect(error.reason).to.equal(UsersError.NOT_FOUND); done(); }); @@ -649,8 +649,8 @@ describe('User', function () { it('fails due to invalid email', function (done) { var data = { username: USERNAME_NEW, email: 'brokenemailaddress', displayName: DISPLAY_NAME_NEW }; users.update(userObject.id, data, AUDIT_SOURCE, function (error) { - expect(error).to.be.a(UserssError); - expect(error.reason).to.equal(UserssError.BAD_FIELD); + expect(error).to.be.a(UsersError); + expect(error.reason).to.equal(UsersError.BAD_FIELD); done(); }); @@ -845,7 +845,7 @@ describe('User', function () { users.verify(userObject.id, PASSWORD, function (error, result) { expect(error).to.be.ok(); expect(result).to.not.be.ok(); - expect(error.reason).to.equal(UserssError.WRONG_PASSWORD); + expect(error.reason).to.equal(UsersError.WRONG_PASSWORD); done(); }); }); @@ -865,16 +865,16 @@ describe('User', function () { it('fails due to unkown email', function (done) { users.resetPasswordByIdentifier('unknown@mail.com', function (error) { - expect(error).to.be.an(UserssError); - expect(error.reason).to.eql(UserssError.NOT_FOUND); + expect(error).to.be.an(UsersError); + expect(error.reason).to.eql(UsersError.NOT_FOUND); done(); }); }); it('fails due to unkown username', function (done) { users.resetPasswordByIdentifier('unknown', function (error) { - expect(error).to.be.an(UserssError); - expect(error.reason).to.eql(UserssError.NOT_FOUND); + expect(error).to.be.an(UsersError); + expect(error.reason).to.eql(UsersError.NOT_FOUND); done(); }); }); @@ -900,8 +900,8 @@ describe('User', function () { it('fails for unknown user', function (done) { users.sendInvite('unknown user', { }, function (error) { - expect(error).to.be.a(UserssError); - expect(error.reason).to.equal(UserssError.NOT_FOUND); + expect(error).to.be.a(UsersError); + expect(error.reason).to.equal(UsersError.NOT_FOUND); checkMails(0, done); }); @@ -921,7 +921,7 @@ describe('User', function () { it('fails for unknown user', function (done) { users.remove('unknown', { }, function (error) { - expect(error.reason).to.be(UserssError.NOT_FOUND); + expect(error.reason).to.be(UsersError.NOT_FOUND); done(); }); }); diff --git a/src/users.js b/src/users.js index 7f1f1fc4f..7f0a3b635 100644 --- a/src/users.js +++ b/src/users.js @@ -1,7 +1,7 @@ 'use strict'; exports = module.exports = { - UserssError: UserssError, + UsersError: UsersError, removePrivateFields: removePrivateFields, @@ -58,7 +58,7 @@ var CRYPTO_DIGEST = 'sha1'; // used to be the default in node 4.1.1 cannot chang // http://dustinsenos.com/articles/customErrorsInNode // http://code.google.com/p/v8/wiki/JavaScriptStackTraceApi -function UserssError(reason, errorOrMessage) { +function UsersError(reason, errorOrMessage) { assert.strictEqual(typeof reason, 'string'); assert(errorOrMessage instanceof Error || typeof errorOrMessage === 'string' || typeof errorOrMessage === 'undefined'); @@ -76,28 +76,28 @@ function UserssError(reason, errorOrMessage) { this.nestedError = errorOrMessage; } } -util.inherits(UserssError, Error); -UserssError.INTERNAL_ERROR = 'Internal Error'; -UserssError.ALREADY_EXISTS = 'Already Exists'; -UserssError.NOT_FOUND = 'Not Found'; -UserssError.WRONG_PASSWORD = 'Wrong User or Password'; -UserssError.BAD_FIELD = 'Bad field'; -UserssError.BAD_TOKEN = 'Bad token'; +util.inherits(UsersError, Error); +UsersError.INTERNAL_ERROR = 'Internal Error'; +UsersError.ALREADY_EXISTS = 'Already Exists'; +UsersError.NOT_FOUND = 'Not Found'; +UsersError.WRONG_PASSWORD = 'Wrong User or Password'; +UsersError.BAD_FIELD = 'Bad field'; +UsersError.BAD_TOKEN = 'Bad token'; // keep this in sync with validateGroupname and validateAlias function validateUsername(username) { assert.strictEqual(typeof username, 'string'); - if (username.length < 1) return new UserssError(UserssError.BAD_FIELD, 'Username must be atleast 1 char'); - if (username.length >= 200) return new UserssError(UserssError.BAD_FIELD, 'Username too long'); + if (username.length < 1) return new UsersError(UsersError.BAD_FIELD, 'Username must be atleast 1 char'); + if (username.length >= 200) return new UsersError(UsersError.BAD_FIELD, 'Username too long'); - if (constants.RESERVED_NAMES.indexOf(username) !== -1) return new UserssError(UserssError.BAD_FIELD, 'Username is reserved'); + if (constants.RESERVED_NAMES.indexOf(username) !== -1) return new UsersError(UsersError.BAD_FIELD, 'Username is reserved'); // +/- can be tricky in emails. also need to consider valid LDAP characters here (e.g '+' is reserved) - if (/[^a-zA-Z0-9.]/.test(username)) return new UserssError(UserssError.BAD_FIELD, 'Username can only contain alphanumerals and dot'); + if (/[^a-zA-Z0-9.]/.test(username)) return new UsersError(UsersError.BAD_FIELD, 'Username can only contain alphanumerals and dot'); // app emails are sent using the .app suffix - if (username.indexOf('.app') !== -1) return new UserssError(UserssError.BAD_FIELD, 'Username pattern is reserved for apps'); + if (username.indexOf('.app') !== -1) return new UsersError(UsersError.BAD_FIELD, 'Username pattern is reserved for apps'); return null; } @@ -105,7 +105,7 @@ function validateUsername(username) { function validateEmail(email) { assert.strictEqual(typeof email, 'string'); - if (!validator.isEmail(email)) return new UserssError(UserssError.BAD_FIELD, 'Invalid email'); + if (!validator.isEmail(email)) return new UsersError(UsersError.BAD_FIELD, 'Invalid email'); return null; } @@ -113,7 +113,7 @@ function validateEmail(email) { function validateToken(token) { assert.strictEqual(typeof token, 'string'); - if (token.length !== 64) return new UserssError(UserssError.BAD_TOKEN, 'Invalid token'); // 256-bit hex coded token + if (token.length !== 64) return new UsersError(UsersError.BAD_TOKEN, 'Invalid token'); // 256-bit hex coded token return null; } @@ -153,7 +153,7 @@ function createUser(username, password, email, displayName, auditSource, options } error = validatePassword(password); - if (error) return callback(new UserssError(UserssError.BAD_FIELD, error.message)); + if (error) return callback(new UsersError(UsersError.BAD_FIELD, error.message)); email = email.toLowerCase(); error = validateEmail(email); @@ -163,10 +163,10 @@ function createUser(username, password, email, displayName, auditSource, options if (error) return callback(error); crypto.randomBytes(CRYPTO_SALT_SIZE, function (error, salt) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); crypto.pbkdf2(password, salt, CRYPTO_ITERATIONS, CRYPTO_KEY_LENGTH, CRYPTO_DIGEST, function (error, derivedKey) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); var now = (new Date()).toISOString(); var user = { @@ -183,8 +183,8 @@ function createUser(username, password, email, displayName, auditSource, options }; userdb.add(user.id, user, function (error) { - if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new UserssError(UserssError.ALREADY_EXISTS, error.message)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new UsersError(UsersError.ALREADY_EXISTS, error.message)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); callback(null, user); @@ -226,10 +226,10 @@ function verify(userId, password, callback) { var saltBinary = new Buffer(user.salt, 'hex'); crypto.pbkdf2(password, saltBinary, CRYPTO_ITERATIONS, CRYPTO_KEY_LENGTH, CRYPTO_DIGEST, function (error, derivedKey) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); var derivedKeyHex = new Buffer(derivedKey, 'binary').toString('hex'); - if (derivedKeyHex !== user.password) return callback(new UserssError(UserssError.WRONG_PASSWORD)); + if (derivedKeyHex !== user.password) return callback(new UsersError(UsersError.WRONG_PASSWORD)); callback(null, user); }); @@ -242,8 +242,8 @@ function verifyWithUsername(username, password, callback) { assert.strictEqual(typeof callback, 'function'); userdb.getByUsername(username.toLowerCase(), function (error, user) { - if (error && error.reason == DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason == DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); verify(user.id, password, callback); }); @@ -255,8 +255,8 @@ function verifyWithEmail(email, password, callback) { assert.strictEqual(typeof callback, 'function'); userdb.getByEmail(email.toLowerCase(), function (error, user) { - if (error && error.reason == DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason == DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); verify(user.id, password, callback); }); @@ -270,11 +270,11 @@ function removeUser(userId, auditSource, callback) { getUser(userId, function (error, user) { if (error) return callback(error); - if (config.isDemo() && user.username === constants.DEMO_USERNAME) return callback(new UserssError(UserssError.BAD_FIELD, 'Not allowed in demo mode')); + if (config.isDemo() && user.username === constants.DEMO_USERNAME) return callback(new UsersError(UsersError.BAD_FIELD, 'Not allowed in demo mode')); userdb.del(userId, function (error) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); eventlog.add(eventlog.ACTION_USER_REMOVE, auditSource, { userId: userId, user: removePrivateFields(user) }); @@ -289,7 +289,7 @@ function listUsers(callback) { assert.strictEqual(typeof callback, 'function'); userdb.getAllWithGroupIds(function (error, results) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); results.forEach(function (result) { result.admin = result.groupIds.indexOf(constants.ADMIN_GROUP_ID) !== -1; @@ -303,7 +303,7 @@ function count(callback) { assert.strictEqual(typeof callback, 'function'); userdb.count(function (error, count) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); callback(null, count); }); @@ -314,11 +314,11 @@ function getUser(userId, callback) { assert.strictEqual(typeof callback, 'function'); userdb.get(userId, function (error, result) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); groups.getGroups(userId, function (error, groupIds) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); result.groupIds = groupIds; result.admin = groupIds.indexOf(constants.ADMIN_GROUP_ID) !== -1; @@ -336,8 +336,8 @@ function getByResetToken(resetToken, callback) { if (error) return callback(error); userdb.getByResetToken(resetToken, function (error, result) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); getUser(result.id, callback); }); @@ -373,13 +373,13 @@ function updateUser(userId, data, auditSource, callback) { } userdb.get(userId, function (error) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); userdb.update(userId, data, function (error) { - if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new UserssError(UserssError.ALREADY_EXISTS, error.message)); - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND, error)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new UsersError(UsersError.ALREADY_EXISTS, error.message)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); callback(); @@ -398,13 +398,13 @@ function setGroups(userId, groupIds, callback) { assert.strictEqual(typeof callback, 'function'); groups.getGroups(userId, function (error, oldGroupIds) { - if (error && error.reason !== GroupsError.NOT_FOUND) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason !== GroupsError.NOT_FOUND) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); oldGroupIds = oldGroupIds || []; groups.setGroups(userId, groupIds, function (error) { - if (error && error.reason === GroupsError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND, 'One or more groups not found')); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === GroupsError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND, 'One or more groups not found')); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); var isAdmin = groupIds.some(function (g) { return g === constants.ADMIN_GROUP_ID; }); var wasAdmin = oldGroupIds.some(function (g) { return g === constants.ADMIN_GROUP_ID; }); @@ -426,7 +426,7 @@ function getAllAdmins(callback) { assert.strictEqual(typeof callback, 'function'); userdb.getAllAdmins(function (error, admins) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); callback(null, admins); }); @@ -441,14 +441,14 @@ function resetPasswordByIdentifier(identifier, callback) { else getter = userdb.getByEmail; getter(identifier.toLowerCase(), function (error, result) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); result.resetToken = hat(256); userdb.update(result.id, result, function (error) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); mailer.passwordReset(result); @@ -463,35 +463,35 @@ function setPassword(userId, newPassword, callback) { assert.strictEqual(typeof callback, 'function'); var error = validatePassword(newPassword); - if (error) return callback(new UserssError(UserssError.BAD_FIELD, error.message)); + if (error) return callback(new UsersError(UsersError.BAD_FIELD, error.message)); userdb.get(userId, function (error, user) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); - if (config.isDemo() && user.username === constants.DEMO_USERNAME) return callback(new UserssError(UserssError.BAD_FIELD, 'Not allowed in demo mode')); + if (config.isDemo() && user.username === constants.DEMO_USERNAME) return callback(new UsersError(UsersError.BAD_FIELD, 'Not allowed in demo mode')); var saltBuffer = new Buffer(user.salt, 'hex'); crypto.pbkdf2(newPassword, saltBuffer, CRYPTO_ITERATIONS, CRYPTO_KEY_LENGTH, CRYPTO_DIGEST, function (error, derivedKey) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); user.modifiedAt = (new Date()).toISOString(); user.password = new Buffer(derivedKey, 'binary').toString('hex'); user.resetToken = ''; userdb.update(userId, user, function (error) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); // Also generate a token so the new user can get logged in immediately clients.get('cid-webadmin', function (error, result) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); var token = tokendb.generateToken(); var expiresAt = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION; tokendb.add(token, user.id, result.id, expiresAt, '*', function (error) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); callback(null, { token: token, expiresAt: expiresAt }); }); @@ -510,22 +510,22 @@ function createOwner(username, password, email, displayName, auditSource, callba assert.strictEqual(typeof callback, 'function'); // This is only not allowed for the owner - if (username === '') return callback(new UserssError(UserssError.BAD_FIELD, 'Username cannot be empty')); + if (username === '') return callback(new UsersError(UsersError.BAD_FIELD, 'Username cannot be empty')); userdb.count(function (error, count) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); - if (count !== 0) return callback(new UserssError(UserssError.ALREADY_EXISTS, 'Owner already exists')); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); + if (count !== 0) return callback(new UsersError(UsersError.ALREADY_EXISTS, 'Owner already exists')); // have to provide the group id explicitly so using db layer directly groupdb.add(constants.ADMIN_GROUP_ID, constants.ADMIN_GROUP_NAME, function (error) { // we proceed if it already exists so we can re-create the owner if need be - if (error && error.reason !== DatabaseError.ALREADY_EXISTS) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason !== DatabaseError.ALREADY_EXISTS) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); createUser(username, password, email, displayName, auditSource, { owner: true }, function (error, user) { if (error) return callback(error); groups.addMember(constants.ADMIN_GROUP_ID, user.id, function (error) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); callback(null, user); }); @@ -536,8 +536,8 @@ function createOwner(username, password, email, displayName, auditSource, callba function getOwner(callback) { userdb.getOwner(function (error, owner) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); return callback(null, owner); }); @@ -549,14 +549,14 @@ function sendInvite(userId, options, callback) { assert.strictEqual(typeof callback, 'function'); userdb.get(userId, function (error, userObject) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); userObject.resetToken = hat(256); userdb.update(userId, userObject, function (error) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); mailer.sendInvite(userObject, options.invitor || null); @@ -570,15 +570,15 @@ function setTwoFactorAuthenticationSecret(userId, callback) { assert.strictEqual(typeof callback, 'function'); userdb.get(userId, function (error, result) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); - if (result.twoFactorAuthenticationEnabled) return callback(new UserssError(UserssError.ALREADY_EXISTS)); + if (result.twoFactorAuthenticationEnabled) return callback(new UsersError(UsersError.ALREADY_EXISTS)); var secret = speakeasy.generateSecret({ name: `Cloudron (${config.adminFqdn()})` }); userdb.update(userId, { twoFactorAuthenticationSecret: secret.base32, twoFactorAuthenticationEnabled: false }, function (error) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); qrcode.toDataURL(secret.otpauth_url, function (error, dataUrl) { if (error) console.error(error); @@ -595,16 +595,16 @@ function enableTwoFactorAuthentication(userId, totpToken, callback) { assert.strictEqual(typeof callback, 'function'); userdb.get(userId, function (error, result) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserssError(UserssError.NOT_FOUND)); - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UsersError(UsersError.NOT_FOUND)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); var verified = speakeasy.totp.verify({ secret: result.twoFactorAuthenticationSecret, encoding: 'base32', token: totpToken }); - if (!verified) return callback(new UserssError(UserssError.BAD_TOKEN)); + if (!verified) return callback(new UsersError(UsersError.BAD_TOKEN)); - if (result.twoFactorAuthenticationEnabled) return callback(new UserssError(UserssError.ALREADY_EXISTS)); + if (result.twoFactorAuthenticationEnabled) return callback(new UsersError(UsersError.ALREADY_EXISTS)); userdb.update(userId, { twoFactorAuthenticationEnabled: true }, function (error) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); callback(null); }); @@ -616,7 +616,7 @@ function disableTwoFactorAuthentication(userId, callback) { assert.strictEqual(typeof callback, 'function'); userdb.update(userId, { twoFactorAuthenticationEnabled: false, twoFactorAuthenticationSecret: '' }, function (error) { - if (error) return callback(new UserssError(UserssError.INTERNAL_ERROR, error)); + if (error) return callback(new UsersError(UsersError.INTERNAL_ERROR, error)); callback(null); });