Skip to content
Snippets Groups Projects
Commit 9f589825 authored by michael.minelli's avatar michael.minelli
Browse files

GitlabManager => Add custom error status code

parent 85aca0f7
Branches
Tags
1 merge request!3Return error when client headers are missing (issue #19)
Pipeline #30019 failed
......@@ -16,6 +16,7 @@ import GitlabProfile from '../shared/types/Gitlab/GitlabProfile';
import GitlabRelease from '../shared/types/Gitlab/GitlabRelease';
import { CommitSchema, Gitlab } from '@gitbeaker/rest';
import logger from '../shared/logging/WinstonLogger';
import DojoStatusCode from '../shared/types/Dojo/DojoStatusCode';
class GitlabManager {
......@@ -169,16 +170,18 @@ class GitlabManager {
return response.data;
}
async checkTemplateAccess(projectIdOrNamespace: string, req: express.Request): Promise<StatusCodes> {
async checkTemplateAccess(projectIdOrNamespace: string, req: express.Request, res: express.Response) {
// Get the Gitlab project and check if it have public or internal visibility
try {
const project: GitlabRepository = await this.getRepository(projectIdOrNamespace);
if ( [ GitlabVisibility.PUBLIC.valueOf(), GitlabVisibility.INTERNAL.valueOf() ].includes(project.visibility) ) {
return StatusCodes.OK;
req.session.sendResponse(res, StatusCodes.OK);
return;
}
} catch ( e ) {
return StatusCodes.NOT_FOUND;
req.session.sendResponse(res, StatusCodes.NOT_FOUND, undefined, 'Template not found', DojoStatusCode.GITLAB_TEMPLATE_NOT_FOUND);
return;
}
// Check if the user and dojo are members (with at least reporter access) of the project
......@@ -197,7 +200,11 @@ class GitlabManager {
}
});
return isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ? StatusCodes.OK : StatusCodes.UNAUTHORIZED;
if ( isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ) {
req.session.sendResponse(res, StatusCodes.OK);
} else {
req.session.sendResponse(res, StatusCodes.UNAUTHORIZED, undefined, 'Template access unauthorized', DojoStatusCode.GITLAB_TEMPLATE_ACCESS_UNAUTHORIZED);
}
}
async protectBranch(repoId: number, branchName: string, allowForcePush: boolean, allowedToMerge: GitlabAccessLevel, allowedToPush: GitlabAccessLevel, allowedToUnprotect: GitlabAccessLevel): Promise<GitlabMember> {
......
......@@ -14,7 +14,7 @@ class GitlabRoutes implements RoutesManager {
private async checkTemplateAccess(req: express.Request, res: express.Response) {
const gitlabProjectIdOrNamespace: string = req.params.gitlabProjectIdOrNamespace;
return res.status(await GitlabManager.checkTemplateAccess(gitlabProjectIdOrNamespace, req)).send();
await GitlabManager.checkTemplateAccess(gitlabProjectIdOrNamespace, req, res);
}
}
......
Subproject commit 1346565c5759be045a1347f82eea230d393e38cb
Subproject commit 6e8f45841ca086956d34370cb3639262e69aa3c3
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment