feat(backend): add RegistrationDisabledError

This error is thrown by RegistrationEnabledGuard instead of directly throwing an http error. The new RegistrationDisabledError is mapped to the Forbidden HTTP code 403, since this better represents the actual error. Signed-off-by: Philip Molares <philip.molares@udo.edu>
2024-10-18 13:20:16 -04:00 · 2023-01-08 16:08:51 +01:00 · 2023-01-08 16:08:51 +01:00 · c39a9430a2
commit c39a9430a2
parent 50e3452574
4 changed files with 17 additions and 12 deletions
--- a/backend/src/api/private/auth/auth.controller.ts
+++ b/backend/src/api/private/auth/auth.controller.ts
@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file)
+ * SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file)
 *
 * SPDX-License-Identifier: AGPL-3.0-only
 */
@ -53,7 +53,7 @@ export class AuthController {

  @UseGuards(RegistrationEnabledGuard)
  @Post('local')
-  @OpenApi(201, 400, 409)
+  @OpenApi(201, 400, 403, 409)
  async registerUser(
    @Req() request: RequestWithSession,
    @Body() registerDto: RegisterDto,
--- a/backend/src/api/utils/registration-enabled.guard.ts
+++ b/backend/src/api/utils/registration-enabled.guard.ts
@ -1,16 +1,12 @@
 /*
- * SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file)
+ * SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file)
 *
 * SPDX-License-Identifier: AGPL-3.0-only
 */
-import {
-  BadRequestException,
-  CanActivate,
-  Inject,
-  Injectable,
-} from '@nestjs/common';
+import { CanActivate, Inject, Injectable } from '@nestjs/common';

 import authConfiguration, { AuthConfig } from '../../config/auth.config';
+import { RegistrationDisabledError } from '../../errors/errors';
 import { ConsoleLoggerService } from '../../logger/console-logger.service';

@Injectable()
@ -26,7 +22,7 @@ export class RegistrationEnabledGuard implements CanActivate {
  canActivate(): boolean {
    if (!this.authConfig.local.enableRegister) {
      this.logger.debug('User registration is disabled.', 'canActivate');
-      throw new BadRequestException('User registration is disabled.');
+      throw new RegistrationDisabledError();
    }
    return true;
  }
--- a/backend/src/errors/error-mapping.ts
+++ b/backend/src/errors/error-mapping.ts
@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file)
+ * SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file)
 *
 * SPDX-License-Identifier: AGPL-3.0-only
 */
@ -8,6 +8,7 @@ import {
  BadRequestException,
  Catch,
  ConflictException,
+  ForbiddenException,
  InternalServerErrorException,
  NotFoundException,
  PayloadTooLargeException,
@ -75,6 +76,10 @@ const mapOfHedgeDocErrorsToHttpErrors: Map<string, HttpExceptionConstructor> =
      'MaximumDocumentLengthExceededError',
      (object): HttpException => new PayloadTooLargeException(object),
    ],
+    [
+      'RegistrationDisabledError',
+      (object): HttpException => new ForbiddenException(object),
+    ],
  ]);

@Catch()
--- a/backend/src/errors/errors.ts
+++ b/backend/src/errors/errors.ts
@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file)
+ * SPDX-FileCopyrightText: 2023 The HedgeDoc developers (see AUTHORS file)
 *
 * SPDX-License-Identifier: AGPL-3.0-only
 */
@ -59,3 +59,7 @@ export class PasswordTooWeakError extends Error {
 export class MaximumDocumentLengthExceededError extends Error {
  name = 'MaximumDocumentLengthExceededError';
 }
+
+export class RegistrationDisabledError extends Error {
+  name = 'RegistrationDisabledError';
+}