2019-05-29 05:21:06 -04:00
|
|
|
let ErrorController
|
|
|
|
|
const Errors = require('./Errors')
|
|
|
|
|
const logger = require('logger-sharelatex')
|
|
|
|
|
const AuthenticationController = require('../Authentication/AuthenticationController')
|
2019-11-05 09:09:37 -05:00
|
|
|
const SamlLogHandler = require('../SamlLog/SamlLogHandler')
|
2020-09-15 08:49:02 -04:00
|
|
|
const HttpErrorHandler = require('./HttpErrorHandler')
|
2019-05-29 05:21:06 -04:00
|
|
|
|
|
|
|
|
module.exports = ErrorController = {
|
|
|
|
|
notFound(req, res) {
|
|
|
|
|
res.status(404)
|
2019-07-19 05:39:58 -04:00
|
|
|
res.render('general/404', { title: 'page_not_found' })
|
2019-05-29 05:21:06 -04:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
forbidden(req, res) {
|
|
|
|
|
res.status(403)
|
2019-07-19 05:39:58 -04:00
|
|
|
res.render('user/restricted')
|
2019-05-29 05:21:06 -04:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
serverError(req, res) {
|
|
|
|
|
res.status(500)
|
2019-07-19 05:39:58 -04:00
|
|
|
res.render('general/500', { title: 'Server Error' })
|
2019-05-29 05:21:06 -04:00
|
|
|
},
|
|
|
|
|
|
|
|
|
|
handleError(error, req, res, next) {
|
|
|
|
|
const user = AuthenticationController.getSessionUser(req)
|
2019-11-05 09:09:37 -05:00
|
|
|
// log errors related to SAML flow
|
2020-02-28 10:08:32 -05:00
|
|
|
if (req.session && req.session.saml) {
|
2019-11-07 08:29:24 -05:00
|
|
|
SamlLogHandler.log(req.session.saml.universityId, req.sessionID, {
|
2019-11-05 09:09:37 -05:00
|
|
|
error: {
|
|
|
|
|
message: error && error.message,
|
|
|
|
|
stack: error && error.stack
|
|
|
|
|
},
|
2020-03-12 13:22:27 -04:00
|
|
|
body: req.body,
|
2019-11-05 09:09:37 -05:00
|
|
|
path: req.path,
|
|
|
|
|
query: req.query,
|
|
|
|
|
saml: req.session.saml,
|
|
|
|
|
user_id: user && user._id
|
|
|
|
|
})
|
|
|
|
|
}
|
2019-07-19 05:39:58 -04:00
|
|
|
if (error.code === 'EBADCSRFTOKEN') {
|
2019-05-29 05:21:06 -04:00
|
|
|
logger.warn(
|
|
|
|
|
{ err: error, url: req.url, method: req.method, user },
|
|
|
|
|
'invalid csrf'
|
|
|
|
|
)
|
|
|
|
|
res.sendStatus(403)
|
2019-07-19 05:39:58 -04:00
|
|
|
} else if (error instanceof Errors.NotFoundError) {
|
2019-05-29 05:21:06 -04:00
|
|
|
logger.warn({ err: error, url: req.url }, 'not found error')
|
2019-07-19 05:39:58 -04:00
|
|
|
ErrorController.notFound(req, res)
|
2019-10-07 04:30:42 -04:00
|
|
|
} else if (
|
|
|
|
|
error instanceof URIError &&
|
|
|
|
|
error.message.match(/^Failed to decode param/)
|
|
|
|
|
) {
|
|
|
|
|
logger.warn({ err: error, url: req.url }, 'Express URIError')
|
|
|
|
|
res.status(400)
|
|
|
|
|
res.render('general/500', { title: 'Invalid Error' })
|
2019-05-29 05:21:06 -04:00
|
|
|
} else if (error instanceof Errors.ForbiddenError) {
|
|
|
|
|
logger.error({ err: error }, 'forbidden error')
|
2019-07-19 05:39:58 -04:00
|
|
|
ErrorController.forbidden(req, res)
|
2019-05-29 05:21:06 -04:00
|
|
|
} else if (error instanceof Errors.TooManyRequestsError) {
|
|
|
|
|
logger.warn({ err: error, url: req.url }, 'too many requests error')
|
2019-07-19 05:39:58 -04:00
|
|
|
res.sendStatus(429)
|
2019-05-29 05:21:06 -04:00
|
|
|
} else if (error instanceof Errors.InvalidError) {
|
|
|
|
|
logger.warn({ err: error, url: req.url }, 'invalid error')
|
|
|
|
|
res.status(400)
|
2019-07-19 05:39:58 -04:00
|
|
|
res.send(error.message)
|
2019-05-29 05:21:06 -04:00
|
|
|
} else if (error instanceof Errors.InvalidNameError) {
|
|
|
|
|
logger.warn({ err: error, url: req.url }, 'invalid name error')
|
|
|
|
|
res.status(400)
|
2019-07-19 05:39:58 -04:00
|
|
|
res.send(error.message)
|
2019-09-12 15:59:51 -04:00
|
|
|
} else if (error instanceof Errors.SAMLSessionDataMissing) {
|
|
|
|
|
logger.warn(
|
|
|
|
|
{ err: error, url: req.url },
|
|
|
|
|
'missing SAML session data error'
|
|
|
|
|
)
|
2020-09-15 08:49:02 -04:00
|
|
|
HttpErrorHandler.badRequest(req, res, error.message)
|
2019-05-29 05:21:06 -04:00
|
|
|
} else {
|
|
|
|
|
logger.error(
|
|
|
|
|
{ err: error, url: req.url, method: req.method, user },
|
|
|
|
|
'error passed to top level next middleware'
|
|
|
|
|
)
|
2019-07-19 05:39:58 -04:00
|
|
|
ErrorController.serverError(req, res)
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
handleApiError(error, req, res, next) {
|
|
|
|
|
if (error instanceof Errors.NotFoundError) {
|
|
|
|
|
logger.warn({ err: error, url: req.url }, 'not found error')
|
2019-07-19 05:39:58 -04:00
|
|
|
res.sendStatus(404)
|
2019-10-07 04:30:42 -04:00
|
|
|
} else if (
|
|
|
|
|
error instanceof URIError &&
|
|
|
|
|
error.message.match(/^Failed to decode param/)
|
|
|
|
|
) {
|
|
|
|
|
logger.warn({ err: error, url: req.url }, 'Express URIError')
|
|
|
|
|
res.sendStatus(400)
|
2019-05-29 05:21:06 -04:00
|
|
|
} else {
|
|
|
|
|
logger.error(
|
|
|
|
|
{ err: error, url: req.url, method: req.method },
|
|
|
|
|
'error passed to top level next middleware'
|
|
|
|
|
)
|
2019-07-19 05:39:58 -04:00
|
|
|
res.sendStatus(500)
|
2019-05-29 05:21:06 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
