From 8a969d1c25c8ee67b6a1172c84c668a58afacf96 Mon Sep 17 00:00:00 2001 From: Alasdair Smith Date: Wed, 12 Sep 2018 18:31:08 +0100 Subject: [PATCH] Redirect directly from controller instead of via handler --- .../app/coffee/Features/Errors/Errors.coffee | 8 ------- .../TokenAccess/TokenAccessController.coffee | 12 ++-------- services/web/app/coffee/router.coffee | 6 ++--- .../TokenAccessControllerTests.coffee | 24 ++++++++++++------- 4 files changed, 19 insertions(+), 31 deletions(-) diff --git a/services/web/app/coffee/Features/Errors/Errors.coffee b/services/web/app/coffee/Features/Errors/Errors.coffee index 720b092012..94aeaa2a90 100644 --- a/services/web/app/coffee/Features/Errors/Errors.coffee +++ b/services/web/app/coffee/Features/Errors/Errors.coffee @@ -82,13 +82,6 @@ EmailExistsError = (message) -> return error EmailExistsError.prototype.__proto__ = Error.prototype -ProjectNotTokenAccessError = (message) -> - error = new Error(message) - error.name = "ProjectNotTokenAccessError" - error.__proto__ = ProjectNotTokenAccessError.prototype - return error -ProjectNotTokenAccessError.prototype.__proto__ = Error.prototype - module.exports = Errors = NotFoundError: NotFoundError ServiceNotConfiguredError: ServiceNotConfiguredError @@ -102,4 +95,3 @@ module.exports = Errors = V1ConnectionError: V1ConnectionError UnconfirmedEmailError: UnconfirmedEmailError EmailExistsError: EmailExistsError - ProjectNotTokenAccessError: ProjectNotTokenAccessError diff --git a/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee b/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee index 6b03e6c600..9e35c622b0 100644 --- a/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee +++ b/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee @@ -7,15 +7,6 @@ settings = require 'settings-sharelatex' module.exports = TokenAccessController = - redirectNotFoundErrorToV1: (err, req, res, next) -> - if err instanceof Errors.ProjectNotTokenAccessError and settings.overleaf - logger.log { - token: req.params['read_and_write_token'] - }, "[TokenAccess] No project found for token, redirecting to v1" - res.redirect(settings.overleaf.host + req.url) - else - next(err) - _loadEditor: (projectId, req, res, next) -> req.params.Project_id = projectId.toString() return ProjectController.loadEditor(req, res, next) @@ -29,7 +20,8 @@ module.exports = TokenAccessController = if !projectExists logger.log {token, userId}, "[TokenAccess] no project found for this token" - return next(new Errors.ProjectNotTokenAccessError()) + # Project does not exist, but may be unimported - try it on v1 + return res.redirect(settings.overleaf.host + req.url) if !project? logger.log {token, userId}, "[TokenAccess] no project with higher access found for this user and token" diff --git a/services/web/app/coffee/router.coffee b/services/web/app/coffee/router.coffee index 35de9f804f..b196c56870 100644 --- a/services/web/app/coffee/router.coffee +++ b/services/web/app/coffee/router.coffee @@ -418,8 +418,7 @@ module.exports = class Router maxRequests: 10, timeInterval: 60 }), - TokenAccessController.readOnlyToken, - TokenAccessController.redirectNotFoundErrorToV1 + TokenAccessController.readOnlyToken webRouter.get '/:read_and_write_token([0-9]+[a-z]+)', RateLimiterMiddlewear.rateLimit({ @@ -427,7 +426,6 @@ module.exports = class Router maxRequests: 10, timeInterval: 60 }), - TokenAccessController.readAndWriteToken, - TokenAccessController.redirectNotFoundErrorToV1 + TokenAccessController.readAndWriteToken webRouter.get '*', ErrorController.notFound diff --git a/services/web/test/unit/coffee/TokenAccess/TokenAccessControllerTests.coffee b/services/web/test/unit/coffee/TokenAccess/TokenAccessControllerTests.coffee index 0fe8ab358a..0bdb6d59e6 100644 --- a/services/web/test/unit/coffee/TokenAccess/TokenAccessControllerTests.coffee +++ b/services/web/test/unit/coffee/TokenAccess/TokenAccessControllerTests.coffee @@ -30,6 +30,10 @@ describe "TokenAccessController", -> '../Authentication/AuthenticationController': @AuthenticationController = {} './TokenAccessHandler': @TokenAccessHandler = {} 'logger-sharelatex': {log: sinon.stub(), err: sinon.stub()} + 'settings-sharelatex': { + overleaf: + host: 'http://overleaf.test:5000' + } @AuthenticationController.getLoggedInUserId = sinon.stub().returns(@userId.toString()) @@ -234,6 +238,7 @@ describe "TokenAccessController", -> describe 'when project does not exist', -> beforeEach -> @req = new MockRequest() + @req.url = '/123abc' @res = new MockResponse() @res.redirect = sinon.stub() @next = sinon.stub() @@ -245,10 +250,10 @@ describe "TokenAccessController", -> .callsArgWith(2, null, @project, false) @TokenAccessController.readAndWriteToken @req, @res, @next - it 'should return a ProjectNotTokenAccessError', (done) -> - expect(@next.callCount).to.equal 1 - expect(@next.firstCall.args[0].name) - .to.equal 'ProjectNotTokenAccessError' + it 'should redirect to v1', (done) -> + expect(@res.redirect.callCount).to.equal 1 + expect(@res.redirect.firstCall.args[0]) + .to.equal 'http://overleaf.test:5000/123abc' done() describe 'when token access is off, but user has higher access anyway', -> @@ -311,7 +316,7 @@ describe "TokenAccessController", -> .callsArgWith(1, null, null) @TokenAccessHandler.findProjectWithHigherAccess = sinon.stub() - .callsArgWith(2, null, null) + .callsArgWith(2, null, null, true) @TokenAccessHandler.addReadAndWriteUserToProject = sinon.stub() .callsArgWith(2, null) @ProjectController.loadEditor = sinon.stub() @@ -502,6 +507,7 @@ describe "TokenAccessController", -> describe 'when project does not exist', -> beforeEach -> @req = new MockRequest() + @req.url = '/123abc' @res = new MockResponse() @res.redirect = sinon.stub() @next = sinon.stub() @@ -514,9 +520,9 @@ describe "TokenAccessController", -> @TokenAccessController.readOnlyToken @req, @res, @next it 'should return a ProjectNotTokenAccessError', (done) -> - expect(@next.callCount).to.equal 1 - expect(@next.firstCall.args[0].name) - .to.equal 'ProjectNotTokenAccessError' + expect(@res.redirect.callCount).to.equal 1 + expect(@res.redirect.firstCall.args[0]) + .to.equal 'http://overleaf.test:5000/123abc' done() describe 'when token access is off, but user has higher access anyway', -> @@ -578,7 +584,7 @@ describe "TokenAccessController", -> .callsArgWith(1, null, null) @TokenAccessHandler.findProjectWithHigherAccess = sinon.stub() - .callsArgWith(2, null, null) + .callsArgWith(2, null, null, true) @TokenAccessHandler.addReadOnlyUserToProject = sinon.stub() .callsArgWith(2, null) @ProjectController.loadEditor = sinon.stub()