ahtlon/deck
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Catch DoesNotExistException to return proper API repsonses

Browse Source 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl
2018-08-14 21:23:15 +02:00
parent 4391bf4eb8
commit 47a7e76a4d
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/Middleware/SharingMiddleware.php
View File

@@ -25,6 +25,7 @@ namespace OCA\Deck\Middleware;
use OCA\Deck\StatusException; use OCA\Deck\StatusException;
use OCA\Deck\BadRequestException; use OCA\Deck\BadRequestException;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Middleware; use OCP\AppFramework\Middleware;
use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\JSONResponse;
use OCP\ILogger; use OCP\ILogger;
@@ -69,6 +70,17 @@ class SharingMiddleware extends Middleware {
'message' => $exception->getMessage() 'message' => $exception->getMessage()
], $exception->getStatus()); ], $exception->getStatus());
} }
// uncatched DoesNotExistExceptions will be thrown when the main entity is not found
// we return a 403 so we don't leak information over existing entries
// TODO: At some point those should properly be catched in the service classes
if ($exception instanceof DoesNotExistException) {
return new JSONResponse([
'status' => 403,
'message' => 'Permission denied'
], 403);
}
throw $exception; throw $exception;
} }