diff --git a/src/api/acts/admin.ts b/src/api/acts/admin.ts index a046fa2..53afaab 100644 --- a/src/api/acts/admin.ts +++ b/src/api/acts/admin.ts @@ -4,6 +4,7 @@ import { sha256 } from "../../sys/crypto.js"; import { accounts, db, signupOTA } from "../../sys/db.js"; import { get64, uts } from "../../sys/tools.js"; import { Act, Client, STATE } from "../user.js"; +import { act_error } from "../../server/errors.js"; export const getAccounts: Act = { state: STATE.client, @@ -55,7 +56,7 @@ export const setPermissions: Act = { aws("ok", ""); } else { client.suspect(); - aws("error", "existence"); + aws("error", act_error.ACCOUNT_NOT_EXISTS); } } }; @@ -78,7 +79,7 @@ export const resetPassword: Act = { aws("ok", ""); } else { client.suspect(); - aws("error", "existence"); + aws("error", act_error.ACCOUNT_NOT_EXISTS); } } }; @@ -103,7 +104,7 @@ export const setMaxValues: Act = { aws("ok", ""); } else { client.suspect(); - aws("error", "existence"); + aws("error", act_error.ACCOUNT_NOT_EXISTS); } } }; diff --git a/src/api/acts/client.ts b/src/api/acts/client.ts index 3aced2f..ba90db9 100644 --- a/src/api/acts/client.ts +++ b/src/api/acts/client.ts @@ -7,6 +7,7 @@ import { getSettings, SETTINGS } from "../../sys/settings.js"; import { get64, uts } from "../../sys/tools.js"; import { Act, Client, STATE } from "../user.js"; import { canCreateRoom } from "../helper.js" +import { act_error } from "../../server/errors.js"; export const deleteAccount: Act = { @@ -65,7 +66,7 @@ export const getMyAccount: Act = { } } client.suspect(); - aws("error", "existence"); + aws("error", act_error.CLIENT_NOT_EXISTS); } }; @@ -86,7 +87,7 @@ export const changePassword: Act = { aws("ok", ""); } else { client.suspect(); - aws("error", "existence"); + aws("error", act_error.CLIENT_NOT_EXISTS); } } }; @@ -106,7 +107,7 @@ export const changeViewable: Act = { aws("ok", ""); } else { client.suspect(); - aws("error", "existence"); + aws("error", act_error.CLIENT_NOT_EXISTS); } } }; @@ -123,7 +124,7 @@ export const createRoom: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!await canCreateRoom(client.accID)) - return void aws("error", "limit"); + return void aws("error", act_error.ROOM_LIMIT); try { let req = await insert( rooms.name, @@ -146,11 +147,12 @@ export const createRoom: Act = { .query(db); aws("ok", ""); } else { - aws("error", "existence"); + client.suspect(); + aws("error", act_error.ROOM_EXISTS); } } catch (error) { client.suspect(); - aws("error", "existence"); + aws("error", act_error.ROOM_EXISTS); } } }; @@ -170,7 +172,7 @@ export const deleteRoom: Act = { if (req.affectedRows > 0) { aws("ok", ""); } else { - aws("error", "existence"); + aws("error", act_error.ROOM_NOT_EXISTS); } } }; diff --git a/src/api/acts/login.ts b/src/api/acts/login.ts index 781afda..7a08934 100644 --- a/src/api/acts/login.ts +++ b/src/api/acts/login.ts @@ -9,6 +9,7 @@ import { selfTag } from "../../sys/selfTag.js"; import { get64, uts } from "../../sys/tools.js"; import { addTempToken, postClient } from "../post.js"; import { Act, Client, STATE } from "../user.js"; +import { act_error } from "../../server/errors.js"; export const requestTempToken: Act = { state: STATE.no | STATE.remote | STATE.remoteP | STATE.client, @@ -33,7 +34,7 @@ export const signup: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - aws("error", "data"); + aws("error", act_error.DATA); return; } let countAlias = alias(count(accounts.accID), "countAlias") as any; @@ -42,7 +43,7 @@ export const signup: Act = { let maxUsers = oConf.get("Settings", "maxUsers"); let userNum = query[0][countAlias]; if (maxUsers > -1 && userNum > 0 && userNum >= maxUsers) { - aws("error", "config"); + aws("error", act_error.CONFIG); return; } let salt = get64(16); @@ -61,11 +62,11 @@ export const signup: Act = { } } else { client.suspect(); - aws("error", "existence"); + aws("error", act_error.ACCOUNT_EXISTS); } } catch (error) { client.suspect(); - aws("error", "existence"); + aws("error", act_error.ACCOUNT_EXISTS); } @@ -83,7 +84,7 @@ export const signupOTA: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - aws("error", "data"); + aws("error", act_error.DATA); return; } // TODO: make transaktion when posible @@ -97,7 +98,7 @@ export const signupOTA: Act = { .where(eq(signupOTATable.usesLeft, 0)) .query(db); if (query.affectedRows == 0) { - return void aws("error", "ota"); + return void aws("error", act_error.OTA); } let salt = get64(16); let req = await insert(accounts.name, accounts.rights, accounts.accountKey, accounts.accountKeySalt) @@ -114,7 +115,7 @@ export const signupOTA: Act = { } } else { client.suspect(); - aws("error", "existence"); + aws("error", act_error.ACCOUNT_EXISTS); } } }; @@ -129,7 +130,7 @@ export const signin: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - aws("error", "data"); + aws("error", act_error.DATA); return; } let query = await select([accounts.accID, accounts.accountKey, accounts.accountKeySalt], accounts) @@ -140,7 +141,7 @@ export const signin: Act = { .query(db); if (query.length == 0 || query[0][accounts.accountKey] != sha256((query[0][accounts.accountKeySalt] ?? '') + data.accountKey)) { client.suspect(); - aws("error", "auth"); + aws("error", act_error.AUTH); return; } var accID = query[0][accounts.accID]; @@ -170,7 +171,7 @@ export const remote1: Act = { var tagAcert = `${data.name}@${server.host}:${server.port}-${data.publicKey}`; if (!(await verify(tagAcert, data.sign, cert))) { client.suspect(); - aws("error", "signature"); + aws("error", act_error.SIGNATURE); return; } @@ -182,7 +183,7 @@ export const remote1: Act = { aws("ok", { challenge: client.challenge }); } catch (e) { client.suspect(); - aws("error", "signature"); + aws("error", act_error.SIGNATURE); } } }; @@ -199,7 +200,7 @@ export const remote2: Act = { client.state = STATE.remote; } else { client.suspect(); - aws("error", "signature"); + aws("error", act_error.SIGNATURE); } } }; @@ -226,7 +227,7 @@ export const remoteServer1: Act = { }); } catch (e) { client.suspect(); - aws("error", "existence"); + aws("error", act_error.SERVER_NOT_EXISTS); } } }; @@ -243,7 +244,7 @@ export const remoteServer2: Act = { client.state = STATE.server; } else { client.suspect(); - aws("error", "signature"); + aws("error", act_error.SERVER_TOKEN); } } }; \ No newline at end of file diff --git a/src/api/acts/roomContent.ts b/src/api/acts/roomContent.ts index c9e12a5..c2a793c 100644 --- a/src/api/acts/roomContent.ts +++ b/src/api/acts/roomContent.ts @@ -4,6 +4,7 @@ import { Act, Client, STATE } from "../user.js"; import { db, listCategories, listItems, listProducts } from "../../sys/db.js"; import { isCategoryInRoom, isItemInRoom, isProductInRoom, isRoomDataFull } from "../helper.js" import { ROOM_RIGHTS } from "../../server/permissions.js"; +import { act_error } from "../../server/errors.js"; export const getCategories: Act = { state: STATE.client | STATE.remote, @@ -14,14 +15,14 @@ export const getCategories: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "getCategories", data); aws(resp.state, resp.data); return; } let roomID = await client.isInRoom(data.room); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_IN_ROOM); return; } let req = await select([ @@ -40,7 +41,7 @@ export const getCategories: Act = { let color = d[listCategories.color]; return { id, title, weight, color }; }).filter(d => d != null); - out.sort((a,b) => a.weight - b.weight); + out.sort((a, b) => a.weight - b.weight); aws("ok", out); } }; @@ -56,17 +57,17 @@ export const addCategory: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "addCategory", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } - if (await isRoomDataFull(roomID)) return void aws("error", "limit"); + if (await isRoomDataFull(roomID)) return void aws("error", act_error.ROOM_DATA_LIMIT); let req = await insert( listCategories.roomID, listCategories.title, @@ -85,7 +86,7 @@ export const addCategory: Act = { if (req.affectedRows > 0) aws("ok", { catID: req.insertId }); - else aws("error", "existence"); + else aws("error", act_error.ADD_CAT); } }; @@ -101,14 +102,14 @@ export const changeCategory: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "changeCategory", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } let req = await update(listCategories) @@ -120,7 +121,7 @@ export const changeCategory: Act = { )) .query(db); if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + else aws("error", act_error.CAT_NOT_EXISTS); } }; @@ -134,14 +135,14 @@ export const changeCategoriesOrder: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "changeCategoriesOrder", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } let affacted = 0; @@ -157,7 +158,7 @@ export const changeCategoriesOrder: Act = { affacted += req.affectedRows; } if (affacted > 0) aws("ok", ""); - else aws("error", "existence"); + else aws("error", act_error.CAT_NOT_EXISTS); } }; @@ -171,14 +172,14 @@ export const deleteCategory: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "deleteCategory", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } let req = await remove(listCategories) @@ -188,7 +189,7 @@ export const deleteCategory: Act = { )) .query(db); if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + else aws("error", act_error.CAT_NOT_EXISTS); } }; @@ -201,14 +202,14 @@ export const getProducts: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "getProducts", data); aws(resp.state, resp.data); return; } let roomID = await client.isInRoom(data.room); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_IN_ROOM); return; } let req = await select([ @@ -219,6 +220,7 @@ export const getProducts: Act = { listProducts.defUnit, listProducts.defValue, listProducts.ean, + listProducts.parent ], listProducts) .where(eq(listProducts.roomID, roomID)) .query(db); @@ -230,7 +232,10 @@ export const getProducts: Act = { let defUnit = d[listProducts.defUnit]; let defValue = d[listProducts.defValue]; let ean = d[listProducts.ean]; - return { listProdID, title, description, category, defUnit, defValue, ean }; + let parent = d[listProducts.parent]; + parent = parent == null ? -1 : parent; + category = category == null ? -1 : category; + return { listProdID, title, description, category, defUnit, defValue, ean, parent }; }); aws("ok", out.filter(d => d != null)); } @@ -252,19 +257,19 @@ export const addProduct: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "addProduct", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } - if (await isRoomDataFull(roomID)) return void aws("error", "limit"); - if (!isCategoryInRoom(roomID, data.listCatID)) return void aws("error", "existence"); - if (data.parent > -1 && !isProductInRoom(roomID, data.parent)) return void aws("error", "existence"); + if (await isRoomDataFull(roomID)) return void aws("error", act_error.ROOM_DATA_LIMIT); + if (data.listCatID > -1 && !isCategoryInRoom(roomID, data.listCatID)) return void aws("error", act_error.CAT_NOT_EXISTS); + if (data.parent > -1 && !isProductInRoom(roomID, data.parent)) return void aws("error", act_error.PROD_NOT_EXISTS); let req = await insert( listProducts.roomID, listProducts.title, @@ -278,7 +283,7 @@ export const addProduct: Act = { roomID, data.title, data.description, - data.listCatID, + data.listCatID > -1 ? data.listCatID : null, data.defUnit, data.defValue, data.ean, @@ -287,7 +292,7 @@ export const addProduct: Act = { if (req.affectedRows > 0) aws("ok", { listProdID: req.insertId }); - else aws("error", "existence"); + else aws("error", act_error.ADD_PROD); } }; @@ -308,32 +313,35 @@ export const changeProduct: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "changeProduct", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } - if (!isCategoryInRoom(roomID, data.listCatID)) return void aws("error", "existence"); - if (!isProductInRoom(roomID, data.listProdID)) return void aws("error", "existence"); - if (data.parent > -1 && !isProductInRoom(roomID, data.parent)) return void aws("error", "existence"); + if (!isProductInRoom(roomID, data.listProdID)) return void aws("error", act_error.PROD_NOT_EXISTS); + if (data.listCatID > -1 && !isCategoryInRoom(roomID, data.listCatID)) return void aws("error", act_error.CAT_NOT_EXISTS); + if (data.parent > -1 && !isProductInRoom(roomID, data.parent)) return void aws("error", act_error.PROD_NOT_EXISTS); let req = await update(listProducts) .set(listProducts.title, data.title) .set(listProducts.description, data.description) - .set(listProducts.category, data.listCatID) + .set(listProducts.category, data.listCatID > -1 ? data.listCatID : null) .set(listProducts.defUnit, data.defUnit) .set(listProducts.defValue, data.defValue) .set(listProducts.ean, data.ean) .set(listProducts.parent, data.parent > -1 ? data.parent : null) - .where(eq(listProducts.listProdID, data.listProdID)) + .where(and( + eq(listProducts.listProdID, data.listProdID), + eq(listProducts.roomID, roomID), + )) .query(db); if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + else aws("error", act_error.PROD_NOT_EXISTS); } }; @@ -347,24 +355,24 @@ export const deleteProduct: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "deleteProduct", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.LIST_CAT_PROD); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } - if (!isProductInRoom(roomID, data.listProdID)) return void aws("error", "existence"); + if (!isProductInRoom(roomID, data.listProdID)) return void aws("error", act_error.PROD_NOT_EXISTS); let req = await remove(listProducts) .where(and( eq(listProducts.listProdID, data.listProdID), eq(listProducts.roomID, roomID), )).query(db); if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + else aws("error", act_error.PROD_NOT_EXISTS); } }; @@ -377,14 +385,14 @@ export const getItems: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "getItems", data); aws(resp.state, resp.data); return; } let roomID = await client.isInRoom(data.room); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_IN_ROOM); return; } let req = await select([ @@ -413,10 +421,10 @@ export const getItems: Act = { state, // 0 = added; 1 = in cart/bought title, description, - listCatID, + listCatID: listCatID == null ? -1 : listCatID, unit, value, - listProdID + listProdID: listProdID == null ? -1 : listProdID }; }); aws("ok", out.filter(d => d != null)); @@ -439,20 +447,20 @@ export const addItem: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "addItem", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.ADD_ARTICLES); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } - if (data.state != 1 && data.state != 0) return void aws("error", "data"); - if (await isRoomDataFull(roomID)) return void aws("error", "limit"); - if (data.listCatID > -1 && !isCategoryInRoom(roomID, data.listCatID)) return void aws("error", "existence"); - if (data.listProdID > -1 && !isProductInRoom(roomID, data.listProdID)) return void aws("error", "existence"); + if (data.state != 1 && data.state != 0) return void aws("error", act_error.DATA); + if (await isRoomDataFull(roomID)) return void aws("error", act_error.ROOM_DATA_LIMIT); + if (data.listCatID > -1 && !isCategoryInRoom(roomID, data.listCatID)) return void aws("error", act_error.CAT_NOT_EXISTS); + if (data.listProdID > -1 && !isProductInRoom(roomID, data.listProdID)) return void aws("error", act_error.PROD_NOT_EXISTS); let req = await insert( listItems.roomID, listItems.state, @@ -475,7 +483,7 @@ export const addItem: Act = { if (req.affectedRows > 0) aws("ok", { listItemID: req.insertId }); - else aws("error", "existence"); + else aws("error", act_error.ADD_ITEM); } }; @@ -496,32 +504,32 @@ export const changeItem: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "changeItem", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.ADD_ARTICLES); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } - if (data.state != 1 && data.state != 0) return void aws("error", "data"); - if (!isItemInRoom(roomID, data.listItemID)) return void aws("error", "existence"); - if (data.listCatID > -1 && !isCategoryInRoom(roomID, data.listCatID)) return void aws("error", "existence"); - if (data.listProdID > -1 && !isProductInRoom(roomID, data.listProdID)) return void aws("error", "existence"); + if (data.state != 1 && data.state != 0) return void aws("error", act_error.DATA); + if (!isItemInRoom(roomID, data.listItemID)) return void aws("error", act_error.ITEM_NOT_EXISTS); + if (data.listCatID > -1 && !isCategoryInRoom(roomID, data.listCatID)) return void aws("error", act_error.CAT_NOT_EXISTS); + if (data.listProdID > -1 && !isProductInRoom(roomID, data.listProdID)) return void aws("error", act_error.PROD_NOT_EXISTS); let req = await update(listItems) .set(listItems.state, data.state) .set(listItems.title, data.title) .set(listItems.description, data.description) - .set(listItems.category, data.listCatID) + .set(listItems.category, data.listCatID > -1 ? data.listCatID : null) .set(listItems.unit, data.unit) .set(listItems.value, data.value) - .set(listItems.link, data.listProdID) + .set(listItems.link, data.listProdID > -1 ? data.listProdID : null) .where(eq(listItems.listItemID, data.listItemID)) .query(db); if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + else aws("error", act_error.ITEM_NOT_EXISTS); } }; @@ -536,24 +544,27 @@ export const changeItemState: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "changeItemState", data); aws(resp.state, resp.data); return; } let roomID = await client.isInRoom(data.room); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_IN_ROOM); return; } - if (data.state != 1 && data.state != 0) return void aws("error", "data"); - if (!isItemInRoom(roomID, data.listItemID)) return void aws("error", "existence"); + if (data.state != 1 && data.state != 0) return void aws("error", act_error.DATA); + if (!isItemInRoom(roomID, data.listItemID)) return void aws("error", act_error.ITEM_NOT_EXISTS); let req = await update(listItems) .set(listItems.state, data.state) - .where(eq(listItems.listItemID, data.listItemID)) + .where(and( + eq(listItems.listItemID, data.listItemID), + eq(listItems.roomID, roomID) + )) .query(db); if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + else aws("error", act_error.ITEM_NOT_EXISTS); } }; @@ -567,14 +578,14 @@ export const deleteItem: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "deleteItem", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.REMOVE_ARTICLES); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } let req = await remove(listItems) @@ -583,7 +594,7 @@ export const deleteItem: Act = { eq(listItems.roomID, roomID) )).query(db); if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + else aws("error", act_error.ITEM_NOT_EXISTS); } }; export const deleteItemByState: Act = { @@ -596,14 +607,14 @@ export const deleteItemByState: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); - let resp = await client.pass(data.server, "deleteItem", data); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); + let resp = await client.pass(data.server, "deleteItemByState", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.REMOVE_ARTICLES); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_ROOM_ADMIN); return; } let req = await remove(listItems) @@ -611,7 +622,6 @@ export const deleteItemByState: Act = { eq(listItems.state, data.state), eq(listItems.roomID, roomID) )).query(db); - if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + aws("ok", ""); } } \ No newline at end of file diff --git a/src/api/acts/rooms.ts b/src/api/acts/rooms.ts index e896c6b..2cb03bb 100644 --- a/src/api/acts/rooms.ts +++ b/src/api/acts/rooms.ts @@ -7,6 +7,7 @@ import { uts } from "../../sys/tools.js"; import { isRoomFull } from "../helper.js"; import { fetchRemoteAsServer } from "../server.js"; import { Act, Client, STATE } from "../user.js"; +import { act_error } from "../../server/errors.js"; export const listRooms: Act = { state: STATE.client | STATE.remote, @@ -121,7 +122,7 @@ export const getRoomInfo: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "getRoomInfo", data); aws(resp.state, resp.data); return; @@ -146,7 +147,7 @@ export const getRoomInfo: Act = { eq(rooms.name, data.room) )) .query(db); - if (req.length == 0) return void aws("error", "existence"); + if (req.length == 0) return void aws("error", act_error.ROOM_NOT_EXISTS); aws("ok", { name: req[0][rooms.name], server: selfTag.tag, @@ -173,7 +174,7 @@ export const getRoomMembers: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "getRoomMembers", data); aws(resp.state, resp.data); return; @@ -181,7 +182,7 @@ export const getRoomMembers: Act = { let roomID = await client.isInRoom(data.room); if (roomID == -1) { - aws("error", "existence"); + aws("error", act_error.NOT_IN_ROOM); return; } let req = await select([ @@ -217,7 +218,7 @@ export const joinRoom: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "joinRoom", data); if (resp.state == "ok") { try { @@ -225,7 +226,7 @@ export const joinRoom: Act = { .add(client.accID, data.server, data.room, true) .query(db); } catch (error) { } - } else if (resp.data == "ota") { + } else if (resp.data == act_error.OTA) { client.suspect(); client.suspect(); } @@ -238,9 +239,9 @@ export const joinRoom: Act = { let roomID = (query[0] ?? {})[rooms.roomID]; if (typeof roomID != "number" || roomID < 0) { client.suspect(); - return void aws("error", "ota"); + return void aws("error", act_error.ROOM_NOT_EXISTS); } - if (await isRoomFull(roomID)) return void aws("error", "limit"); + if (await isRoomFull(roomID)) return void aws("error", act_error.ROOM_USER_LIMIT); // TODO: Make Transaktion when possible await remove(roomOTAs) .where(or( @@ -260,7 +261,7 @@ export const joinRoom: Act = { .query(db); if (req.affectedRows == 0) { client.suspect(); - return void aws("error", "ota"); + return void aws("error", act_error.OTA); } try { let queryx = await insert( @@ -277,10 +278,10 @@ export const joinRoom: Act = { if (queryx.affectedRows > 0) { aws("ok", ""); } else { - aws("error", "duplicate"); + aws("error", act_error.DUPLICATE); } } catch (error) { - aws("error", "duplicate"); + aws("error", act_error.DUPLICATE); } } @@ -295,7 +296,7 @@ export const joinPublicRoom: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "joinPublicRoom", data); if (resp.state == "ok") { try { @@ -313,12 +314,12 @@ export const joinPublicRoom: Act = { let roomID = (query[0] ?? {})[rooms.roomID]; let visibility = (query[0] ?? {})[rooms.visibility]; if (typeof roomID != "number" || roomID < 0 || typeof visibility != "number") { - return void aws("error", "existence"); + return void aws("error", act_error.ROOM_NOT_EXISTS); } if (((client.state == STATE.client) && (visibility < 1)) || ((client.state == STATE.remote) && (visibility < 2))) { - return void aws("error", "existence"); + return void aws("error", act_error.ROOM_NOT_EXISTS); } - if (await isRoomFull(roomID)) return void aws("error", "limit"); + if (await isRoomFull(roomID)) return void aws("error", act_error.ROOM_USER_LIMIT); try { let queryx = await insert( roomMembers.roomID, @@ -334,10 +335,10 @@ export const joinPublicRoom: Act = { if (queryx.affectedRows > 0) { aws("ok", ""); } else { - aws("error", "duplicate"); + aws("error", act_error.DUPLICATE); } } catch (error) { - aws("error", "duplicate"); + aws("error", act_error.DUPLICATE); } } }; @@ -351,13 +352,13 @@ export const getRoomOTAs: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "getRoomOTAs", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.OTA); - if (roomID == -1) return void aws("error", "roomAdmin"); + if (roomID == -1) return void aws("error", act_error.NOT_ROOM_ADMIN); await remove(roomOTAs) .where(or( eq(roomOTAs.usesLeft, 0), @@ -392,13 +393,13 @@ export const addRoomOTA: Act = { // or change it, primary key is room and token }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "addRoomOTA", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.OTA); - if (roomID == -1) return void aws("error", "roomAdmin"); + if (roomID == -1) return void aws("error", act_error.NOT_ROOM_ADMIN); try { let resp = await insert(roomOTAs.roomID, roomOTAs.token, roomOTAs.name, roomOTAs.expires, roomOTAs.usesLeft) .add(roomID, data.token, data.name, data.expires, data.usesLeft) @@ -428,13 +429,13 @@ export const deleteRoomOTA: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "deleteRoomOTA", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.OTA); - if (roomID == -1) return void aws("error", "roomAdmin"); + if (roomID == -1) return void aws("error", act_error.NOT_ROOM_ADMIN); await remove(roomOTAs) .where(and( eq(roomOTAs.roomID, roomID), @@ -455,13 +456,13 @@ export const inviteUser: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.roomServer)) { - if (client.state != STATE.client) return void aws("error", "right"); - let resp = await client.pass(data.roomServer, "deleteRoomOTA", data); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); + let resp = await client.pass(data.roomServer, "inviteUser", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.OTA); - if (roomID == -1) return void aws("error", "roomAdmin"); + if (roomID == -1) return void aws("error", act_error.NOT_ROOM_ADMIN); let userServer = data.server; if (!checkSelfTag(userServer)) { @@ -469,7 +470,7 @@ export const inviteUser: Act = { if (resp.state == "error") { client.suspect(); client.suspect(); - return void aws("error", "existence"); + return void aws("error", act_error.ROOM_NOT_EXISTS); } } else { userServer = "local"; @@ -479,7 +480,10 @@ export const inviteUser: Act = { .add(roomID, userServer, data.name, false) .query(db); if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + else { + client.suspect(); + aws("error", act_error.MEMBER_EXISTS); + } } }; @@ -492,7 +496,7 @@ export const confirmRoom: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "confirmRoom", data); if (resp.state == "ok") { try { @@ -514,7 +518,7 @@ export const confirmRoom: Act = { return; } let roomID = await client.isInRoom(data.room); - if (roomID == -1) return void aws("error", "existence"); + if (roomID == -1) return void aws("error", act_error.NOT_IN_ROOM); let req = await update(roomMembers) .set(roomMembers.confimed, true) .where(and( @@ -523,7 +527,7 @@ export const confirmRoom: Act = { eq(roomMembers.server, client.state == STATE.client ? "local" : client.server.tag) )).query(db); if (req.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + else aws("error", act_error.MEMBER_NOT_EXISTS); } } @@ -538,13 +542,13 @@ export const kickMember: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.roomServer)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "kickMember", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.MANAGE_MEMBERS); - if (roomID == -1) return void aws("error", "roomAdmin"); + if (roomID == -1) return void aws("error", act_error.NOT_ROOM_ADMIN); let req = await remove(roomMembers) .where(and( eq(roomMembers.roomID, roomID), @@ -564,7 +568,7 @@ export const kickMember: Act = { if (req.affectedRows > 0) { aws("ok", ""); } else { - aws("error", "existence") + aws("error", act_error.MEMBER_NOT_EXISTS) } } }; @@ -581,13 +585,13 @@ export const setAdminStatus: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.roomServer)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.roomServer, "setAdminStatus", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.CHANGE_ADMIN); - if (roomID == -1) return void aws("error", "roomAdmin"); + if (roomID == -1) return void aws("error", act_error.NOT_ROOM_ADMIN); let req = await update(roomMembers) .set(roomMembers.admin, data.admin) .where(and( @@ -598,7 +602,7 @@ export const setAdminStatus: Act = { if (req.affectedRows > 0) { aws("ok", ""); } else { - aws("error", "existence"); + aws("error", act_error.MEMBER_NOT_EXISTS); } } }; @@ -612,9 +616,9 @@ export const leaveRoom: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "leaveRoom", data); - if (resp.state == "ok" || resp.data == "existence") { + if (resp.state == "ok" || resp.data == act_error.NOT_IN_ROOM) { await remove(remoteRooms) .where(and( eq(client.accID, remoteRooms.accID), @@ -626,7 +630,7 @@ export const leaveRoom: Act = { return; } let roomID = await client.isInRoom(data.room); - if (roomID == -1) return void aws("error", "existence"); + if (roomID == -1) return void aws("error", act_error.NOT_IN_ROOM); let req = await remove(roomMembers) .where(and( eq(roomMembers.roomID, roomID), @@ -646,7 +650,7 @@ export const leaveRoom: Act = { if (req.affectedRows > 0) { aws("ok", ""); } else { - aws("error", "owner"); + aws("error", act_error.OWNER); } } }; @@ -661,14 +665,14 @@ export const setVisibility: Act = { }, func: async (client, data, aws) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "setVisibility", data); aws(resp.state, resp.data); return; } - if (!([0, 1, 2]).includes(data.visibility)) return void aws("error", "data"); + if (!([0, 1, 2]).includes(data.visibility)) return void aws("error", act_error.DATA); let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.OTA); - if (roomID == -1) return void aws("error", "roomAdmin"); + if (roomID == -1) return void aws("error", act_error.NOT_ROOM_ADMIN); let req = await update(rooms) .set(rooms.visibility, data.visibility) .where(eq(rooms.roomID, roomID)) @@ -686,13 +690,13 @@ export const setRoomRight: Act = { }, func: async (client, data, aws) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "setRoomRight", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.CHANGE_ADMIN); - if (roomID == -1) return void aws("error", "roomAdmin"); + if (roomID == -1) return void aws("error", act_error.NOT_ROOM_ADMIN); let req = await update(rooms) .set(rooms.rights, data.rights) .where(eq(rooms.roomID, roomID)) @@ -713,13 +717,13 @@ export const changeRoomMeta: Act = { }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { if (!checkSelfTag(data.server)) { - if (client.state != STATE.client) return void aws("error", "right"); + if (client.state != STATE.client) return void aws("error", act_error.RECURSION); let resp = await client.pass(data.server, "changeRoomMeta", data); aws(resp.state, resp.data); return; } let roomID = await client.isRoomAdmin(data.room, ROOM_RIGHTS.CHANGE_META); - if (roomID == -1) return void aws("error", "roomAdmin"); + if (roomID == -1) return void aws("error", act_error.NOT_ROOM_ADMIN); let req = await update(rooms) .set(rooms.title, data.title) .set(rooms.description, data.description) diff --git a/src/api/acts/server.ts b/src/api/acts/server.ts index c74a197..f3f6f19 100644 --- a/src/api/acts/server.ts +++ b/src/api/acts/server.ts @@ -2,6 +2,7 @@ import { eq, insert, select } from "dblang"; import { checkSelfTag } from "../../server/outbagURL.js"; import { accounts, db, remoteRooms } from "../../sys/db.js"; import { Act, Client, STATE } from "../user.js"; +import { act_error } from "../../server/errors.js"; export const invite: Act = { state: STATE.server, @@ -13,19 +14,18 @@ export const invite: Act = { server: "string", }, func: async (client: Client, data: any, aws: (code: string, data: any) => void) => { - if (!checkSelfTag(data.server)) return void aws("error", "existence"); + if (!checkSelfTag(data.server)) return void aws("error", act_error.ACCOUNT_NOT_EXISTS); let req = await select([accounts.accID], accounts) .where(eq(accounts.name, data.name)) .query(db); if (req.length == 0) { client.suspect(); - aws("error", "existence"); + aws("error", act_error.ACCOUNT_NOT_EXISTS); return; } let query = await insert(remoteRooms.accID, remoteRooms.server, remoteRooms.rooms, remoteRooms.confirmed) .add(req[0][accounts.accID], client.server.tag, data.room, false) .query(db); - if (query.affectedRows > 0) aws("ok", ""); - else aws("error", "existence"); + aws("ok", ""); } }; \ No newline at end of file diff --git a/src/api/post.ts b/src/api/post.ts index 0fdef8d..731c6fd 100644 --- a/src/api/post.ts +++ b/src/api/post.ts @@ -12,6 +12,7 @@ import { addShutdownTask } from "nman"; import { suspectRequest } from "../sys/bruteforce.js"; import { checkSelfTag, outbagServer } from "../server/outbagURL.js"; import { selfTag } from "../sys/selfTag.js"; +import { act_error } from "../server/errors.js" let acts = importActs as { [key: string]: Act }; @@ -53,7 +54,7 @@ export const addPostMethods = (server: express.Express) => { client.client.state = STATE.remote; } else { if (req.suspect) req.suspect(); - aws("error", "serverToken"); + aws("error", act_error.SERVER_TOKEN); return; } } else if (auth.token != null && typeof auth.token == "string") { @@ -62,7 +63,7 @@ export const addPostMethods = (server: express.Express) => { client = tempTokens[auth.token]; } else { if (req.suspect) req.suspect(); - aws("error", "token"); + aws("error", act_error.TOKEN); return; } } else if ( @@ -76,7 +77,7 @@ export const addPostMethods = (server: express.Express) => { let serverTag = auth?.params?.server; if (!checkSelfTag(serverTag)) { debug("POST", "auth: bad server tag:", serverTag); - aws("error", "data"); + aws("error", act_error.DATA); return; } client.client.server = new outbagServer(serverTag, selfTag.host, selfTag.path, selfTag.port); @@ -91,7 +92,7 @@ export const addPostMethods = (server: express.Express) => { if (query.length == 0 || query[0][accounts.accountKey] != sha256((query[0][accounts.accountKeySalt] ?? '') + accountKey)) { if (req.suspect) req.suspect(); - aws("error", "auth"); + aws("error", act_error.AUTH); return; } client.client.accID = query[0][accounts.accID]; @@ -107,7 +108,7 @@ export const addPostMethods = (server: express.Express) => { aws(state, data); send = true; }); - if (!send) aws("error", "server"); + if (!send) aws("error", act_error.SERVER); }); } } @@ -123,25 +124,25 @@ export class postClient { try { let { state, data, right, func } = act; if (!(state & this.client.state)) { - aws("error", "wrongstate"); + aws("error", act_error.WRONG_STATE); this.client.suspect(); return; } if (typeof json.data == "undefined") { - aws("error", "data"); + aws("error", act_error.DATA); return; } if (data) { for (let d in data) { if (!checktype(json.data[d], data[d])) { debug("POST", "Data check error. Key: ", d, "; Type:", data[d], "; Value:", json.data[d]); - aws("error", "data"); + aws("error", act_error.DATA); return; } } } if (right && !(await this.client.checkRight(right))) { - aws("error", "right"); + aws("error", act_error.RIGHT); this.client.suspect(); return; } @@ -156,10 +157,10 @@ export class postClient { } if (!send) { - aws("error", "server"); + aws("error", act_error.SERVER); } } catch (error) { - aws("error", "server"); + aws("error", act_error.SERVER); } } } diff --git a/src/api/server.ts b/src/api/server.ts index 50a98c0..a2aa075 100644 --- a/src/api/server.ts +++ b/src/api/server.ts @@ -4,6 +4,7 @@ import { outbagServer } from "../server/outbagURL.js"; import { uts } from "../sys/tools.js"; import { getSettings, SETTINGS } from "../sys/settings.js"; import { selfTag } from "../sys/selfTag.js"; +import { act_error } from "../server/errors.js"; let remoteTempTokens: { [key: string]: { lastReq: number, token: string } } = {}; @@ -60,7 +61,7 @@ export const fetchRemoteAs = async (server: outbagServer, name: string, act: str act, data ); - if (resp.state != "error" || resp.data != "serverToken") return resp; + if (resp.state != "error" || resp.data != act_error.SERVER_TOKEN) return resp; token = await getServerToken(server, true); if (token === false) throw new Error("remote"); resp = await sendPost( @@ -69,15 +70,15 @@ export const fetchRemoteAs = async (server: outbagServer, name: string, act: str act, data ); - if (resp.state == "error" && resp.data == "serverToken") return { + if (resp.state == "error" && resp.data == act_error.SERVER_TOKEN) return { state: "error", - data: "remote" + data: act_error.REMOTE } return resp; } catch (error) { return { state: "error", - data: "remote" + data: act_error.REMOTE } } }; @@ -92,7 +93,7 @@ export const fetchRemoteAsServer = async (server: outbagServer, act: string, dat act, data ); - if (resp.state != "error" || resp.data != "token") return resp; + if (resp.state != "error" || resp.data != act_error.SERVER_TOKEN) return resp; token = await getServerToken(server, true); if (token === false) throw new Error("remote"); resp = await sendPost( @@ -101,15 +102,15 @@ export const fetchRemoteAsServer = async (server: outbagServer, act: string, dat act, data ); - if (resp.state == "error" && resp.data == "token") return { + if (resp.state == "error" && resp.data == act_error.SERVER_TOKEN) return { state: "error", - data: "remote" + data: act_error.REMOTE } return resp; } catch (error) { return { state: "error", - data: "remote" + data: act_error.REMOTE } } }; diff --git a/src/api/user.ts b/src/api/user.ts index e7eaaa8..f00583f 100644 --- a/src/api/user.ts +++ b/src/api/user.ts @@ -4,6 +4,7 @@ import { addBruteforcePotantial } from "../sys/bruteforce.js"; import { outbagServer, outbagURLfromTag } from "../server/outbagURL.js"; import { fetchRemoteAs } from "./server.js"; import { debug } from "../sys/log.js"; +import { act_error } from "../server/errors.js"; export const STATE = { no: 0b00001, @@ -62,7 +63,7 @@ export class Client { } catch (error) { return { state: "error", - data: "remote", + data: act_error.REMOTE, server: null } } diff --git a/src/api/ws.ts b/src/api/ws.ts index 79caea7..88881f3 100644 --- a/src/api/ws.ts +++ b/src/api/ws.ts @@ -4,6 +4,7 @@ import { bruteforcecheck } from "../sys/bruteforce.js"; import { Act, checktype, Client } from "./user.js"; import { debug, error } from "../sys/log.js"; import * as importActs from "./acts.js" +import { act_error } from "../server/errors.js"; let acts = importActs as { [key: string]: Act }; @@ -42,11 +43,20 @@ export class wsClient { socket.send(JSON.stringify({ id: json.id, state: "error", - data: "closed" + data: act_error.CLOSED })); debug("WebSocket", "send:", "error", "closed"); return; } + if(!bruteforcecheck(this.client.ip)){ + socket.send(JSON.stringify({ + id: json.id, + state: "error", + data: act_error.BRUTEFORCE + })); + debug("WebSocket", "send:", "error", "bruteforce"); + return; + } if (typeof json.act != "string") { return; } @@ -54,7 +64,7 @@ export class wsClient { socket.send(JSON.stringify({ id: json.id, state: "error", - data: "notfound" + data: act_error.NOT_FOUND })); debug("WebSocket", "send:", "error", "notfound"); return; @@ -64,7 +74,7 @@ export class wsClient { socket.send(JSON.stringify({ id: json.id, state: "error", - data: "wrongstate" + data: act_error.WRONG_STATE })); debug("WebSocket", "send:", "error", "wrongstate"); this.client.suspect(); @@ -74,7 +84,7 @@ export class wsClient { socket.send(JSON.stringify({ id: json.id, state: "error", - data: "data" + data: act_error.DATA })); debug("POST", "send:", "error", "data"); return; @@ -85,7 +95,7 @@ export class wsClient { socket.send(JSON.stringify({ id: json.id, state: "error", - data: "data" + data: act_error.DATA })); debug("WebSocket", "Data check error. Key: ", d, "; Type:", data[d], "; Value:", json.data[d]); debug("WebSocket", "send:", "error", "data"); @@ -97,7 +107,7 @@ export class wsClient { socket.send(JSON.stringify({ id: json.id, state: "error", - data: "right" + data: act_error.RIGHT })); debug("WebSocket", "send:", "error", "right"); this.client.suspect(); @@ -119,7 +129,7 @@ export class wsClient { socket.send(JSON.stringify({ id: json.id, state: "error", - data: "server" + data: act_error.SERVER })); } } catch (error) { diff --git a/src/server/errors.ts b/src/server/errors.ts index e69de29..a221a85 100644 --- a/src/server/errors.ts +++ b/src/server/errors.ts @@ -0,0 +1,45 @@ + + +export const act_error = { + CLOSED: "closed", // Server is closed + BRUTEFORCE: "bruteforce", // request cancled tue to brutforce suspiciot, try later + NOT_FOUND: "notfound", // act does not exists + WRONG_STATE: "wrongstate", // act can not be executed in current state + DATA: "data", // send Data did not matche expected data structur of act + RIGHT: "right", // your Server wide permissions do not allow you to do this + SERVER: "server", // uncaught error in server + RECURSION: "recursion", // not allowed due to suspected remote recursion, will only appear with miss configureation + REMOTE: "remote", // error while remote request (like could not contact the remote server) + + CLIENT_NOT_EXISTS: "clientnotexists", // seems like your own account does not exists (client.ts acts) + ACCOUNT_NOT_EXISTS: "accountnotexists", // referred account does not exists (admin / client trennen? ) + ACCOUNT_EXISTS: "accountexists", // referred account already exists + ROOM_EXISTS: "roomexists", // the new room already exists + ROOM_NOT_EXISTS: "roomnotexists", // the requested / referred to room does not exists (or does not exists for you) + MEMBER_NOT_EXISTS: "membernotexists", // referred Member does not exists (allways not you) + MEMBER_EXISTS: "memberexists", // referred Member already exists + DUPLICATE: "duplicate", // you are already a member + ROOM_LIMIT: "roomlimit", // you have exited your Room number limit + ROOM_USER_LIMIT: "roomuserlimit", // this room is full + ROOM_DATA_LIMIT: "roomdatalimit", // room is full + NOT_ROOM_ADMIN: "notroomAdmin", // your are not an Admin of this room, if it exists + NOT_IN_ROOM: "notinRoom", // your are not in this room + OWNER: "owner", // you are the owner, so you are not allowed to do this + + CAT_NOT_EXISTS: "catnotexists", // referred category does not exists + PROD_NOT_EXISTS: "prodnotexists", // referred product does not exists + ITEM_NOT_EXISTS: "itemnotexists", // referred Item does not exists + ADD_CAT: "addcat", // adding categorie did not work + ADD_PROD: "addprod", // adding product did not work + ADD_ITEM: "additem", // adding item did not work + + CONFIG: "config", // server is full, you need and ota to succeed + OTA: "ota", // given ota is invalid + AUTH: "auth", // provided auth informations are wrong + SIGNATURE: "signature", // can not verify provided signature + TOKEN: "token", // auth token is invallid + + //server-to-server only + SERVER_NOT_EXISTS: "servernotexists", // remote Server login can not require requsting server's informations + SERVER_TOKEN: "serverToken", // wrong server token +}; \ No newline at end of file diff --git a/tests/tests/post.js b/tests/tests/post.js index fca4628..07b2cf1 100644 --- a/tests/tests/post.js +++ b/tests/tests/post.js @@ -1,6 +1,7 @@ import { generateSigningKey, sign } from '../../dist/sys/crypto.js'; import { PERMISSIONS } from '../../dist/server/permissions.js'; import { uts, wait } from '../../dist/sys/tools.js'; +import { act_error } from '../../dist/server/errors.js'; let name1 = "testUser1"; let name2 = "testUser2"; @@ -25,7 +26,7 @@ const list = [ name: name1, server: "localhost:7224", accountKey - }, "error", "existence"); + }, "error", act_error.ACCOUNT_EXISTS); await req({}, "signup", { name: name2, @@ -37,7 +38,7 @@ const list = [ name: name2, server: "localhost:7224", accountKey - }, "error", "config"); + }, "error", act_error.config); }], ["remote", async (req) => { let signature = (await req({ "authorization": `Digest name=${name1} server=localhost:7224 accountKey=${accountKey}` }, "createSignature", { @@ -53,7 +54,7 @@ const list = [ server: "localhost:7223", publicKey, sign: signature - }, "error", "signature"); + }, "error", act_error.SIGNATURE); await req({ "authorization": `Bearer ${token}` @@ -62,7 +63,7 @@ const list = [ server: "localhost:7224", publicKey, sign: falseSignature - }, "error", "signature"); + }, "error", act_error.SIGNATURE); let challenge = (await req({ "authorization": `Bearer ${token}` @@ -80,13 +81,13 @@ const list = [ server: "localhost:7224", publicKey, sign: signature - }, "error", "wrongstate"); + }, "error", act_error.WRONG_STATE); await req({ "authorization": `Bearer ${token}` }, "remote2", { sign: await sign(challenge + "lol", privateKey) - }, "error", "signature"); + }, "error", act_error.SIGNATURE); await req({ "authorization": `Bearer ${token}` @@ -125,7 +126,7 @@ const list = [ name: name2, server: "localhost:7224", accountKey - }, "error", "auth"); + }, "error", act_error.AUTH); await req({}, "signin", { name: name2, server: "localhost:7224", @@ -138,7 +139,7 @@ const list = [ name: name2, server: "localhost:7224", accountKey: accountKey + "lol" - }, "error", "auth"); + }, "error",act_error.AUTH); }], ["admin", async (req) => { let resp = await req({ "authorization": `Digest name=${name1} server=localhost:7224 accountKey=${accountKey}` @@ -249,7 +250,7 @@ const list = [ description: "some desc", visibility: 0, icon: "shopping" - }, "error", "existence"); + }, "error", act_error.ROOM_EXISTS); await req({ "authorization": `Digest name=${name1} server=localhost:7224 accountKey=${accountKey}` @@ -270,7 +271,7 @@ const list = [ description: "some desc 2", visibility: 1, icon: "" - }, "error", "limit"); + }, "error", act_error.ROOM_LIMIT); await req({ "authorization": `Digest name=${name1} server=localhost:7224 accountKey=${accountKey}` @@ -304,7 +305,7 @@ const list = [ }, "deleteRoom", { room: room2 + "lol", server: "localhost:7224" - }, "error", "existence"); + }, "error", act_error.ROOM_NOT_EXISTS); await req({ "authorization": `Digest name=${name1} server=localhost:7224 accountKey=${accountKey}` @@ -318,7 +319,7 @@ const list = [ }, "deleteRoom", { room: room2, server: "localhost:7224" - }, "error", "existence"); + }, "error", act_error.ROOM_NOT_EXISTS); await req({ "authorization": `Digest name=${name1} server=localhost:7224 accountKey=${accountKey}` diff --git a/tests/tests/ws.js b/tests/tests/ws.js index d07a813..bf77ecf 100644 --- a/tests/tests/ws.js +++ b/tests/tests/ws.js @@ -1,5 +1,6 @@ import { generateSigningKey, sign } from '../../dist/sys/crypto.js'; import { PERMISSIONS } from '../../dist/server/permissions.js'; +import { act_error } from '../../dist/server/errors.js'; let name1 = "testUser1"; let name2 = "testUser2"; @@ -23,12 +24,12 @@ const list = [ name: name1, server: "localhost:7224", accountKey - }, "error", "wrongstate"); + }, "error", act_error.WRONG_STATE); await req(await newHandler(), "signup", { name: name1, server: "localhost:7224", accountKey - }, "error", "existence"); + }, "error", act_error.ACCOUNT_EXISTS); await req(await newHandler(), "signup", { name: name2, server: "localhost:7224", @@ -38,7 +39,7 @@ const list = [ name: name3, server: "localhost:7224", accountKey - }, "error", "config"); + }, "error", act_error.CONFIG); }], ["remote", async (handler, req, newHandler) => { await req(handler, "signin", { name: name1, @@ -55,13 +56,13 @@ const list = [ server: "localhost:7223", publicKey, sign: signature - }, "error", "signature"); + }, "error", act_error.SIGNATURE); await req(h2, "remote1", { name: name1, server: "localhost:7224", publicKey, sign: falseSignature - }, "error", "signature"); + }, "error", act_error.SIGNATURE); let challenge = (await req(h2, "remote1", { name: name1, server: "localhost:7224", @@ -73,10 +74,10 @@ const list = [ server: "localhost:7224", publicKey, sign: signature - }, "error", "wrongstate"); + }, "error", act_error.WRONG_STATE); await req(h2, "remote2", { sign: await sign(challenge + "lol", privateKey) - }, "error", "signature"); + }, "error", act_error.SIGNATURE); await req(h2, "remote2", { sign: await sign(challenge, privateKey) }, "ok", ""); @@ -122,7 +123,7 @@ const list = [ name: name2, server: "localhost:7224", accountKey - }, "error", "auth"); + }, "error", act_error.AUTH); await req(h2, "signin", { name: name2, server: "localhost:7224", @@ -135,7 +136,7 @@ const list = [ name: name2, server: "localhost:7224", accountKey: accountKey + "lol" - }, "error", "auth"); + }, "error", act_error.AUTH); }], ["room Owner", async (handler, req, newHandler) => { await req(handler, "signin", { name: name1, @@ -157,7 +158,7 @@ const list = [ description: "some desc", visibility: 0, icon: "shopping" - }, "error", "existence"); + }, "error", act_error.ROOM_EXISTS); await req(handler, "createRoom", { room: room2, @@ -175,7 +176,7 @@ const list = [ description: "some desc 2", visibility: 1, icon: "" - }, "error", "limit"); + }, "error", act_error.ROOM_LIMIT); await req(handler, "listRooms", {}, "ok", [ { @@ -205,7 +206,7 @@ const list = [ await req(handler, "deleteRoom", { room: room2 + "lol", server: "localhost:7224" - }, "error", "existence"); + }, "error", act_error.ROOM_NOT_EXISTS); await req(handler, "deleteRoom", { room: room2, server: "localhost:7224" @@ -213,7 +214,7 @@ const list = [ await req(handler, "deleteRoom", { room: room2, server: "localhost:7224" - }, "error", "existence"); + }, "error", act_error.ROOM_NOT_EXISTS); await req(handler, "listRooms", {}, "ok", [ { name: room1,