@@ -59,11 +59,14 @@ export class StateObject<
5959 }
6060
6161 okUser ( ) {
62- if ( ! this . user . isLoggedIn ) throw "User not authenticated" ;
62+ if ( ! this . user . isLoggedIn )
63+ throw new SendError ( "ACCESS_DENIED" , 403 , { reason : "User not authenticated" } )
6364 }
6465 okAdmin ( ) {
65- if ( ! this . user . isLoggedIn ) throw "User not authenticated" ;
66- if ( ! this . user . isAdmin ) throw "User is not an admin" ;
66+ if ( ! this . user . isLoggedIn )
67+ throw new SendError ( "ACCESS_DENIED" , 403 , { reason : "User not authenticated" } )
68+ if ( ! this . user . isAdmin )
69+ throw new SendError ( "ACCESS_DENIED" , 403 , { reason : "User is not an admin" } )
6770 }
6871
6972 async $transaction < T > ( fn : ( prisma : PrismaTxnClient ) => Promise < T > ) : Promise < T > {
@@ -78,30 +81,20 @@ export class StateObject<
7881 return this . engine . $transaction ( arg ( this . engine ) , options ) ;
7982 }
8083
81- makeTiddlerEtag ( options : { bag_name : string ; revision_id : string | number ; } ) {
82- // why do we need revision_id AND bag_name? revision_id is unique across all tiddlers
83- if ( options . bag_name && options . revision_id ) {
84- return `"tiddler:${ options . bag_name } /${ options . revision_id } "` ;
85- } else {
86- throw "Missing bag_name or revision_id" ;
87- }
88- }
89-
90-
9184 assertWikiReferer ( recipe_slug : string ) {
9285 const state = this ;
9386 if ( ! state . headers . referer ) return ;
9487 const referer = new URL ( state . headers . referer ) ;
9588 // console.log("Referer", state.headers.referer, referer);
9689 if ( ! referer . pathname . startsWith ( state . pathPrefix ) )
97- throw state . sendEmpty ( 404 , { "x- reason" : "invalid path prefix " } ) ;
90+ throw new SendError ( "ACCESS_DENIED" , 403 , { reason : "Referer check failed " } )
9891 if ( ! referer . pathname . startsWith ( state . pathPrefix + "/wiki/" ) )
9992 return ; // keep going
10093 // we now get the recipe name from the referer
10194 const recipe_name = referer . pathname . substring ( state . pathPrefix . length + "/wiki/" . length ) ;
10295 const referer_slug = decodeURIComponent ( recipe_name ) as PrismaField < "Recipe" , "id" > ;
10396 if ( referer_slug !== recipe_slug )
104- throw new SendError ( "CROSS_WIKI_ACCESS_DENIED " , 403 , null ) ;
97+ throw new SendError ( "ACCESS_DENIED " , 403 , { reason : "Referer check failed" } )
10598 }
10699
107100 assertAdminReferer ( ) {
@@ -111,9 +104,9 @@ export class StateObject<
111104 const referer = new URL ( state . headers . referer ) ;
112105 // deny referers from outside our pathprefix
113106 if ( ! referer . pathname . startsWith ( state . pathPrefix ) )
114- throw new SendError ( "ADMIN_ACCESS_DENIED " , 403 , null ) ;
107+ throw new SendError ( "ACCESS_DENIED " , 403 , { reason : "Referer check failed" } )
115108 if ( referer . pathname . startsWith ( state . pathPrefix + "/wiki/" ) )
116- throw new SendError ( "ADMIN_ACCESS_DENIED " , 403 , null ) ;
109+ throw new SendError ( "ACCESS_DENIED " , 403 , { reason : "Referer check failed" } )
117110 }
118111
119112
0 commit comments