From d7ad99f14763ed07f51872a2d6e2c9711bf442da Mon Sep 17 00:00:00 2001 From: Mickael Remond Date: Mon, 25 Jul 2016 11:43:49 +0200 Subject: Initial attempt on access on commands May change and will require more work / test / refactor --- src/mod_http_api.erl | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'src/mod_http_api.erl') diff --git a/src/mod_http_api.erl b/src/mod_http_api.erl index bc30ee09..ba3a14cf 100644 --- a/src/mod_http_api.erl +++ b/src/mod_http_api.erl @@ -136,8 +136,7 @@ check_permissions(Request, Command) -> {ok, CommandPolicy, Scope} = ejabberd_commands:get_command_policy_and_scope(Call), check_permissions2(Request, Call, CommandPolicy, Scope); _ -> - %% TODO Should this be a 404 or 400 instead of 401 ? - unauthorized_response() + json_error(404, 40, <<"Endpoint not found.">>) end. check_permissions2(#request{auth = HTTPAuth, headers = Headers}, Call, _, ScopeList) @@ -269,10 +268,10 @@ get_api_version(#request{path = Path}) -> get_api_version(lists:reverse(Path)); get_api_version([<<"v", String/binary>> | Tail]) -> case catch jlib:binary_to_integer(String) of - N when is_integer(N) -> - N; - _ -> - get_api_version(Tail) + N when is_integer(N) -> + N; + _ -> + get_api_version(Tail) end; get_api_version([_Head | Tail]) -> get_api_version(Tail); @@ -318,6 +317,8 @@ handle(Call, Auth, Args, Version, IP) when is_atom(Call), is_list(Args) -> {401, iolist_to_binary(Msg)}; throw:{error, account_unprivileged} -> {403, 31, <<"Command need to be run with admin priviledge.">>}; + throw:{error, access_rules_unauthorized} -> + {403, 32, <<"AccessRules: Account associated to token does not have the right to perform the operation.">>}; throw:{invalid_parameter, Msg} -> {400, iolist_to_binary(Msg)}; throw:{error, Why} when is_atom(Why) -> -- cgit v1.2.3