diff --git a/packages/accounts-facebook/facebook_server.js b/packages/accounts-facebook/facebook_server.js index d457caab02..91eece0944 100644 --- a/packages/accounts-facebook/facebook_server.js +++ b/packages/accounts-facebook/facebook_server.js @@ -55,11 +55,7 @@ } if (error_response) { - if (error_response.error) { - throw new Meteor.Error("Error trying to get access token from Facebook", error_response); - } else { - throw new Meteor.Error("Unexpected response when trying to get access token from Facebook", error_response); - } + throw new Meteor.Error(500, "Error trying to get access token from Facebook", error_response); } else { // Success! Extract the facebook access token from the // response @@ -72,7 +68,7 @@ }); if (!fbAccessToken) - throw new Meteor.Error("Couldn't find access token in HTTP response: " + response); + throw new Meteor.Error(500, "Couldn't find access token in HTTP response."); return fbAccessToken; } }; @@ -85,4 +81,4 @@ throw result.error; return result.data; }; -}) (); \ No newline at end of file +}) (); diff --git a/packages/accounts-oauth2-helper/oauth2_server.js b/packages/accounts-oauth2-helper/oauth2_server.js index 1c083381b0..69a2b8941c 100644 --- a/packages/accounts-oauth2-helper/oauth2_server.js +++ b/packages/accounts-oauth2-helper/oauth2_server.js @@ -17,7 +17,7 @@ // - `null` if the user declined to give permissions Meteor.accounts.oauth2.registerService = function (name, handleOauthRequest) { if (Meteor.accounts.oauth2._services[name]) - throw new Meteor.Error("Already registered the " + name + " OAuth2 service"); + throw new Error("Already registered the " + name + " OAuth2 service"); Meteor.accounts.oauth2._services[name] = { handleOauthRequest: handleOauthRequest @@ -108,4 +108,4 @@ }).run(); }); -})(); \ No newline at end of file +})(); diff --git a/packages/accounts-passwords/passwords_server.js b/packages/accounts-passwords/passwords_server.js index 9335d3ffb1..4ecf87e8f1 100644 --- a/packages/accounts-passwords/passwords_server.js +++ b/packages/accounts-passwords/passwords_server.js @@ -9,9 +9,9 @@ var selectorFromUserQuery = function (user) { if (!user) - throw new Meteor.Error("Must pass a user property in request"); + throw new Meteor.Error(400, "Must pass a user property in request"); if (_.keys(user).length !== 1) - throw new Meteor.Error("User property must have exactly one field"); + throw new Meteor.Error(400, "User property must have exactly one field"); var selector; if (user.id) @@ -21,7 +21,7 @@ else if (user.email) selector = {emails: user.email}; else - throw new Meteor.Error("Must pass username, email, or id in request.user"); + throw new Meteor.Error(400, "Must pass username, email, or id in request.user"); return selector; }; @@ -39,11 +39,11 @@ var user = Meteor.users.findOne(selector); if (!user) - throw new Meteor.Error("user not found"); + throw new Meteor.Error(403, "user not found"); if (!user.services || !user.services.password || !user.services.password.srp) - throw new Meteor.Error("user has no password set"); + throw new Meteor.Error(403, "user has no password set"); var verifier = user.services.password.srp; var srp = new Meteor._srp.Server(verifier); @@ -68,24 +68,24 @@ changePassword: function (options) { if (!this.userId()) - throw new Meteor.Error("must be logged in"); + throw new Meteor.Error(401, "must be logged in"); // If options.M is set, it means we went through a challenge with // the old password. // XXX && Meteor.accounts.config.unsafePasswordChanges check here! if (!options.M) { - throw new Meteor.Error("XXX no oldPassword unimplemented"); + throw new Meteor.Error(500, "XXX no oldPassword unimplemented"); } if (options.M) { var serialized = Meteor.accounts._srpChallenges.findOne( {M: options.M}); if (!serialized) - throw new Meteor.Error("bad password"); + throw new Meteor.Error(403, "bad password"); if (serialized.userId !== this.userId()) // No monkey business! - throw new Meteor.Error("bad password"); + throw new Meteor.Error(403, "bad password"); } var verifier = options.srp; @@ -94,7 +94,7 @@ } if (!verifier || !verifier.identity || !verifier.salt || !verifier.verifier) - throw new Meteor.Error("Invalid verifier"); + throw new Meteor.Error(400, "Invalid verifier"); Meteor.users.update({_id: this.userId()}, {$set: {'services.password.srp': verifier}}); @@ -146,12 +146,12 @@ if (!options.srp) return undefined; // don't handle if (!options.srp.M) - throw new Meteor.Error("must pass M in options.srp"); + throw new Meteor.Error(400, "must pass M in options.srp"); var serialized = Meteor.accounts._srpChallenges.findOne( {M: options.srp.M}); if (!serialized) - throw new Meteor.Error("bad password"); + throw new Meteor.Error(403, "bad password"); var userId = serialized.userId; var loginToken = Meteor.accounts._loginTokens.insert({userId: userId}); @@ -180,11 +180,11 @@ var selector = selectorFromUserQuery(options.user); var user = Meteor.users.findOne(selector); if (!user) - throw new Meteor.Error("user not found"); + throw new Meteor.Error(403, "user not found"); if (!user.services || !user.services.password || !user.services.password.srp) - throw new Meteor.Error("user has no password set"); + throw new Meteor.Error(403, "user has no password set"); // Just check the verifier output when the same identity and salt // are passed. Don't bother with a full exchange. @@ -193,7 +193,7 @@ identity: verifier.identity, salt: verifier.salt}); if (verifier.verifier !== newVerifier.verifier) - throw new Meteor.Error("bad password"); + throw new Meteor.Error(403, "bad password"); var loginToken = Meteor.accounts._loginTokens.insert({userId: user._id}); return {token: loginToken, id: user._id}; diff --git a/packages/accounts/accounts_server.js b/packages/accounts/accounts_server.js index 2f0830c78d..e13e9ebeb7 100644 --- a/packages/accounts/accounts_server.js +++ b/packages/accounts/accounts_server.js @@ -40,7 +40,7 @@ }); if (result === undefined) { - throw new Meteor.Error("Unrecognized options for login request"); + throw new Meteor.Error(400, "Unrecognized options for login request"); } else { return result; } @@ -61,7 +61,7 @@ var loginToken = Meteor.accounts._loginTokens .findOne({_id: options.resume}); if (!loginToken) - throw new Meteor.Error("Couldn't find login token"); + throw new Meteor.Error(403, "Couldn't find login token"); return { token: loginToken._id, diff --git a/packages/mongo-livedata/allow_tests.js b/packages/mongo-livedata/allow_tests.js index c03542e23b..7d725c7d9e 100644 --- a/packages/mongo-livedata/allow_tests.js +++ b/packages/mongo-livedata/allow_tests.js @@ -108,12 +108,12 @@ update: function(userId, docs) { // throw fields in first doc so that we can inspect them in test throw new Meteor.Error( - "Test: Fields in doc: " + _.keys(docs[0]).join(',')); + 999, "Test: Fields in doc: " + _.keys(docs[0]).join(',')); }, remove: function(userId, docs) { // throw fields in first doc so that we can inspect them in test throw new Meteor.Error( - "Test: Fields in doc: " + _.keys(docs[0]).join(',')); + 999, "Test: Fields in doc: " + _.keys(docs[0]).join(',')); }, fetch: ['field1'] }); @@ -128,12 +128,12 @@ update: function(userId, docs) { // throw fields in first doc so that we can inspect them in test throw new Meteor.Error( - "Test: Fields in doc: " + _.keys(docs[0]).join(',')); + 999, "Test: Fields in doc: " + _.keys(docs[0]).join(',')); }, remove: function(userId, docs) { // throw fields in first doc so that we can inspect them in test throw new Meteor.Error( - "Test: Fields in doc: " + _.keys(docs[0]).join(',')); + 999, "Test: Fields in doc: " + _.keys(docs[0]).join(',')); }, fetch: ['field1'] }); @@ -160,7 +160,7 @@ function (test, expect) { restrictedCollectionForPartialAllowTest.update( {world: test.runId()}, {$set: {updated: true}}, expect(function (err, res) { - test.equal(err.error, 'Access denied. No update validators set on restricted collection.'); + test.equal(err.error, 403); })); } ]); @@ -177,22 +177,22 @@ restrictedCollectionForFetchTest.update( {world: test.runId()}, {$set: {updated: true}}, expect(function (err, res) { - test.equal(err.error, "Test: Fields in doc: field1,field2,_id"); + test.equal(err.reason, "Test: Fields in doc: field1,field2,_id"); })); restrictedCollectionForFetchTest.remove( {world: test.runId()}, expect(function (err, res) { - test.equal(err.error, "Test: Fields in doc: field1,field2,_id"); + test.equal(err.reason, "Test: Fields in doc: field1,field2,_id"); })); restrictedCollectionForFetchAllTest.update( {world: test.runId()}, {$set: {updated: true}}, expect(function (err, res) { - test.equal(err.error, + test.equal(err.reason, "Test: Fields in doc: field1,field2,field3,world,_id"); })); restrictedCollectionForFetchAllTest.remove( {world: test.runId()}, expect(function (err, res) { - test.equal(err.error, + test.equal(err.reason, "Test: Fields in doc: field1,field2,field3,world,_id"); })); @@ -225,7 +225,7 @@ }, function (test, expect) { lockedDownCollection.insert({world: test.runId(), foo: 'bar'}, expect(function (err, res) { - test.equal(err.error, "Access denied"); + test.equal(err.error, 403); })); Meteor.default_connection.onQuiesce(expect(function () { test.equal(lockedDownCollection.find({world: test.runId()}).count(), 0); @@ -290,14 +290,14 @@ // insert checks validator function (test, expect) { collection.insert({world: test.runId(), canInsert: false}, expect(function (err, res) { - test.equal(err.error, "Access denied"); + test.equal(err.error, 403); test.equal(collection.find({world: test.runId()}).count(), 0); })); }, // insert checks all validators function (test, expect) { collection.insert({world: test.runId(), canInsert: true}, expect(function (err, res) { - test.equal(err.error, "Access denied"); + test.equal(err.error, 403); test.equal(collection.find({world: test.runId()}).count(), 0); })); }, @@ -343,9 +343,7 @@ {canInsert: true, world: test.runId()}, {newObject: 1}, expect(function (err, res) { - test.equal( - err.error, - "Access denied. Can't replace document in restricted collection."); + test.equal(err.error, 403); })); }, @@ -363,7 +361,7 @@ {world: test.runId(), canInsert: true, canUpdate: true}, {$set: {"verySecret.field": 1}}, expect(function (err, res) { - test.equal(err.error, "Access denied"); + test.equal(err.error, 403); })); }, @@ -382,7 +380,7 @@ // update fails when access is denied trying to set `verySecret` function (test, expect) { collection.update({world: test.runId(), canInsert: true}, {$set: {verySecret: true}}, expect(function (err, res) { - test.equal(err.error, "Access denied"); + test.equal(err.error, 403); // nothing has changed test.equal(collection.find({world: test.runId()}).count(), 3); test.equal(collection.find({world: test.runId()}).fetch()[1].canInsert, true); @@ -394,7 +392,7 @@ // `verySecret` function (test, expect) { collection.update({world: test.runId(), canInsert: true}, {$set: {updated: true, verySecret: true}}, expect(function (err, res) { - test.equal(err.error, "Access denied"); + test.equal(err.error, 403); // nothing has changed test.equal(collection.find({world: test.runId()}).count(), 3); test.equal(collection.find({world: test.runId()}).fetch()[1].canInsert, true); @@ -406,7 +404,7 @@ // have `canUpdate` set function (test, expect) { collection.update({world: test.runId(), canInsert: true}, {$set: {updated: true}}, expect(function (err, res) { - test.equal(err.error, "Access denied"); + test.equal(err.error, 403); // nothing has changed test.equal(collection.find({world: test.runId()}).count(), 3); test.equal(collection.find({world: test.runId()}).fetch()[1].canInsert, true); @@ -426,7 +424,7 @@ // `canRemove` set function (test, expect) { collection.remove({world: test.runId(), canInsert: true}, expect(function (err, res) { - test.equal(err.error, "Access denied"); + test.equal(err.error, 403); // nothing has changed test.equal(collection.find({world: test.runId()}).count(), 3); })); @@ -434,7 +432,7 @@ // another test that remove fails with no `canRemove` set function (test, expect) { collection.remove({world: test.runId(), canUpdate: true}, expect(function (err, res) { - test.equal(err.error, "Access denied"); + test.equal(err.error, 403); // nothing has changed test.equal(collection.find({world: test.runId()}).count(), 3); })); diff --git a/packages/mongo-livedata/collection.js b/packages/mongo-livedata/collection.js index 00c773e212..6de43b483d 100644 --- a/packages/mongo-livedata/collection.js +++ b/packages/mongo-livedata/collection.js @@ -153,10 +153,10 @@ Meteor.Collection.prototype._defineMutationMethods = function() { if (!this.is_simulation) { if (self._restricted) { if (!self._allowInsert(this.userId(), doc)) - throw new Meteor.Error("Access denied"); + throw new Meteor.Error(403, "Access denied"); } else { if (!insecure) - throw new Meteor.Error("Access denied"); + throw new Meteor.Error(403, "Access denied"); } } @@ -178,7 +178,7 @@ Meteor.Collection.prototype._defineMutationMethods = function() { // update returns nothing. allow exceptions to propagate. self._collection.update(selector, mutator, options); } else { - throw new Meteor.Error("Access denied"); + throw new Meteor.Error(403, "Access denied"); } } } @@ -198,7 +198,7 @@ Meteor.Collection.prototype._defineMutationMethods = function() { // insert returns nothing. allow exceptions to propagate. self._collection.remove(selector); } else { - throw new Meteor.Error("Access denied"); + throw new Meteor.Error(403, "Access denied"); } } } @@ -249,7 +249,7 @@ Meteor.Collection.prototype.allow = function(options) { // assuming the collection is restricted Meteor.Collection.prototype._allowInsert = function(userId, doc) { if (this._validators.insert.length === 0) { - throw new Meteor.Error("Accesd denied. No insert validators set on restricted collection."); + throw new Meteor.Error(403, "Access denied. No insert validators set on restricted collection."); } // all validators should return true @@ -266,14 +266,14 @@ Meteor.Collection.prototype._validatedUpdate = function(userId, selector, mutato var self = this; if (self._validators.update.length === 0) { - throw new Meteor.Error("Access denied. No update validators set on restricted collection."); + throw new Meteor.Error(403, "Access denied. No update validators set on restricted collection."); } // compute modified fields var fields = []; _.each(mutator, function (params, op) { if (op[0] !== '$') { - throw new Meteor.Error("Access denied. Can't replace document in restricted collection."); + throw new Meteor.Error(403, "Access denied. Can't replace document in restricted collection."); } else { _.each(_.keys(params), function (field) { // treat dotted fields as if they are replacing their @@ -310,7 +310,7 @@ Meteor.Collection.prototype._validatedUpdate = function(userId, selector, mutato if (_.any(self._validators.update, function(validator) { return !validator(userId, docs, fields, mutator); })) { - throw new Meteor.Error("Access denied"); + throw new Meteor.Error(403, "Access denied"); } // construct new $in selector to replace the original one @@ -333,7 +333,7 @@ Meteor.Collection.prototype._validatedRemove = function(userId, selector) { var self = this; if (self._validators.remove.length === 0) { - throw new Meteor.Error("Access denied. No remove validators set on restricted collection."); + throw new Meteor.Error(403, "Access denied. No remove validators set on restricted collection."); } var findOptions = {}; @@ -350,7 +350,7 @@ Meteor.Collection.prototype._validatedRemove = function(userId, selector) { if (_.any(self._validators.remove, function(validator) { return !validator(userId, docs); })) { - throw new Meteor.Error("Access denied"); + throw new Meteor.Error(403, "Access denied"); } // construct new $in selector to replace the original one