From 64b4eeb0b836b185f02d338948257ea4ef6bfed3 Mon Sep 17 00:00:00 2001 From: Hiroyuki Date: Tue, 23 Feb 2021 15:46:28 -0400 Subject: [PATCH] Update HTTP 401s to 403s to comply with RFC 7231 --- src/api/board.ins/routes/root.ts | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/src/api/board.ins/routes/root.ts b/src/api/board.ins/routes/root.ts index 5fcbbd6..846e716 100644 --- a/src/api/board.ins/routes/root.ts +++ b/src/api/board.ins/routes/root.ts @@ -23,7 +23,7 @@ export default class Root extends Route { const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794'); if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) { - return res.status(401).json({ + return res.status(403).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED, }); @@ -77,7 +77,7 @@ export default class Root extends Route { const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794'); if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) { - return res.status(401).json({ + return res.status(403).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED, }); @@ -137,7 +137,7 @@ export default class Root extends Route { const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794'); if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) { - return res.status(401).json({ + return res.status(403).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED, }); @@ -191,7 +191,7 @@ export default class Root extends Route { const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794'); if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) { - return res.status(401).json({ + return res.status(403).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED, }); @@ -203,6 +203,7 @@ export default class Root extends Route { message: this.constants.messages.CLIENT_ERROR, }); } + if (!(await this.server.client.db.ExecutiveOrder.exists({ oID: req.params.id }))) { return res.status(404).json({ code: this.constants.codes.NOT_FOUND, @@ -227,7 +228,7 @@ export default class Root extends Route { const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794'); if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) { - return res.status(401).json({ + return res.status(403).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED, }); @@ -263,7 +264,7 @@ export default class Root extends Route { const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794'); if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) { - return res.status(401).json({ + return res.status(403).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED, }); @@ -376,7 +377,7 @@ export default class Root extends Route { const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794'); if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) { - return res.status(401).json({ + return res.status(403).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED, }); @@ -422,7 +423,7 @@ export default class Root extends Route { const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794'); if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) { - return res.status(401).json({ + return res.status(403).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED, }); @@ -468,7 +469,7 @@ export default class Root extends Route { const staffGuild = this.server.client.guilds.get('446067825673633794') || await this.server.client.getRESTGuild('446067825673633794'); if (!director || !staffGuild.members.get(director.userID)?.roles?.includes('662163685439045632')) { - return res.status(401).json({ + return res.status(403).json({ code: this.constants.codes.UNAUTHORIZED, message: this.constants.messages.UNAUTHORIZED, });