mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 05:07:42 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

mod_http_file_share: Improve error reporting by using util.error more

Browse source 
This should pass back the error message as well as the status code to
the client.
This commit is contained in:
Kim Alvefur 2025-03-16 15:20:45 +01:00
parent 6bf45cacf9
commit 780fd208bc
1 changed files with 30 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

39
plugins/mod_http_file_share.lua
View file

@ -62,12 +62,33 @@ local upload_errors = errors.init(module.name, namespace, {
access = { type = "auth"; condition = "forbidden" }; access = { type = "auth"; condition = "forbidden" };
filename = { type = "modify"; condition = "bad-request"; text = "Invalid filename" }; filename = { type = "modify"; condition = "bad-request"; text = "Invalid filename" };
filetype = { type = "modify"; condition = "not-acceptable"; text = "File type not allowed" }; filetype = { type = "modify"; condition = "not-acceptable"; text = "File type not allowed" };
filesize = { type = "modify"; condition = "not-acceptable"; text = "File too large"; filesize = {
extra = {tag = st.stanza("file-too-large", {xmlns = namespace}):tag("max-file-size"):text(tostring(file_size_limit)) }; code = 413;
type = "modify";
condition = "not-acceptable";
text = "File too large";
extra = {
tag = st.stanza("file-too-large", { xmlns = namespace }):tag("max-file-size"):text(tostring(file_size_limit));
};
}; };
filesizefmt = { type = "modify"; condition = "bad-request"; text = "File size must be positive integer"; }; filesizefmt = { type = "modify"; condition = "bad-request"; text = "File size must be positive integer"; };
quota = { type = "wait"; condition = "resource-constraint"; text = "Daily quota reached"; }; quota = { type = "wait"; condition = "resource-constraint"; text = "Daily quota reached"; };
outofdisk = { type = "wait"; condition = "resource-constraint"; text = "Server global storage quota reached" }; outofdisk = { type = "wait"; condition = "resource-constraint"; text = "Server global storage quota reached" };
authzmalformed = {
code = 401;
type = "auth";
condition = "not-authorized";
text = "Missing or malformed Authorization header";
};
unauthz = { code = 403; type = "auth"; condition = "forbidden"; text = "Unauthorized or invalid token" };
invalidslot = {
code = 400;
type = "modify";
condition = "bad-request";
text = "Invalid upload slot, must not contain '/'";
};
alreadycompleted = { code = 409; type = "cancel"; condition = "conflict"; text = "Upload already completed" };
writefail = { code = 500; type = "wait"; condition = "internal-server-error" }
}); });
local upload_cache = cache.new(1024); local upload_cache = cache.new(1024);
@ -260,19 +281,19 @@ function handle_upload(event, path) -- PUT /upload/:slot
if not authz then if not authz then
module:log("debug", "Missing or malformed Authorization header"); module:log("debug", "Missing or malformed Authorization header");
event.response.headers.www_authenticate = "Bearer"; event.response.headers.www_authenticate = "Bearer";
return 401; return upload_errors.new("authzmalformed", { request = request });
end end
local authed, authed_upload_info = verify_jwt(authz); local authed, authed_upload_info = verify_jwt(authz);
if not authed then if not authed then
module:log("debug", "Unauthorized or invalid token: %s, %q", authz, authed_upload_info); module:log("debug", "Unauthorized or invalid token: %s, %q", authz, authed_upload_info);
return 401; return upload_errors.new("unauthz", { request = request; wrapped_error = authed_upload_info });
end end
if not path or authed_upload_info.slot ~= path:match("^[^/]+") then if not path or authed_upload_info.slot ~= path:match("^[^/]+") then
module:log("debug", "Invalid upload slot: %q, path: %q", authed_upload_info.slot, path); module:log("debug", "Invalid upload slot: %q, path: %q", authed_upload_info.slot, path);
return 400; return upload_errors.new("unauthz", { request = request });
end end
if request.headers.content_length and tonumber(request.headers.content_length) ~= authed_upload_info.filesize then if request.headers.content_length and tonumber(request.headers.content_length) ~= authed_upload_info.filesize then
return 413; return upload_errors.new("filesize", { request = request });
-- Note: We don't know the size if the upload is streamed in chunked encoding, -- Note: We don't know the size if the upload is streamed in chunked encoding,
-- so we also check the final file size on completion. -- so we also check the final file size on completion.
end end
@ -288,7 +309,7 @@ function handle_upload(event, path) -- PUT /upload/:slot
local f = io.open(filename, "r"); local f = io.open(filename, "r");
if f then if f then
f:close(); f:close();
return 409; return upload_errors.new("alreadycompleted", { request = request });
end end
end end
@ -297,7 +318,7 @@ function handle_upload(event, path) -- PUT /upload/:slot
local fh, err = io.open(filename.."~", "w"); local fh, err = io.open(filename.."~", "w");
if not fh then if not fh then
module:log("error", "Could not open file for writing: %s", err); module:log("error", "Could not open file for writing: %s", err);
return 500; return upload_errors.new("writefail", { request = request; wrapped_error = err });
end end
function event.response:on_destroy() -- luacheck: ignore 212/self function event.response:on_destroy() -- luacheck: ignore 212/self
-- Clean up incomplete upload -- Clean up incomplete upload
@ -330,7 +351,7 @@ function handle_upload(event, path) -- PUT /upload/:slot
local uploaded, err = errors.coerce(request.body_sink:close()); local uploaded, err = errors.coerce(request.body_sink:close());
if final_size ~= upload_info.filesize then if final_size ~= upload_info.filesize then
-- Could be too short as well, but we say the same thing -- Could be too short as well, but we say the same thing
uploaded, err = false, 413; uploaded, err = false, upload_errors.new("filesize", { request = request });
end end
if uploaded then if uploaded then
module:log("debug", "Upload of %q completed, %s", filename, B(final_size)); module:log("debug", "Upload of %q completed, %s", filename, B(final_size));