diff --git a/services/web/app/coffee/Features/Errors/Errors.coffee b/services/web/app/coffee/Features/Errors/Errors.coffee index 94aeaa2a90..720b092012 100644 --- a/services/web/app/coffee/Features/Errors/Errors.coffee +++ b/services/web/app/coffee/Features/Errors/Errors.coffee @@ -82,6 +82,13 @@ EmailExistsError = (message) -> return error EmailExistsError.prototype.__proto__ = Error.prototype +ProjectNotTokenAccessError = (message) -> + error = new Error(message) + error.name = "ProjectNotTokenAccessError" + error.__proto__ = ProjectNotTokenAccessError.prototype + return error +ProjectNotTokenAccessError.prototype.__proto__ = Error.prototype + module.exports = Errors = NotFoundError: NotFoundError ServiceNotConfiguredError: ServiceNotConfiguredError @@ -95,3 +102,4 @@ module.exports = Errors = V1ConnectionError: V1ConnectionError UnconfirmedEmailError: UnconfirmedEmailError EmailExistsError: EmailExistsError + ProjectNotTokenAccessError: ProjectNotTokenAccessError diff --git a/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee b/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee index 395489c608..6b03e6c600 100644 --- a/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee +++ b/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee @@ -8,7 +8,7 @@ settings = require 'settings-sharelatex' module.exports = TokenAccessController = redirectNotFoundErrorToV1: (err, req, res, next) -> - if err instanceof Errors.NotFoundError and settings.overleaf + if err instanceof Errors.ProjectNotTokenAccessError and settings.overleaf logger.log { token: req.params['read_and_write_token'] }, "[TokenAccess] No project found for token, redirecting to v1" @@ -21,11 +21,15 @@ module.exports = TokenAccessController = return ProjectController.loadEditor(req, res, next) _tryHigherAccess: (token, userId, req, res, next) -> - TokenAccessHandler.findProjectWithHigherAccess token, userId, (err, project) -> + TokenAccessHandler.findProjectWithHigherAccess token, userId, (err, project, projectExists) -> if err? logger.err {err, token, userId}, "[TokenAccess] error finding project with higher access" return next(err) + if !projectExists + logger.log {token, userId}, + "[TokenAccess] no project found for this token" + return next(new Errors.ProjectNotTokenAccessError()) if !project? logger.log {token, userId}, "[TokenAccess] no project with higher access found for this user and token" diff --git a/services/web/app/coffee/Features/TokenAccess/TokenAccessHandler.coffee b/services/web/app/coffee/Features/TokenAccess/TokenAccessHandler.coffee index 9eb792e55b..ed7f51f0d7 100644 --- a/services/web/app/coffee/Features/TokenAccess/TokenAccessHandler.coffee +++ b/services/web/app/coffee/Features/TokenAccess/TokenAccessHandler.coffee @@ -22,7 +22,7 @@ module.exports = TokenAccessHandler = 'publicAccesLevel': PublicAccessLevels.TOKEN_BASED }, {_id: 1, publicAccesLevel: 1, owner_ref: 1}, callback - findProjectWithHigherAccess: (token, userId, callback=(err, project)->) -> + findProjectWithHigherAccess: (token, userId, callback=(err, project, projectExists)->) -> Project.findOne { $or: [ {'tokens.readAndWrite': token}, @@ -32,12 +32,16 @@ module.exports = TokenAccessHandler = if err? return callback(err) if !project? - return callback(null, null) + return callback(null, null, false) # Project doesn't exist, so we handle differently projectId = project._id CollaboratorsHandler.isUserInvitedMemberOfProject userId, projectId, (err, isMember) -> if err? return callback(err) - callback(null, if isMember == true then project else null) + callback( + null, + if isMember == true then project else null, + true # Project does exist, but user doesn't have access + ) addReadOnlyUserToProject: (userId, projectId, callback=(err)->) -> userId = ObjectId(userId.toString())