25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-20 16:15:59 +01:00

Better error report when command is not exposed through API

This commit is contained in:
Mickael Remond 2016-03-30 15:59:29 +02:00
parent 36ac1cd6c7
commit 809057678b
2 changed files with 11 additions and 1 deletions

View File

@ -279,6 +279,7 @@ handle2(Call, Auth, Args) when is_atom(Call), is_list(Args) ->
0 -> {200, <<"OK">>};
1 -> {500, <<"500 Internal server error">>};
400 -> {400, <<"400 Bad Request">>};
401 -> {401, <<"401 Unauthorized">>};
404 -> {404, <<"404 Not found">>};
Res -> format_command_result(Call, Auth, Res)
end.
@ -366,6 +367,7 @@ ejabberd_command(Auth, Cmd, Args, Default) ->
end,
case catch ejabberd_commands:execute_command(Access, Auth, Cmd, Args) of
{'EXIT', _} -> Default;
{error, account_unprivileged} -> 401;
{error, _} -> Default;
Result -> Result
end.

View File

@ -43,7 +43,15 @@ defmodule ModHttpApiTest do
{200, _, _} = :mod_http_api.process(["open_cmd"], request)
end
test "Call to user, admin, restricted commands without authentication are rejected" do
# This related to the commands config file option
test "Attempting to access a command that is not exposed as HTTP API returns 401" do
:ejabberd_config.add_local_option(:commands, [])
request = request(method: :POST, data: "[]")
{401, _, _} = :mod_http_api.process(["open_cmd"], request)
end
test "Call to user commands without authentication are rejected" do
:ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd]}]])
request = request(method: :POST, data: "[]")
{401, _, _} = :mod_http_api.process(["user_cmd"], request)
end