mirror of
https://github.com/fosrl/pangolin.git
synced 2025-08-28 05:44:01 +02:00
prevent api resource updates if raw resources is disabled
This commit is contained in:
parent
65a537a670
commit
0840c166ab
2 changed files with 49 additions and 19 deletions
|
@ -18,6 +18,7 @@ import stoi from "@server/lib/stoi";
|
||||||
import { fromError } from "zod-validation-error";
|
import { fromError } from "zod-validation-error";
|
||||||
import logger from "@server/logger";
|
import logger from "@server/logger";
|
||||||
import { subdomainSchema } from "@server/schemas/subdomainSchema";
|
import { subdomainSchema } from "@server/schemas/subdomainSchema";
|
||||||
|
import config from "@server/lib/config";
|
||||||
|
|
||||||
const createResourceParamsSchema = z
|
const createResourceParamsSchema = z
|
||||||
.object({
|
.object({
|
||||||
|
@ -63,6 +64,30 @@ const createResourceSchema = z
|
||||||
message: "Invalid subdomain",
|
message: "Invalid subdomain",
|
||||||
path: ["subdomain"]
|
path: ["subdomain"]
|
||||||
}
|
}
|
||||||
|
)
|
||||||
|
.refine(
|
||||||
|
(data) => {
|
||||||
|
if (!config.getRawConfig().flags?.allow_raw_resources) {
|
||||||
|
if (data.proxyPort !== undefined) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
},
|
||||||
|
{
|
||||||
|
message: "Cannot update proxyPort"
|
||||||
|
}
|
||||||
|
)
|
||||||
|
.refine(
|
||||||
|
(data) => {
|
||||||
|
if (data.proxyPort === 443 || data.proxyPort === 80) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
},
|
||||||
|
{
|
||||||
|
message: "Port 80 and 443 are reserved for http and https resources"
|
||||||
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
export type CreateResourceResponse = Resource;
|
export type CreateResourceResponse = Resource;
|
||||||
|
@ -133,15 +158,6 @@ export async function createResource(
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
if (proxyPort === 443 || proxyPort === 80) {
|
|
||||||
return next(
|
|
||||||
createHttpError(
|
|
||||||
HttpCode.BAD_REQUEST,
|
|
||||||
"Port 80 and 443 are reserved for https resources"
|
|
||||||
)
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (existingResource.length > 0) {
|
if (existingResource.length > 0) {
|
||||||
return next(
|
return next(
|
||||||
createHttpError(
|
createHttpError(
|
||||||
|
|
|
@ -9,6 +9,7 @@ import createHttpError from "http-errors";
|
||||||
import logger from "@server/logger";
|
import logger from "@server/logger";
|
||||||
import { fromError } from "zod-validation-error";
|
import { fromError } from "zod-validation-error";
|
||||||
import { subdomainSchema } from "@server/schemas/subdomainSchema";
|
import { subdomainSchema } from "@server/schemas/subdomainSchema";
|
||||||
|
import config from "@server/lib/config";
|
||||||
|
|
||||||
const updateResourceParamsSchema = z
|
const updateResourceParamsSchema = z
|
||||||
.object({
|
.object({
|
||||||
|
@ -32,7 +33,29 @@ const updateResourceBodySchema = z
|
||||||
.strict()
|
.strict()
|
||||||
.refine((data) => Object.keys(data).length > 0, {
|
.refine((data) => Object.keys(data).length > 0, {
|
||||||
message: "At least one field must be provided for update"
|
message: "At least one field must be provided for update"
|
||||||
});
|
})
|
||||||
|
.refine(
|
||||||
|
(data) => {
|
||||||
|
if (!config.getRawConfig().flags?.allow_raw_resources) {
|
||||||
|
if (data.proxyPort !== undefined) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
},
|
||||||
|
{ message: "Cannot update proxyPort" }
|
||||||
|
)
|
||||||
|
.refine(
|
||||||
|
(data) => {
|
||||||
|
if (data.proxyPort === 443 || data.proxyPort === 80) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
},
|
||||||
|
{
|
||||||
|
message: "Port 80 and 443 are reserved for http and https resources"
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
export async function updateResource(
|
export async function updateResource(
|
||||||
req: Request,
|
req: Request,
|
||||||
|
@ -93,15 +116,6 @@ export async function updateResource(
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
if (proxyPort === 443 || proxyPort === 80) {
|
|
||||||
return next(
|
|
||||||
createHttpError(
|
|
||||||
HttpCode.BAD_REQUEST,
|
|
||||||
"Port 80 and 443 are reserved for https resources"
|
|
||||||
)
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (
|
if (
|
||||||
existingResource.length > 0 &&
|
existingResource.length > 0 &&
|
||||||
existingResource[0].resourceId !== resourceId
|
existingResource[0].resourceId !== resourceId
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue