Skip to content
Browse files

Merge pull request #21 from coen-hyde/master

Error NotAuthorized returning a 403 instead of a 401.
  • Loading branch information...
2 parents 9356bb8 + fe89aec commit 94a9e9371ce98ef91ed760006348e7b4737d23c5 @cloudhead committed
Showing with 39 additions and 7 deletions.
  1. +1 −0 .gitignore
  2. +6 −1 lib/journey/errors.js
  3. +6 −0 package.json
  4. +26 −6 test/journey-test.js
View
1 .gitignore
@@ -0,0 +1 @@
+node_modules
View
7 lib/journey/errors.js
@@ -30,7 +30,12 @@ this.NotImplemented = function (msg) {
this.body = { error: msg };
};
this.NotAuthorized = function (msg) {
- this.status = 403;
+ this.status = 401;
this.headers = {};
this.body = { error: msg || 'Not Authorized' };
};
+this.Forbidden = function (msg) {
+ this.status = 403;
+ this.headers = {};
+ this.body = { error: msg || 'Forbidden' };
+};
View
6 package.json
@@ -7,7 +7,13 @@
"contributors" : [],
"licenses" : ["Apache 2.0"],
"dependencies" : [],
+ "devDependencies": {
+ "vows" : "0.6.x"
+ },
"lib" : "lib",
+ "scripts" : {
+ "test" : "./node_modules/vows/bin/vows"
+ },
"main" : "./lib/journey",
"version" : "0.4.0-pre-3",
"directories" : { "test": "./test" },
View
32 test/journey-test.js
@@ -104,6 +104,16 @@ router.map(function (map) {
bind(function (res) { res.send(200, {"Content-Type":"text/html"}, "OK"); });
});
});
+
+ map.path('/forbidden', function() {
+ forbidden_filter = function (request, body, cb) {
+ cb(new journey.Forbidden());
+ }
+
+ this.filter(forbidden_filter, function () {
+ this.get('/response').bind(function (res) { res.send(200, {"Content-Type":"text/html"}, "OK"); });
+ });
+ });
});
var mock = require('../lib/journey/mock-request').mock(router);
@@ -304,6 +314,16 @@ vows.describe('Journey').addBatch({
assert.equal(res.headers.allow, 'GET');
}
},
+ // This request is trying to access a non accessible location on the webserver, so Journey responds
+ // with a 403 'Forbidden'
+ "A request to a forbidden location": {
+ topic: function () {
+ return get('/forbidden/response');
+ },
+ "returns a 403": function (res) {
+ assert.equal(res.status, 403);
+ }
+ },
//
// SERVER ERRORS (5xx)
@@ -383,8 +403,8 @@ vows.describe('Journey').addBatch({
topic: function () {
return get('/this_is/secure');
},
- "returns a 403": function (res) {
- assert.equal(res.status, 403);
+ "returns a 401": function (res) {
+ assert.equal(res.status, 401);
},
"returns a body with 'Not Authorized'": function (res) {
assert.equal(res.body.error, 'Not Authorized');
@@ -410,8 +430,8 @@ vows.describe('Journey').addBatch({
topic: function () {
return get('/this_is/still_secure');
},
- "returns a 403": function (res) {
- assert.equal(res.status, 403);
+ "returns a 401": function (res) {
+ assert.equal(res.status, 401);
},
"returns a body with 'Not Authorized'": function (res) {
assert.equal(res.body.error, 'Not Authorized');
@@ -437,8 +457,8 @@ vows.describe('Journey').addBatch({
topic: function () {
return get('/scoped_auth/secure');
},
- "returns a 403": function (res) {
- assert.equal(res.status, 403);
+ "returns a 401": function (res) {
+ assert.equal(res.status, 401);
},
"returns a body with 'Not Authorized'": function (res) {
assert.equal(res.body.error, 'Not Authorized');

0 comments on commit 94a9e93

Please sign in to comment.
Something went wrong with that request. Please try again.