feat: Write log entry when request with master key is rejected as out…

…side of `masterKeyIps` (parse-community#8350)
dblythy · Dec 16, 2022 · e22b73d · e22b73d
1 parent fded5be
commit e22b73d
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 0 deletions.
diff --git a/spec/Middlewares.spec.js b/spec/Middlewares.spec.js
@@ -135,6 +135,22 @@ describe('middlewares', () => {
     });
   });
 
+  it('should not succeed and log if the ip does not belong to masterKeyIps list', async () => {
+    const logger = require('../lib/logger').logger;
+    spyOn(logger, 'error').and.callFake(() => {});
+    AppCache.put(fakeReq.body._ApplicationId, {
+      masterKey: 'masterKey',
+      masterKeyIps: ['10.0.0.1'],
+    });
+    fakeReq.ip = '127.0.0.1';
+    fakeReq.headers['x-parse-master-key'] = 'masterKey';
+    await new Promise(resolve => middlewares.handleParseHeaders(fakeReq, fakeRes, resolve));
+    expect(fakeReq.auth.isMaster).toBe(false);
+    expect(logger.error).toHaveBeenCalledWith(
+      `Request using master key rejected as the request IP address '127.0.0.1' is not set in Parse Server option 'masterKeyIps'.`
+    );
+  });
+
   it('should not succeed if the ip does not belong to masterKeyIps list', async () => {
     AppCache.put(fakeReq.body._ApplicationId, {
       masterKey: 'masterKey',

diff --git a/src/middlewares.js b/src/middlewares.js
@@ -167,6 +167,10 @@ export function handleParseHeaders(req, res, next) {
 
   let isMaster = info.masterKey === req.config.masterKey;
   if (isMaster && !ipRangeCheck(clientIp, req.config.masterKeyIps || [])) {
+    const log = req.config?.loggerController || defaultLogger;
+    log.error(
+      `Request using master key rejected as the request IP address '${clientIp}' is not set in Parse Server option 'masterKeyIps'.`
+    );
     isMaster = false;
   }