From 12afc294bd03cb5009a33869616b8a63ef394120 Mon Sep 17 00:00:00 2001 From: Christy Jacob Date: Sat, 13 May 2023 23:35:05 +0530 Subject: [PATCH 1/3] feat: add checks for domain --- app/config/errors.php | 7 ++++++- app/console | 2 +- app/controllers/api/projects.php | 11 +++++++++-- app/workers/deletes.php | 2 +- src/Appwrite/Extend/Exception.php | 1 + 5 files changed, 18 insertions(+), 5 deletions(-) diff --git a/app/config/errors.php b/app/config/errors.php index 74e2de7db2..e33a95156d 100644 --- a/app/config/errors.php +++ b/app/config/errors.php @@ -541,9 +541,14 @@ return [ ], Exception::DOMAIN_ALREADY_EXISTS => [ 'name' => Exception::DOMAIN_ALREADY_EXISTS, - 'description' => 'A Domain with the requested ID already exists.', + 'description' => 'The requested domain is currently in use by a project.', 'code' => 409, ], + Exception::DOMAIN_FORBIDDEN => [ + 'name' => Exception::DOMAIN_FORBIDDEN, + 'description' => 'The requested domain is not available for the current project.', + 'code' => 403, + ], Exception::VARIABLE_NOT_FOUND => [ 'name' => Exception::VARIABLE_NOT_FOUND, 'description' => 'Variable with the requested ID could not be found.', diff --git a/app/console b/app/console index 834d0cadff..0ab65e17c3 160000 --- a/app/console +++ b/app/console @@ -1 +1 @@ -Subproject commit 834d0cadffcf92b2d47e2afe6f58b31f62a91eed +Subproject commit 0ab65e17c38889061d1e5d1de8fd9b4513cac13b diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 5fef7eab78..c7a85f0489 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -1191,9 +1191,12 @@ App::post('/v1/projects/:projectId/domains') throw new Exception(Exception::PROJECT_NOT_FOUND); } + if ($domain === App::getEnv('_APP_DOMAIN', '') || $domain === App::getEnv('_APP_DOMAIN_TARGET', '')) { + throw new Exception(Exception::DOMAIN_FORBIDDEN); + } + $document = $dbForConsole->findOne('domains', [ - Query::equal('domain', [$domain]), - Query::equal('projectInternalId', [$project->getInternalId()]), + Query::equal('domain', [$domain]) ]); if ($document && !$document->isEmpty()) { @@ -1391,6 +1394,10 @@ App::delete('/v1/projects/:projectId/domains/:domainId') throw new Exception(Exception::DOMAIN_NOT_FOUND); } + if ($domain->getAttribute('domain') === App::getEnv('_APP_DOMAIN', '') || $domain->getAttribute('domain') === App::getEnv('_APP_DOMAIN_TARGET', '')) { + throw new Exception(Exception::DOMAIN_FORBIDDEN); + } + $dbForConsole->deleteDocument('domains', $domain->getId()); $dbForConsole->deleteCachedDocument('projects', $project->getId()); diff --git a/app/workers/deletes.php b/app/workers/deletes.php index 458b341a45..b76d7b8849 100644 --- a/app/workers/deletes.php +++ b/app/workers/deletes.php @@ -683,7 +683,7 @@ class DeletesV1 extends Worker $consoleDB = $this->getConsoleDB(); // If domain has certificate generated - if (isset($document['certificateId'])) { + if (isset($document['$id'])) { $domainUsingCertificate = $consoleDB->findOne('domains', [ Query::equal('certificateId', [$document['certificateId']]) ]); diff --git a/src/Appwrite/Extend/Exception.php b/src/Appwrite/Extend/Exception.php index 8ee0dca0c6..ecf6e17c1f 100644 --- a/src/Appwrite/Extend/Exception.php +++ b/src/Appwrite/Extend/Exception.php @@ -177,6 +177,7 @@ class Exception extends \Exception /** Domain */ public const DOMAIN_NOT_FOUND = 'domain_not_found'; public const DOMAIN_ALREADY_EXISTS = 'domain_already_exists'; + public const DOMAIN_FORBIDDEN = 'domain_forbidden'; public const DOMAIN_VERIFICATION_FAILED = 'domain_verification_failed'; protected $type = ''; From 0d12b13241607d4aaf477170db3334bd87e34dff Mon Sep 17 00:00:00 2001 From: Christy Jacob Date: Sun, 14 May 2023 01:48:51 +0530 Subject: [PATCH 2/3] feat: update error message --- app/config/errors.php | 2 +- app/workers/deletes.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/config/errors.php b/app/config/errors.php index e33a95156d..2b21ff48e2 100644 --- a/app/config/errors.php +++ b/app/config/errors.php @@ -546,7 +546,7 @@ return [ ], Exception::DOMAIN_FORBIDDEN => [ 'name' => Exception::DOMAIN_FORBIDDEN, - 'description' => 'The requested domain is not available for the current project.', + 'description' => 'The requested domain cannot be used as a custom domain.', 'code' => 403, ], Exception::VARIABLE_NOT_FOUND => [ diff --git a/app/workers/deletes.php b/app/workers/deletes.php index b76d7b8849..458b341a45 100644 --- a/app/workers/deletes.php +++ b/app/workers/deletes.php @@ -683,7 +683,7 @@ class DeletesV1 extends Worker $consoleDB = $this->getConsoleDB(); // If domain has certificate generated - if (isset($document['$id'])) { + if (isset($document['certificateId'])) { $domainUsingCertificate = $consoleDB->findOne('domains', [ Query::equal('certificateId', [$document['certificateId']]) ]); From 83697784d7dc58c1fad743b106aa2687947a224f Mon Sep 17 00:00:00 2001 From: Christy Jacob Date: Sun, 14 May 2023 01:49:39 +0530 Subject: [PATCH 3/3] feat: update console --- app/console | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/console b/app/console index 0ab65e17c3..834d0cadff 160000 --- a/app/console +++ b/app/console @@ -1 +1 @@ -Subproject commit 0ab65e17c38889061d1e5d1de8fd9b4513cac13b +Subproject commit 834d0cadffcf92b2d47e2afe6f58b31f62a91eed