diff options
Diffstat (limited to 'api4/context.go')
-rw-r--r-- | api4/context.go | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/api4/context.go b/api4/context.go index e95e29991..3ea67b30c 100644 --- a/api4/context.go +++ b/api4/context.go @@ -113,7 +113,7 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { if h.requireSession && !h.trustRequester { if r.Header.Get(model.HEADER_REQUESTED_WITH) != model.HEADER_REQUESTED_WITH_XML { - c.Err = model.NewLocAppError("ServeHTTP", "api.context.session_expired.app_error", nil, "token="+token+" Appears to be a CSRF attempt") + c.Err = model.NewAppError("ServeHTTP", "api.context.session_expired.app_error", nil, "token="+token+" Appears to be a CSRF attempt", http.StatusUnauthorized) token = "" } } @@ -144,12 +144,10 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { l4g.Error(utils.T("api.context.invalid_session.error"), err.Error()) c.RemoveSessionCookie(w, r) if h.requireSession { - c.Err = model.NewLocAppError("ServeHTTP", "api.context.session_expired.app_error", nil, "token="+token) - c.Err.StatusCode = http.StatusUnauthorized + c.Err = model.NewAppError("ServeHTTP", "api.context.session_expired.app_error", nil, "token="+token, http.StatusUnauthorized) } } else if !session.IsOAuth && isTokenFromQueryString { - c.Err = model.NewLocAppError("ServeHTTP", "api.context.token_provided.app_error", nil, "token="+token) - c.Err.StatusCode = http.StatusUnauthorized + c.Err = model.NewAppError("ServeHTTP", "api.context.token_provided.app_error", nil, "token="+token, http.StatusUnauthorized) } else { c.Session = *session } @@ -262,8 +260,7 @@ func (c *Context) MfaRequired() { } if user, err := app.GetUser(c.Session.UserId); err != nil { - c.Err = model.NewLocAppError("", "api.context.session_expired.app_error", nil, "MfaRequired") - c.Err.StatusCode = http.StatusUnauthorized + c.Err = model.NewAppError("", "api.context.session_expired.app_error", nil, "MfaRequired", http.StatusUnauthorized) return } else { // Only required for email and ldap accounts @@ -306,19 +303,16 @@ func (c *Context) SetInvalidUrlParam(parameter string) { } func NewInvalidParamError(parameter string) *model.AppError { - err := model.NewLocAppError("Context", "api.context.invalid_body_param.app_error", map[string]interface{}{"Name": parameter}, "") - err.StatusCode = http.StatusBadRequest + err := model.NewAppError("Context", "api.context.invalid_body_param.app_error", map[string]interface{}{"Name": parameter}, "", http.StatusBadRequest) return err } func NewInvalidUrlParamError(parameter string) *model.AppError { - err := model.NewLocAppError("Context", "api.context.invalid_url_param.app_error", map[string]interface{}{"Name": parameter}, "") - err.StatusCode = http.StatusBadRequest + err := model.NewAppError("Context", "api.context.invalid_url_param.app_error", map[string]interface{}{"Name": parameter}, "", http.StatusBadRequest) return err } func (c *Context) SetPermissionError(permission *model.Permission) { - c.Err = model.NewLocAppError("Permissions", "api.context.permissions.app_error", nil, "userId="+c.Session.UserId+", "+"permission="+permission.Id) - c.Err.StatusCode = http.StatusForbidden + c.Err = model.NewAppError("Permissions", "api.context.permissions.app_error", nil, "userId="+c.Session.UserId+", "+"permission="+permission.Id, http.StatusForbidden) } func (c *Context) SetSiteURLHeader(url string) { |