import/export: Make sure Express sees async errors

Express v4.x does not check to see if a Promise returned from a
middleware function will be rejected, so explicitly pass the Promise
rejection reason to `next()`.

We can revert this change after we upgrade to Express v5.0.

See https://expressjs.com/en/guide/error-handling.html for details.
pull/4779/head
Richard Hansen 2021-02-07 19:56:07 -05:00 committed by John McLear
parent f59e0993a6
commit 48205c1ddb
1 changed files with 49 additions and 45 deletions

View File

@ -21,7 +21,8 @@ const limiter = rateLimit(settings.importExportRateLimiting);
exports.expressCreateServer = (hookName, args, cb) => { exports.expressCreateServer = (hookName, args, cb) => {
// handle export requests // handle export requests
args.app.use('/p/:pad/:rev?/export/:type', limiter); args.app.use('/p/:pad/:rev?/export/:type', limiter);
args.app.get('/p/:pad/:rev?/export/:type', async (req, res, next) => { args.app.get('/p/:pad/:rev?/export/:type', (req, res, next) => {
(async () => {
const types = ['pdf', 'doc', 'txt', 'html', 'odt', 'etherpad']; const types = ['pdf', 'doc', 'txt', 'html', 'odt', 'etherpad'];
// send a 404 if we don't support this filetype // send a 404 if we don't support this filetype
if (types.indexOf(req.params.type) === -1) { if (types.indexOf(req.params.type) === -1) {
@ -61,11 +62,13 @@ exports.expressCreateServer = (hookName, args, cb) => {
console.log(`Exporting pad "${req.params.pad}" in ${req.params.type} format`); console.log(`Exporting pad "${req.params.pad}" in ${req.params.type} format`);
exportHandler.doExport(req, res, padId, readOnlyId, req.params.type); exportHandler.doExport(req, res, padId, readOnlyId, req.params.type);
} }
})().catch((err) => next(err || new Error(err)));
}); });
// handle import requests // handle import requests
args.app.use('/p/:pad/import', limiter); args.app.use('/p/:pad/import', limiter);
args.app.post('/p/:pad/import', async (req, res, next) => { args.app.post('/p/:pad/import', (req, res, next) => {
(async () => {
const {session: {user} = {}} = req; const {session: {user} = {}} = req;
const {accessStatus} = await securityManager.checkAccess( const {accessStatus} = await securityManager.checkAccess(
req.params.pad, req.cookies.sessionID, req.cookies.token, user); req.params.pad, req.cookies.sessionID, req.cookies.token, user);
@ -73,6 +76,7 @@ exports.expressCreateServer = (hookName, args, cb) => {
return res.status(403).send('Forbidden'); return res.status(403).send('Forbidden');
} }
await importHandler.doImport(req, res, req.params.pad); await importHandler.doImport(req, res, req.params.pad);
})().catch((err) => next(err || new Error(err)));
}); });
return cb(); return cb();