npm - @epztickets/common - Versions diffs - 1.48.0 → 1.48.1 - Mend

@epztickets/common 1.48.0 → 1.48.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/build/errors/forbidden-error.d.ts +9 -0
package/build/errors/forbidden-error.js +37 -0
package/build/index.d.ts +1 -0
package/build/index.js +1 -0
package/build/middlewares/require-admin.js +4 -2
package/build/middlewares/require-owner.js +14 -2
package/package.json +1 -1

package/build/errors/forbidden-error.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import { CustomError } from "./custom-error";
+export declare class ForbiddenError extends CustomError {
+    message: string;
+    statusCode: number;
+    constructor(message?: string);
+    serializeErrors(): {
+        message: string;
+    }[];
+}

package/build/errors/forbidden-error.js ADDED Viewed

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ForbiddenError = void 0;
+const custom_error_1 = require("./custom-error");
+// 403 — the request is authenticated but the caller is not allowed to
+// perform this action. Use this (not NotAuthorizedError) for role-based
+// gates (requireOwner, requireAdmin) and per-resource ownership checks
+// (e.g. "this room belongs to a different user").
+//
+// Why a separate error class from NotAuthorizedError (401):
+//
+// 401 means "we couldn't identify you" — your JWT is missing, expired, or
+// malformed. The reasonable client response is to drop the session and ask
+// the user to sign in again, which is what the frontend's axios
+// interceptor does.
+//
+// 403 means "we know who you are but this isn't yours / your role can't
+// do this". Forcing a re-signin would be hostile (the user's session is
+// fine) and pointless (signing in again won't grant the missing role).
+// The client should surface a normal error message instead and leave the
+// session intact.
+//
+// HTTP RFC 9110 §15.5.4 ("the request was valid, but the server is
+// refusing action; re-authenticating will make no difference") matches
+// our intent here.
+class ForbiddenError extends custom_error_1.CustomError {
+    constructor(message = "Forbidden") {
+        super(message);
+        this.message = message;
+        this.statusCode = 403;
+        Object.setPrototypeOf(this, ForbiddenError.prototype);
+    }
+    serializeErrors() {
+        return [{ message: this.message }];
+    }
+}
+exports.ForbiddenError = ForbiddenError;

package/build/index.d.ts CHANGED Viewed

@@ -2,6 +2,7 @@ export * from "./errors/bad-request-error";
 export * from "./errors/custom-error";
 export * from "./errors/database-connection-error";
 export * from "./errors/not-authorized-error";
+export * from "./errors/forbidden-error";
 export * from "./errors/not-found-error";
 export * from "./errors/request-validation-error";
 export * from "./middlewares/current-user";

package/build/index.js CHANGED Viewed

@@ -19,6 +19,7 @@ __exportStar(require("./errors/bad-request-error"), exports);
 __exportStar(require("./errors/custom-error"), exports);
 __exportStar(require("./errors/database-connection-error"), exports);
 __exportStar(require("./errors/not-authorized-error"), exports);
+__exportStar(require("./errors/forbidden-error"), exports);
 __exportStar(require("./errors/not-found-error"), exports);
 __exportStar(require("./errors/request-validation-error"), exports);
 // middlewares

package/build/middlewares/require-admin.js CHANGED Viewed

@@ -1,11 +1,13 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.requireAdmin = void 0;
-const not_authorized_error_1 = require("../errors/not-authorized-error");
+const forbidden_error_1 = require("../errors/forbidden-error");
+// Role gate: caller must be an admin. See require-owner.ts for the
+// rationale on ForbiddenError (403) vs NotAuthorizedError (401).
 const requireAdmin = (req, res, next) => {
     var _a;
     if (((_a = req.currentUser) === null || _a === void 0 ? void 0 : _a.role) !== "admin") {
-        throw new not_authorized_error_1.NotAuthorizedError();
+        throw new forbidden_error_1.ForbiddenError("Admin access required");
     }
     next();
 };

package/build/middlewares/require-owner.js CHANGED Viewed

@@ -1,11 +1,23 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.requireOwner = void 0;
-const not_authorized_error_1 = require("../errors/not-authorized-error");
+const forbidden_error_1 = require("../errors/forbidden-error");
+// Role gate: caller must be an owner or admin.
+//
+// Throws ForbiddenError (403) — NOT NotAuthorizedError (401) — when the
+// user is signed in but doesn't hold the required role. The distinction
+// matters end-to-end: the frontend axios interceptor force-signs-out on
+// 401 (assuming the JWT is bad), but on 403 it lets the caller render
+// a "you don't have access" message without destroying the session.
+//
+// If req.currentUser is missing entirely (no JWT, expired JWT, etc.),
+// that's an authentication failure and should be caught upstream by
+// requireAuth, which still throws NotAuthorizedError (401). This
+// middleware assumes currentUser is populated.
 const requireOwner = (req, res, next) => {
     var _a, _b;
     if (((_a = req.currentUser) === null || _a === void 0 ? void 0 : _a.role) !== "owner" && ((_b = req.currentUser) === null || _b === void 0 ? void 0 : _b.role) !== "admin") {
-        throw new not_authorized_error_1.NotAuthorizedError();
+        throw new forbidden_error_1.ForbiddenError("Owner access required");
     }
     next();
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@epztickets/common",
-  "version": "1.48.0",
+  "version": "1.48.1",
   "main": "./build/index.js",
   "types": "./build/index.d.ts",
   "files": [