iobroker.rest-api 0.4.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/README.md +10 -1
  2. package/io-package.json +37 -37
  3. package/lib/api/controllers/common.js +30 -11
  4. package/lib/api/controllers/enum.js +11 -11
  5. package/lib/api/controllers/history.js +17 -16
  6. package/lib/api/controllers/object.js +55 -53
  7. package/lib/api/controllers/sendTo.js +120 -0
  8. package/lib/api/controllers/state.js +170 -138
  9. package/lib/api/swagger/swagger.yaml +96 -24
  10. package/lib/rest-api.js +15 -10
  11. package/main.js +1 -1
  12. package/package.json +13 -13
package/README.md CHANGED
@@ -24,6 +24,7 @@ Some request examples:
24
24
  - `http://ipaddress:8093/v1/state/system.adapter.rest-api.0.memHeapTotal` - read state as JSON
25
25
  - `http://ipaddress:8093/v1/state/system.adapter.rest-api.0.memHeapTotal/plain` - read state as string (only value)
26
26
  - `http://ipaddress:8093/v1/state/system.adapter.rest-api.0.memHeapTotal?value=5` - write state with GET (only for back compatibility with simple-api)
27
+ - `http://ipaddress:8093/v1/sendto/javascript.0?message=toScript&data={"message":"MESSAGE","data":"FROM REST-API"}` - send message to javascript.0 in script `scriptName`
27
28
 
28
29
  ## Subscribe on state or object changes
29
30
  Your application could get notifications by every change of the state or object.
@@ -126,7 +127,6 @@ You cannot send POST request to commands via GUI.
126
127
  - `extendObject(id, obj)` - modify object by ID with JSON. (.e.g. `{"common":{"enabled": true}}`)
127
128
  - `getForeignObjects(pattern, type)` - same as getObjects
128
129
  - `getForeignStates(pattern)` - same as getStates
129
- - `delObjects(id, options)` - delete objects by pattern
130
130
 
131
131
  ### Others
132
132
  - `log(text, level[info])` - no answer - add log entry to ioBroker log
@@ -145,6 +145,15 @@ You cannot send POST request to commands via GUI.
145
145
  -->
146
146
 
147
147
  ## Changelog
148
+ ### 1.0.0 (2022-05-19)
149
+ * (bluefox) Final release
150
+
151
+ ### 0.6.0 (2022-05-18)
152
+ * (bluefox) Added sendTo path
153
+
154
+ ### 0.5.0 (2022-05-17)
155
+ * (bluefox) Some access errors were corrected
156
+
148
157
  ### 0.4.0 (2022-04-26)
149
158
  * (bluefox) Added socket commands
150
159
 
package/io-package.json CHANGED
@@ -1,8 +1,44 @@
1
1
  {
2
2
  "common": {
3
3
  "name": "rest-api",
4
- "version": "0.4.0",
4
+ "version": "1.0.0",
5
5
  "news": {
6
+ "1.0.0": {
7
+ "en": "Final release",
8
+ "de": "Endgültige Veröffentlichung",
9
+ "ru": "Окончательный релиз",
10
+ "pt": "Último lançamento",
11
+ "nl": "Laatste versie",
12
+ "fr": "Version finale",
13
+ "it": "Rilascio finale",
14
+ "es": "Lanzamiento final",
15
+ "pl": "Ostateczne wydanie",
16
+ "zh-cn": "最终版本"
17
+ },
18
+ "0.6.0": {
19
+ "en": "Added sendTo path",
20
+ "de": "sendTo-Pfad hinzugefügt",
21
+ "ru": "Добавлен путь отправки",
22
+ "pt": "Adicionado caminho sendTo",
23
+ "nl": "SendTo-pad toegevoegd",
24
+ "fr": "Ajout du chemin sendTo",
25
+ "it": "Aggiunto il percorso sendTo",
26
+ "es": "Ruta de envío agregada",
27
+ "pl": "Dodano ścieżkę sendTo",
28
+ "zh-cn": "添加了 sendTo 路径"
29
+ },
30
+ "0.5.0": {
31
+ "en": "Some access errors were corrected",
32
+ "de": "Einige Zugriffsfehler wurden behoben",
33
+ "ru": "Исправлены некоторые ошибки доступа",
34
+ "pt": "Alguns erros de acesso foram corrigidos",
35
+ "nl": "Sommige toegangsfouten zijn gecorrigeerd",
36
+ "fr": "Certaines erreurs d'accès ont été corrigées",
37
+ "it": "Alcuni errori di accesso sono stati corretti",
38
+ "es": "Se corrigieron algunos errores de acceso",
39
+ "pl": "Poprawiono niektóre błędy dostępu",
40
+ "zh-cn": "一些访问错误已得到纠正"
41
+ },
6
42
  "0.4.0": {
7
43
  "en": "Added socket commands",
8
44
  "de": "Socket-Befehle hinzugefügt",
@@ -50,42 +86,6 @@
50
86
  "es": "Suscripción corregida",
51
87
  "pl": "Poprawiona subskrypcja",
52
88
  "zh-cn": "更正订阅"
53
- },
54
- "0.3.3": {
55
- "en": "Corrected subscription",
56
- "de": "Abonnement korrigiert",
57
- "ru": "Исправлена подписка",
58
- "pt": "Assinatura corrigida",
59
- "nl": "Gecorrigeerd abonnement",
60
- "fr": "Abonnement corrigé",
61
- "it": "Abbonamento corretto",
62
- "es": "Suscripción corregida",
63
- "pl": "Poprawiona subskrypcja",
64
- "zh-cn": "更正订阅"
65
- },
66
- "0.3.2": {
67
- "en": "Corrected subscription",
68
- "de": "Abonnement korrigiert",
69
- "ru": "Исправлена подписка",
70
- "pt": "Assinatura corrigida",
71
- "nl": "Gecorrigeerd abonnement",
72
- "fr": "Abonnement corrigé",
73
- "it": "Abbonamento corretto",
74
- "es": "Suscripción corregida",
75
- "pl": "Poprawiona subskrypcja",
76
- "zh-cn": "更正订阅"
77
- },
78
- "0.3.1": {
79
- "en": "First release",
80
- "de": "Erste Veröffentlichung",
81
- "ru": "Первый выпуск",
82
- "pt": "Primeiro lançamento",
83
- "nl": "Eerste uitgave",
84
- "fr": "Première sortie",
85
- "it": "Prima uscita",
86
- "es": "Primer lanzamiento",
87
- "pl": "Pierwsze wydanie",
88
- "zh-cn": "首次发布"
89
89
  }
90
90
  },
91
91
  "title": "REST API",
package/lib/api/controllers/common.js CHANGED
@@ -31,7 +31,7 @@ function findState(adapter, idOrName, user, type, callback) {
31
31
  callback = type;
32
32
  type = null;
33
33
  }
34
- adapter.findForeignObject(idOrName, type, {user: user, checked: true}, callback);
34
+ adapter.findForeignObject(idOrName, type, {user: user, checked: true, limitToOwnerRights: adapter.config.onlyAllowWhenUserIsOwner}, callback);
35
35
  }
36
36
 
37
37
  function getState(adapter, idOrName, user, type, callback) {
@@ -40,18 +40,23 @@ function getState(adapter, idOrName, user, type, callback) {
40
40
  type = null;
41
41
  }
42
42
  findState(adapter, idOrName, user, type, (err, id, originId) => {
43
- if (err) {
43
+ if (err && (!err.message || !err.message.includes('permissionError'))) {
44
44
  callback && callback(err, undefined, null, originId);
45
- } else
46
- if (id) {
47
- adapter.getForeignState(id, {user: user, limitToOwnerRights: adapter.config.onlyAllowWhenUserIsOwner}, (err, state) => {
48
- if (err || !state) {
49
- state = undefined;
50
- }
51
- callback && callback (err, state, id, originId);
52
- });
53
45
  } else {
54
- callback && callback(null, undefined, null, originId);
46
+ if (err && err.message.includes('permissionError')) {
47
+ // assume it is ID
48
+ id = idOrName;
49
+ }
50
+ if (id) {
51
+ adapter.getForeignState(id, {user: user, limitToOwnerRights: adapter.config.onlyAllowWhenUserIsOwner}, (err, state) => {
52
+ if (err || !state) {
53
+ state = undefined;
54
+ }
55
+ callback && callback (err, state, id, originId);
56
+ });
57
+ } else {
58
+ callback && callback(null, undefined, null, originId);
59
+ }
55
60
  }
56
61
  });
57
62
  }
@@ -86,9 +91,23 @@ function parseUrl(url, swagger, webExtensionPrefix) {
86
91
  return result;
87
92
  }
88
93
 
94
+ function errorResponse(req, res, error, response) {
95
+ error = error.toString();
96
+ if (error === 'Error: permissionError') {
97
+ error = 'permissionError';
98
+ }
99
+
100
+ req._adapter.log.warn(`Warning by "${req.url}": ${error}`);
101
+
102
+ res
103
+ .status(error.toString().includes('permissionError') ? 403 : 500)
104
+ .json(Object.assign(response || {}, {error: error}));
105
+ }
106
+
89
107
  module.exports = {
90
108
  checkPermissions,
91
109
  findState,
92
110
  getState,
93
111
  parseUrl,
112
+ errorResponse,
94
113
  };
package/lib/api/controllers/enum.js CHANGED
@@ -3,29 +3,30 @@ const commonLib = require('./common.js');
3
3
 
4
4
  module.exports = {
5
5
  readMainEnums: function (req, res) {
6
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async err => {
7
- if (err) {
8
- res.status(403).json({error: err});
6
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async error => {
7
+ if (error) {
8
+ commonLib.errorResponse(req, res, error);
9
9
  } else {
10
10
  // check if instance is alive
11
11
  try {
12
- const enums = await req._adapter.getEnumsAsync('', {user: req._user});
12
+ const enums = await req._adapter.getEnumsAsync('', {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
13
13
  res.json(enums);
14
14
  } catch (error) {
15
- res.status(500).json({error});
15
+ req._adapter.log.warn(`Cannot read enums: ${error}`);
16
+ commonLib.errorResponse(req, res, error);
16
17
  }
17
18
  }
18
19
  });
19
20
  },
20
21
  readEnums: function (req, res) {
21
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async err => {
22
- if (err) {
23
- res.status(403).json({error: err});
22
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async error => {
23
+ if (error) {
24
+ commonLib.errorResponse(req, res, error);
24
25
  } else {
25
26
  const params = commonLib.parseUrl(req.url, req.swagger, req._adapter.WEB_EXTENSION_PREFIX);
26
27
  // check if instance is alive
27
28
  try {
28
- const enums = await req._adapter.getEnumAsync(params.enumId, {user: req._user});
29
+ const enums = await req._adapter.getEnumAsync(params.enumId, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
29
30
  if (enums && enums.result) {
30
31
  res.json(Object.keys(enums.result).filter(id => id.split('.').length > 2).map(id => ({
31
32
  _id: id,
@@ -35,9 +36,8 @@ module.exports = {
35
36
  res.json([]);
36
37
  }
37
38
  } catch (error) {
38
- res.status(500).json({error});
39
+ commonLib.errorResponse(req, res, error);
39
40
  }
40
-
41
41
  }
42
42
  });
43
43
  },
package/lib/api/controllers/history.js CHANGED
@@ -31,9 +31,9 @@ const PARAMETERS_ADD = {
31
31
 
32
32
  module.exports = {
33
33
  getHistory: function (req, res) {
34
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'other', operation: 'sendto'}], async err => {
35
- if (err) {
36
- res.status(403).json({error: err});
34
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'other', operation: 'sendto'}], async error => {
35
+ if (error) {
36
+ commonLib.errorResponse(req, res, error);
37
37
  } else {
38
38
  if (req._adapter.config.dataSource) {
39
39
  // check if instance is alive
@@ -63,7 +63,7 @@ module.exports = {
63
63
 
64
64
  req._adapter.sendTo(req._adapter.config.dataSource, 'getHistory', {id: params.stateId, options}, (result, step, error) => {
65
65
  if (error) {
66
- res.status(500).json({error});
66
+ commonLib.errorResponse(req, res, error);
67
67
  return;
68
68
  }
69
69
  // req._adapter.log.debug(`[QUERY] sendTo result = ${JSON.stringify(result)}`);
@@ -79,9 +79,9 @@ module.exports = {
79
79
  });
80
80
  },
81
81
  postHistory: function (req, res) {
82
- commonLib.checkPermissions(req._adapter, req._user, req.body.options, async err => {
83
- if (err) {
84
- res.status(403).json({error: err});
82
+ commonLib.checkPermissions(req._adapter, req._user, req.body.options, async error => {
83
+ if (error) {
84
+ commonLib.errorResponse(req, res, error);
85
85
  } else {
86
86
  if (req._adapter.config.dataSource) {
87
87
  const state = await req._adapter.getForeignStateAsync(`system.adapter.${req._adapter.config.dataSource}.alive`);
@@ -114,7 +114,7 @@ module.exports = {
114
114
 
115
115
  req._adapter.sendTo(req._adapter.config.dataSource, 'getHistory', options, (result, step, error) => {
116
116
  if (error) {
117
- res.status(500).json({error});
117
+ commonLib.errorResponse(req, res, error);
118
118
  return;
119
119
  }
120
120
  // req._adapter.log.debug(`[QUERY] sendTo result = ${JSON.stringify(result)}`);
@@ -129,10 +129,11 @@ module.exports = {
129
129
  }
130
130
  });
131
131
  },
132
+
132
133
  addHistoryByGet: function (req, res) {
133
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'other', operation: 'sendto'}], async err => {
134
- if (err) {
135
- res.status(403).json({error: err});
134
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'other', operation: 'sendto'}], async error => {
135
+ if (error) {
136
+ commonLib.errorResponse(req, res, error);
136
137
  } else {
137
138
  if (req._adapter.config.dataSource) {
138
139
  // check if instance is alive
@@ -167,7 +168,7 @@ module.exports = {
167
168
 
168
169
  req._adapter.sendTo(req._adapter.config.dataSource, 'storeState', {id: params.stateId, state}, (result, step, error) => {
169
170
  if (error) {
170
- res.status(500).json({error});
171
+ commonLib.errorResponse(req, res, error);
171
172
  return;
172
173
  }
173
174
  // req._adapter.log.debug(`[QUERY] sendTo result = ${JSON.stringify(result)}`);
@@ -186,9 +187,9 @@ module.exports = {
186
187
  });
187
188
  },
188
189
  addHistoryByPost: function (req, res) {
189
- commonLib.checkPermissions(req._adapter, req._user, req.body.options, async err => {
190
- if (err) {
191
- res.status(403).json({error: err});
190
+ commonLib.checkPermissions(req._adapter, req._user, req.body.options, async error => {
191
+ if (error) {
192
+ commonLib.errorResponse(req, res, error);
192
193
  } else {
193
194
  if (req._adapter.config.dataSource) {
194
195
  const state = await req._adapter.getForeignStateAsync(`system.adapter.${req._adapter.config.dataSource}.alive`);
@@ -217,7 +218,7 @@ module.exports = {
217
218
 
218
219
  req._adapter.sendTo(req._adapter.config.dataSource, 'storeState', options, (result, step, error) => {
219
220
  if (error) {
220
- res.status(500).json({error});
221
+ commonLib.errorResponse(req, res, error);
221
222
  return;
222
223
  }
223
224
  // req._adapter.log.debug(`[QUERY] sendTo result = ${JSON.stringify(result)}`);
package/lib/api/controllers/object.js CHANGED
@@ -3,14 +3,14 @@ const commonLib = require('./common.js');
3
3
 
4
4
  module.exports = {
5
5
  readObject: function (req, res) {
6
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], err => {
7
- if (err) {
8
- res.status(403).json({error: err});
6
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], error => {
7
+ if (error) {
8
+ commonLib.errorResponse(req, res, error);
9
9
  } else {
10
10
  const params = commonLib.parseUrl(req.url, req.swagger, req._adapter.WEB_EXTENSION_PREFIX);
11
- req._adapter.getForeignObject(params.objectId, {user: req._user}, (err, obj) => {
12
- if (err) {
13
- res.status(500).json({error: err, objectId: req.query.objectId});
11
+ req._adapter.getForeignObject(params.objectId, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner}, (error, obj) => {
12
+ if (error) {
13
+ commonLib.errorResponse(req, res, error, {objectId: req.query.objectId});
14
14
  } else {
15
15
  if (!obj) {
16
16
  res.status(404).json({error: 'object not found'});
@@ -24,16 +24,16 @@ module.exports = {
24
24
  },
25
25
 
26
26
  updateObject: function (req, res) {
27
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'write'}], async err => {
28
- if (err) {
29
- res.status(403).json({error: err});
27
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'write'}], async error => {
28
+ if (error) {
29
+ commonLib.errorResponse(req, res, error);
30
30
  } else {
31
31
  const params = commonLib.parseUrl(req.url, req.swagger, req._adapter.WEB_EXTENSION_PREFIX);
32
32
  const body = req.body;
33
33
  try {
34
- const obj = await req._adapter.getForeignObjectAsync(params.objectId, {user: req._user});
34
+ const obj = await req._adapter.getForeignObjectAsync(params.objectId, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
35
35
  if (!obj) {
36
- await req._adapter.setForeignObjectAsync(params.objectId, body, {user: req._user});
36
+ await req._adapter.setForeignObjectAsync(params.objectId, body, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
37
37
  res.status(200).json(body);
38
38
  } else {
39
39
  // merge objects together
@@ -54,70 +54,70 @@ module.exports = {
54
54
  obj[attr] = body[attr];
55
55
  }
56
56
  });
57
- await req._adapter.setForeignObjectAsync(params.objectId, obj, {user: req._user});
57
+ await req._adapter.setForeignObjectAsync(params.objectId, obj, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
58
58
  res.status(200).json(obj);
59
59
  }
60
60
  } catch (error) {
61
- res.status(500).json({error, objectId: params.objectId});
61
+ commonLib.errorResponse(req, res, error, {objectId: params.objectId});
62
62
  }
63
63
  }
64
64
  });
65
65
  },
66
66
 
67
67
  createObject: function (req, res) {
68
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'write'}], async err => {
69
- if (err) {
70
- res.status(403).json({error: err});
68
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'write'}], async error => {
69
+ if (error) {
70
+ commonLib.errorResponse(req, res, error);
71
71
  } else {
72
72
  const params = commonLib.parseUrl(req.url, req.swagger, req._adapter.WEB_EXTENSION_PREFIX);
73
73
  const body = req.body;
74
74
  try {
75
- const obj = await req._adapter.getForeignObjectAsync(params.objectId, {user: req._user});
75
+ const obj = await req._adapter.getForeignObjectAsync(params.objectId, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
76
76
  if (!obj) {
77
- await req._adapter.setForeignObjectAsync(params.objectId, body, {user: req._user});
77
+ await req._adapter.setForeignObjectAsync(params.objectId, body, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
78
78
  res.status(200).json(body);
79
79
  } else {
80
80
  res.status(409).json({error: 'Object already exists', id: params.objectId});
81
81
  }
82
82
  } catch (error) {
83
- res.status(500).json({error, objectId: params.objectId});
83
+ commonLib.errorResponse(req, res, error, {objectId: params.objectId});
84
84
  }
85
85
  }
86
86
  });
87
87
  },
88
88
 
89
89
  deleteObject: function (req, res) {
90
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'write'}], async err => {
91
- if (err) {
92
- res.status(403).json({error: err});
90
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'write'}], async error => {
91
+ if (error) {
92
+ commonLib.errorResponse(req, res, error);
93
93
  } else {
94
94
  const params = commonLib.parseUrl(req.url, req.swagger, req._adapter.WEB_EXTENSION_PREFIX);
95
95
  try {
96
- const obj = await req._adapter.getForeignObjectAsync(params.objectId, {user: req._user});
96
+ const obj = await req._adapter.getForeignObjectAsync(params.objectId, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
97
97
  if (!obj) {
98
98
  res.status(404).json({objectId: params.objectId, error: 'object not found'});
99
99
  } else {
100
- await req._adapter.delForeignObjectAsync(params.objectId, {user: req._user});
100
+ await req._adapter.delForeignObjectAsync(params.objectId, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
101
101
  res.status(200).json({});
102
102
  }
103
103
  } catch (error) {
104
- res.status(500).json({error, objectId: params.objectId});
104
+ commonLib.errorResponse(req, res, error, {objectId: params.objectId});
105
105
  }
106
106
  }
107
107
  });
108
108
  },
109
109
 
110
110
  listObjects: function (req, res) {
111
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], err => {
112
- if (err) {
113
- res.status(403).json({error: err});
111
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], error => {
112
+ if (error) {
113
+ commonLib.errorResponse(req, res, error);
114
114
  } else {
115
115
  req._adapter.getForeignObjects(req.query.filter || '*', req.query.type || null, {
116
116
  user: req._user,
117
117
  limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner
118
- }, (err, list) => {
119
- if (err) {
120
- res.status(500).json({error: err, filter: req.query.filter});
118
+ }, (error, list) => {
119
+ if (error) {
120
+ commonLib.errorResponse(req, res, error, {filter: req.query.filter});
121
121
  } else {
122
122
  res.json(list || []);
123
123
  }
@@ -127,9 +127,9 @@ module.exports = {
127
127
  },
128
128
 
129
129
  subscribeObject: function (req, res) {
130
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async err => {
131
- if (err) {
132
- res.status(403).json({error: err});
130
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async error => {
131
+ if (error) {
132
+ commonLib.errorResponse(req, res, error);
133
133
  } else {
134
134
  const params = commonLib.parseUrl(req.url, req.swagger, req._adapter.WEB_EXTENSION_PREFIX);
135
135
 
@@ -144,25 +144,26 @@ module.exports = {
144
144
  }
145
145
 
146
146
  try {
147
- const obj = await req._adapter.getForeignObjectAsync(params.stateId, {user: req._user});
147
+ const obj = await req._adapter.getForeignObjectAsync(params.stateId, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
148
148
  if (!obj) {
149
149
  res.status(404).json({error: 'object not found'});
150
150
  } else {
151
151
  await req._swaggerObject.registerSubscribe(url, params.objectId, 'object', req._user, (req.query && req.query.method) || (req.body && req.body.method));
152
- const obj = await req._adapter.getForeignStateAsync(params.objectId, {user: req._user});
152
+ const obj = await req._adapter.getForeignStateAsync(params.objectId, {user: req._user, limitToOwnerRights: req._adapter.config.onlyAllowWhenUserIsOwner});
153
153
  res.status(200).json(obj);
154
154
  }
155
155
  } catch (error) {
156
- res.status(500).json({error, objectId: params.objectId});
156
+ req._adapter.log.warn(`Cannot read ${params.objectId}: ${error}`);
157
+ commonLib.errorResponse(req, res, error, {objectId: params.objectId});
157
158
  }
158
159
  }
159
160
  });
160
161
  },
161
162
 
162
163
  unsubscribeObject: function (req, res) {
163
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async err => {
164
- if (err) {
165
- res.status(403).json({error: err});
164
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async error => {
165
+ if (error) {
166
+ commonLib.errorResponse(req, res, error);
166
167
  } else {
167
168
  const params = commonLib.parseUrl(req.url, req.swagger, req._adapter.WEB_EXTENSION_PREFIX);
168
169
 
@@ -179,16 +180,16 @@ module.exports = {
179
180
  await req._swaggerObject.unregisterSubscribe(url, params.objectId, 'object', req._user, (req.query && req.query.method) || (req.body && req.body.method));
180
181
  res.status(200).json({result: 'OK'});
181
182
  } catch (error) {
182
- res.status(500).json({error, objectId: params.objectId});
183
+ commonLib.errorResponse(req, res, error, {objectId: params.objectId});
183
184
  }
184
185
  }
185
186
  });
186
187
  },
187
188
 
188
189
  subscribeObjects: function (req, res) {
189
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async err => {
190
- if (err) {
191
- res.status(403).json({error: err});
190
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async error => {
191
+ if (error) {
192
+ commonLib.errorResponse(req, res, error);
192
193
  } else {
193
194
  let url = req.body.url;
194
195
  if (req.body.method === 'polling') {
@@ -209,16 +210,16 @@ module.exports = {
209
210
  try {
210
211
  await req._swaggerObject.registerSubscribe(url, req.body.pattern, 'object', req._user, req.body.method);
211
212
  } catch (error) {
212
- res.status(500).json({error, pattern: req.body.pattern, url: req.body.url});
213
+ commonLib.errorResponse(req, res, error, {pattern: req.body.pattern, url: req.body.url});
213
214
  }
214
215
  }
215
216
  });
216
217
  },
217
218
 
218
219
  unsubscribeObjects: function (req, res) {
219
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async err => {
220
- if (err) {
221
- res.status(403).json({error: err});
220
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'object', operation: 'read'}], async error => {
221
+ if (error) {
222
+ commonLib.errorResponse(req, res, error);
222
223
  } else {
223
224
  let url = req.body.url;
224
225
  if (req.body.method === 'polling') {
@@ -234,15 +235,16 @@ module.exports = {
234
235
  await req._swaggerObject.unregisterSubscribe(url, req.body.pattern, 'object', req._user, req.body.method);
235
236
  res.status(200).json({result: 'OK'});
236
237
  } catch (error) {
237
- res.status(500).json({error, pattern: req.body.pattern, url: req.body.url});
238
+ commonLib.errorResponse(req, res, error, {pattern: req.body.pattern, url: req.body.url});
238
239
  }
239
240
  }
240
241
  });
241
242
  },
243
+
242
244
  getObjectsSubscribes: function (req, res) {
243
- commonLib.checkPermissions(req._adapter, req._user, [{type: 'state', operation: 'read'}], async err => {
244
- if (err) {
245
- res.status(403).json({error: err});
245
+ commonLib.checkPermissions(req._adapter, req._user, [{type: 'state', operation: 'read'}], async error => {
246
+ if (error) {
247
+ commonLib.errorResponse(req, res, error);
246
248
  } else {
247
249
  let url = req.body.url;
248
250
  if ((req.query && req.query.method === 'polling') || (req.body && req.body.method === 'polling')) {
@@ -263,7 +265,7 @@ module.exports = {
263
265
  res.json({states: result});
264
266
 
265
267
  } catch (error) {
266
- res.status(500).json({error, pattern: req.body.pattern, url: req.body.url});
268
+ commonLib.errorResponse(req, res, error, {pattern: req.body.pattern, url: req.body.url});
267
269
  }
268
270
  }
269
271
  });