add role name in error

skadefro · skadefro · commit 2c7b4f48e9bb · 2022-03-29T21:43:43.000+02:00
diff --git a/OpenFlow/src/Messages/Message.ts b/OpenFlow/src/Messages/Message.ts
@@ -3610,7 +3610,7 @@ export class Message {
             }
             const tuser = Crypt.verityToken(jwt);
             if (!tuser.HasRoleName(customer.name + " admins") && !tuser.HasRoleName("admins")) {
-                throw new Error("Access denied, adding plan (admins)");
+                throw new Error("Access denied, adding plan (not in '" + customer.name + " admins')");
             }
 
 
@@ -3736,7 +3736,7 @@ export class Message {
 
             const user = Crypt.verityToken(cli.jwt);
             if (!user.HasRoleName(customer.name + " admins") && !user.HasRoleName("admins")) {
-                throw new Error("Access denied, getting invoice (admins)");
+                throw new Error("Access denied, getting invoice (not in '" + customer.name + " admins')");
             }
 
             let subscription: stripe_subscription;
@@ -3945,7 +3945,7 @@ export class Message {
 
             const tuser = Crypt.verityToken(jwt);
             if (!tuser.HasRoleName(customer.name + " admins") && !tuser.HasRoleName("admins")) {
-                throw new Error("Access denied, adding plan (admins)");
+                throw new Error("Access denied, adding plan (not in '" + customer.name + " admins')");
             }
 
             if (NoderedUtil.IsNullEmpty(customer.vattype)) customer.vattype = "";
@@ -4328,7 +4328,7 @@ export class Message {
                     if (!NoderedUtil.IsNullEmpty(tuser.selectedcustomerid) && customer == null) customer = await Config.db.getbyid(tuser.customerid, "users", cli.jwt, true, null);
                     if (customer == null) throw new Error("Access denied, or customer not found");
                     if (!tuser.HasRoleName(customer.name + " admins") && !tuser.HasRoleName("admins")) {
-                        throw new Error("Access denied, adding plan (admins)");
+                        throw new Error("Access denied, adding plan (not in '" + customer.name + " admins')");
                     }
                 }
                 if (msg.object == "subscription_items" && msg.method != "POST") throw new Error("Access to " + msg.object + " is not allowed");

Original file line number	Diff line number	Diff line change
`@@ -3610,7 +3610,7 @@ export class Message {`
`3610`	`3610`	`}`
`3611`	`3611`	`const tuser = Crypt.verityToken(jwt);`
`3612`	`3612`	`if (!tuser.HasRoleName(customer.name + " admins") && !tuser.HasRoleName("admins")) {`
`3613`		`- throw new Error("Access denied, adding plan (admins)");`
	`3613`	`+ throw new Error("Access denied, adding plan (not in '" + customer.name + " admins')");`
`3614`	`3614`	`}`
`3615`	`3615`
`3616`	`3616`
`@@ -3736,7 +3736,7 @@ export class Message {`
`3736`	`3736`
`3737`	`3737`	`const user = Crypt.verityToken(cli.jwt);`
`3738`	`3738`	`if (!user.HasRoleName(customer.name + " admins") && !user.HasRoleName("admins")) {`
`3739`		`- throw new Error("Access denied, getting invoice (admins)");`
	`3739`	`+ throw new Error("Access denied, getting invoice (not in '" + customer.name + " admins')");`
`3740`	`3740`	`}`
`3741`	`3741`
`3742`	`3742`	`let subscription: stripe_subscription;`
`@@ -3945,7 +3945,7 @@ export class Message {`
`3945`	`3945`
`3946`	`3946`	`const tuser = Crypt.verityToken(jwt);`
`3947`	`3947`	`if (!tuser.HasRoleName(customer.name + " admins") && !tuser.HasRoleName("admins")) {`
`3948`		`- throw new Error("Access denied, adding plan (admins)");`
	`3948`	`+ throw new Error("Access denied, adding plan (not in '" + customer.name + " admins')");`
`3949`	`3949`	`}`
`3950`	`3950`
`3951`	`3951`	`if (NoderedUtil.IsNullEmpty(customer.vattype)) customer.vattype = "";`
`@@ -4328,7 +4328,7 @@ export class Message {`
`4328`	`4328`	`if (!NoderedUtil.IsNullEmpty(tuser.selectedcustomerid) && customer == null) customer = await Config.db.getbyid(tuser.customerid, "users", cli.jwt, true, null);`
`4329`	`4329`	`if (customer == null) throw new Error("Access denied, or customer not found");`
`4330`	`4330`	`if (!tuser.HasRoleName(customer.name + " admins") && !tuser.HasRoleName("admins")) {`
`4331`		`- throw new Error("Access denied, adding plan (admins)");`
	`4331`	`+ throw new Error("Access denied, adding plan (not in '" + customer.name + " admins')");`
`4332`	`4332`	`}`
`4333`	`4333`	`}`
`4334`	`4334`	`if (msg.object == "subscription_items" && msg.method != "POST") throw new Error("Access to " + msg.object + " is not allowed");`