Remove projectExists flag from higher access check

Now that find project by read and read/write token methods check whether the project exists, it is not neccessary to check whether the project exists in the higher access check. Therefore it has been removed
2026-06-01 13:21:37 +02:00 · 2018-09-24 18:31:07 +01:00
parent 99dec02266
commit d6350c963e
3 changed files with 13 additions and 19 deletions
--- a/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee
+++ b/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee
@@ -12,16 +12,11 @@ module.exports = TokenAccessController =
 		return ProjectController.loadEditor(req, res, next)

 	_tryHigherAccess: (token, userId, req, res, next) ->
-		TokenAccessHandler.findProjectWithHigherAccess token, userId, (err, project, projectExists) ->
+		TokenAccessHandler.findProjectWithHigherAccess token, userId, (err, project) ->
 			if err?
 				logger.err {err, token, userId},
 					"[TokenAccess] error finding project with higher access"
 				return next(err)
-			if !projectExists and settings.overleaf
-				logger.log {token, userId},
-					"[TokenAccess] no project found for this token"
-				# Project does not exist, but may be unimported - try it on v1
-				return res.redirect(settings.overleaf.host + req.url)
 			if !project?
 				logger.log {token, userId},
 					"[TokenAccess] no project with higher access found for this user and token"
--- a/services/web/app/coffee/Features/TokenAccess/TokenAccessHandler.coffee
+++ b/services/web/app/coffee/Features/TokenAccess/TokenAccessHandler.coffee
@@ -17,9 +17,9 @@ module.exports = TokenAccessHandler =
 			if err?
 				return callback(err)
 			if !project?
-				return callback(null, null, false)
+				return callback(null, null, false) # Project doesn't exist, so we handle differently
 			if project.publicAccesLevel != PublicAccessLevels.TOKEN_BASED
-				return callback(null, null, true)
+				return callback(null, null, true) # Project does exist, but it isn't token based
 			return callback(null, project, true)

 	findProjectWithReadAndWriteToken: (token, callback=(err, project, projectExists)->) ->
@@ -29,12 +29,12 @@ module.exports = TokenAccessHandler =
 			if err?
 				return callback(err)
 			if !project?
-				return callback(null, null, false)
+				return callback(null, null, false) # Project doesn't exist, so we handle differently
 			if project.publicAccesLevel != PublicAccessLevels.TOKEN_BASED
-				return callback(null, null, true)
+				return callback(null, null, true) # Project does exist, but it isn't token based
 			return callback(null, project, true)

-	findProjectWithHigherAccess: (token, userId, callback=(err, project, projectExists)->) ->
+	findProjectWithHigherAccess: (token, userId, callback=(err, project)->) ->
 		Project.findOne {
 			$or: [
 				{'tokens.readAndWrite': token},
@@ -44,15 +44,14 @@ module.exports = TokenAccessHandler =
 			if err?
 				return callback(err)
 			if !project?
-				return callback(null, null, false) # Project doesn't exist, so we handle differently
+				return callback(null, null)
 			projectId = project._id
 			CollaboratorsHandler.isUserInvitedMemberOfProject userId, projectId, (err, isMember) ->
 				if err?
 					return callback(err)
 				callback(
 					null,
-					if isMember == true then project else null,
-					true # Project does exist, but user doesn't have access
+					if isMember == true then project else null
 				)

 	addReadOnlyUserToProject: (userId, projectId, callback=(err)->) ->
--- a/services/web/test/unit/coffee/TokenAccess/TokenAccessControllerTests.coffee
+++ b/services/web/test/unit/coffee/TokenAccess/TokenAccessControllerTests.coffee
@@ -247,7 +247,7 @@ describe "TokenAccessController", ->
 							.callsArgWith(1, null, null, false)
 						@TokenAccessHandler.findProjectWithHigherAccess =
 							sinon.stub()
-							.callsArgWith(2, null, @project, false)
+							.callsArgWith(2, null, @project)
 						@TokenAccessController.readAndWriteToken @req, @res, @next

 					it 'should redirect to v1', (done) ->
@@ -269,7 +269,7 @@ describe "TokenAccessController", ->
 							.callsArgWith(1, null, null, true)
 						@TokenAccessHandler.findProjectWithHigherAccess =
 							sinon.stub()
-							.callsArgWith(2, null, @project, true)
+							.callsArgWith(2, null, @project)
 						@TokenAccessHandler.addReadAndWriteUserToProject = sinon.stub()
 							.callsArgWith(2, null)
 						@ProjectController.loadEditor = sinon.stub()
@@ -318,7 +318,7 @@ describe "TokenAccessController", ->
 							.callsArgWith(1, null, null, true)
 						@TokenAccessHandler.findProjectWithHigherAccess =
 							sinon.stub()
-							.callsArgWith(2, null, null, true)
+							.callsArgWith(2, null, null)
 						@TokenAccessHandler.addReadAndWriteUserToProject = sinon.stub()
 							.callsArgWith(2, null)
 						@ProjectController.loadEditor = sinon.stub()
@@ -514,7 +514,7 @@ describe "TokenAccessController", ->
 						.callsArgWith(1, null, null, true)
 					@TokenAccessHandler.findProjectWithHigherAccess =
 						sinon.stub()
-						.callsArgWith(2, null, @project, true)
+						.callsArgWith(2, null, @project)
 					@TokenAccessHandler.addReadAndWriteUserToProject = sinon.stub()
 						.callsArgWith(2, null)
 					@ProjectController.loadEditor = sinon.stub()
@@ -562,7 +562,7 @@ describe "TokenAccessController", ->
 						.callsArgWith(1, null, null, true)
 					@TokenAccessHandler.findProjectWithHigherAccess =
 						sinon.stub()
-						.callsArgWith(2, null, null, true)
+						.callsArgWith(2, null, null)
 					@TokenAccessHandler.addReadOnlyUserToProject = sinon.stub()
 						.callsArgWith(2, null)
 					@ProjectController.loadEditor = sinon.stub()