Fix error message on missing requested signature

We don't really distinguish between missing or non-authorizing signature. And that's fine. See #170
2014-03-03 18:13:06 +01:00 · 2014-03-03 18:13:06 +01:00 · 30eb939dc7
commit 30eb939dc7
parent 40a254922a
3 changed files with 4 additions and 8 deletions
--- a/NEWS.md
+++ b/NEWS.md
@ -4,7 +4,7 @@
 Enhancements:

 - Set statsd prefix for all endpoints 
- - Raise 403 forbidden on attempt to access map tiles waiving
+ - Respond with a permission denied on attempt to access map tiles waiving
   signature of someone who had not left any (#170)

 1.8.4 -- 2014-03-03
--- a/lib/cartodb/server_options.js
+++ b/lib/cartodb/server_options.js
@ -654,11 +654,7 @@ module.exports = function(){
                  }

                  // if signer name was given, return no authorization
-                  err = new Error("No authorization left by '"
-                                  + req.params.signer + "' on map '"
-                                  + req.params.token + "'");
-                  err.http_status = 403;
-                  callback(err);
+                  callback(null, false); 
                  return;
                }

--- a/test/acceptance/multilayer.js
+++ b/test/acceptance/multilayer.js
@ -138,10 +138,10 @@ suite('multilayer', function() {
              headers: {host: 'localhost' },
              encoding: 'binary'
          }, {}, function(res) {
-              assert.equal(res.statusCode, 403, res.statusCode + ':' + res.body);
+              assert.equal(res.statusCode, 401, res.statusCode + ':' + res.body);
              var parsed = JSON.parse(res.body);
              var msg = parsed.error; // TODO: should it be "errors" ?
-              assert.ok(msg.match(/no authorization left/i), msg);
+              assert.ok(msg.match(/permission denied/i), msg);
              next(err);
          });
        },