From 1854998c8090715d4099e57675bfdc26fc2d2b1c Mon Sep 17 00:00:00 2001 From: McMatts Date: Wed, 13 Mar 2019 11:42:32 +0000 Subject: [PATCH] Add diagnostic output for attachment download --- domain/attachment/endpoint.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/domain/attachment/endpoint.go b/domain/attachment/endpoint.go index 825951a4..e444dc66 100644 --- a/domain/attachment/endpoint.go +++ b/domain/attachment/endpoint.go @@ -67,7 +67,7 @@ func (h *Handler) Download(w http.ResponseWriter, r *http.Request) { // Get attachment being requested. a, err := h.Store.Attachment.GetAttachment(ctx, ctx.OrgID, request.Param(r, "attachmentID")) if err == sql.ErrNoRows { - response.WriteNotFoundError(w, method, request.Param(r, "fileID")) + response.WriteNotFoundError(w, method, request.Param(r, "attachmentID")) return } if err != nil { @@ -161,6 +161,12 @@ func (h *Handler) Download(w http.ResponseWriter, r *http.Request) { canDownload = true } + if len(secureToken) == 0 && len(authToken) == 0 { + h.Runtime.Log.Error("get attachment received no access token", err) + response.WriteForbiddenError(w) + return + } + // Send back error if caller unable view attachment if !canDownload { h.Runtime.Log.Error("get attachment refused", err)