diff --git a/lib/Vroom/I18N/en.pm b/lib/Vroom/I18N/en.pm index 3cb078f..0572d53 100644 --- a/lib/Vroom/I18N/en.pm +++ b/lib/Vroom/I18N/en.pm @@ -8,6 +8,7 @@ our %Lexicon = ( "VROOM_IS_FREE_SOFTWARE" => "VROOM is a free software", "POWERED_BY" => "Proudly powered by", "ERROR_NAME_INVALID" => "This name is not valid", + "ERROR_ROOM_NAME_MISSING" => "Vous devez fournir un nom de salon", "ERROR_NAME_RESERVED" => "This name is reserved and cannot be used", "ERROR_NAME_CONFLICT" => "A room with this name already exists, please choose another one", "ERROR_ROOM_s_DOESNT_EXIST" => "The room %s doesn't exist", diff --git a/lib/Vroom/I18N/fr.pm b/lib/Vroom/I18N/fr.pm index b2857b8..151c2b3 100644 --- a/lib/Vroom/I18N/fr.pm +++ b/lib/Vroom/I18N/fr.pm @@ -10,6 +10,7 @@ our %Lexicon = ( "VROOM_IS_FREE_SOFTWARE" => "VROOM est un logiciel libre", "POWERED_BY" => "Fièrement propulsé par", "ERROR_NAME_INVALID" => "Ce nom n'est pas valide", + "ERROR_ROOM_NAME_MISSING" => "Vous devez fournir un nom de salon", "ERROR_NAME_RESERVED" => "Ce nom est réservé et ne peut être utilisé", "ERROR_NAME_CONFLICT" => "Ce nom est déjà pris, choisissez en un autre", "ERROR_ROOM_s_DOESNT_EXIST" => "Le salon %s n'existe pas", diff --git a/vroom.pl b/vroom.pl index 31b49fa..a9f75aa 100755 --- a/vroom.pl +++ b/vroom.pl @@ -1272,8 +1272,20 @@ any '/api' => sub { param => $req->{param} ); + # This action isn't possible with the privs associated to the API Key + if (!$res){ + return $self->render( + json => { + status => 'error', + msg => $self->l('NOT_ALLOWED'), + err => 'NOT_ALLOWED' + }, + status => '401' + ); + } + # Here are method not tied to a room - if ($res && $req->{action} eq 'get_room_list'){ + if ($req->{action} eq 'get_room_list'){ my $rooms = $self->get_room_list; # Blank out a few param we don't need foreach my $r (keys %{$rooms}){ @@ -1289,17 +1301,29 @@ any '/api' => sub { ); } + if (!$req->{param}->{room}){ + return $self->render( + json => { + status => 'error', + msg => $self->l('ERROR_ROOM_NAME_MISSING'), + err => 'ERROR_ROOM_NAME_MISSING' + }, + status => '400' + ); + } + $room = $self->get_room_by_name($req->{param}->{room}); - if (!$res || (!$room && $req->{param}->{room})){ + if (!$room){ return $self->render( json => { status => 'error', - msg => $self->l('NOT_ALLOWED'), - err => 'NOT_ALLOWED' + msg => sprintf($self->l('ERROR_ROOM_s_DOESNT_EXIST'), $req->{param}->{room}), + err => 'ERROR_ROOM_DOESNT_EXIST' }, - status => '401' + status => '400' ); } + # Ok, now, we don't have to bother with authorization anymore if ($req->{action} eq 'invite_email'){ my $rcpts = $req->{param}->{rcpts};