fix(core): should block POST of non-standard social connectors with conflicting target (#2737)

2025-03-17 22:31:28 -05:00 · 2022-12-27 16:23:54 +08:00 · 2022-12-27 16:23:54 +08:00 · 45800d1cfe
commit 45800d1cfe
parent ae7a89f0ce
2 changed files with 24 additions and 6 deletions
--- a/packages/core/src/routes/connector.test.ts
+++ b/packages/core/src/routes/connector.test.ts
@ -193,7 +193,7 @@ describe('connector route', () => {
      expect(response).toHaveProperty('statusCode', 422);
    });

-    it('should post a new record when add more than 1 instance with connector factory', async () => {
+    it('should post a new record when add more than 1 instance with standard connector factory', async () => {
      loadConnectorFactories.mockResolvedValueOnce([
        {
          ...mockConnectorFactory,
@ -231,7 +231,26 @@ describe('connector route', () => {
      );
    });

-    it('throws when add more than 1 instance with non-connector factory', async () => {
+    it('throws when add more than 1 instance with target is an empty string with standard connector factory', async () => {
+      loadConnectorFactories.mockResolvedValueOnce([
+        {
+          ...mockConnectorFactory,
+          metadata: {
+            ...mockMetadata,
+            id: 'id0',
+            isStandard: true,
+            platform: ConnectorPlatform.Universal,
+          },
+        },
+      ]);
+      const response = await connectorRequest.post('/connectors').send({
+        connectorId: 'id0',
+        metadata: { target: '' },
+      });
+      expect(response).toHaveProperty('statusCode', 400);
+    });
+
+    it('throws when add more than 1 instance with non-standard connector factory', async () => {
      loadConnectorFactories.mockResolvedValueOnce([
        {
          ...mockConnectorFactory,
@ -321,7 +340,6 @@ describe('connector route', () => {
            id: 'id0',
            platform: ConnectorPlatform.Universal,
            target: 'target',
-            isStandard: true,
          },
        },
      ]);
@ -341,7 +359,6 @@ describe('connector route', () => {
      ]);
      const response = await connectorRequest.post('/connectors').send({
        connectorId: 'id0',
-        metadata: { target: 'target' },
      });
      expect(response).toHaveProperty('statusCode', 422);
    });
--- a/packages/core/src/routes/connector.ts
+++ b/packages/core/src/routes/connector.ts
@ -127,7 +127,7 @@ export default function connectorRoutes<T extends AuthedRouter>(router: T) {
      }

      assertThat(
-        connectorFactory.metadata.isStandard !== true || metadata?.target,
+        connectorFactory.metadata.isStandard !== true || Boolean(metadata?.target),
        'connector.should_specify_target'
      );
      assertThat(
@ -151,7 +151,8 @@ export default function connectorRoutes<T extends AuthedRouter>(router: T) {
            .filter(({ type }) => type === ConnectorType.Social)
            .some(
              ({ metadata: { target, platform } }) =>
-                target === cleanDeep(metadata)?.target &&
+                target ===
+                  (metadata ? cleanDeep(metadata).target : connectorFactory.metadata.target) &&
                platform === connectorFactory.metadata.platform
            ),
          new RequestError({ code: 'connector.multiple_target_with_same_platform', status: 422 })