No access denied error and also missing other errors

[PolGuixe]

I'have being testing Knox for errors such as:

• Access Denied: when the user don't have permissions.
• Incorrect client options: when the bucket doesn't exist, or region is not support.

But it is never returns an error.

This is how it is implemented:

import {FilesCollection} from 'meteor/ostrio:files';
import {Meteor} from 'meteor/meteor';
import {Random} from 'meteor/random';
import _ from 'lodash';
import knox from 'knox';
import Request from 'request';

export const MAX_ALLOWED_SIZE_MB = 2;
export const MAX_ALLOWED_SIZE_KB = MAX_ALLOWED_SIZE_MB * 1024;
export const MAX_ALLOWED_SIZE_B = MAX_ALLOWED_SIZE_KB * 1024;
export const ALLOWED_FILE_TYPES = ['png', 'jpg', 'jpeg'];
export const ALLOWED_FILE_TYPES_REGEXP = new RegExp(ALLOWED_FILE_TYPES.join('|'), 'i');

// Declaring variables outside the isServer
let bound;
let client;
let cfdomain;

if (Meteor.isServer) {
  // Fix CloudFront certificate issue Read:
  // https://github.com/chilts/awssum/issues/164
  process.env.NODE_TLS_REJECT_UNAUTHORIZED = 0;
  bound = Meteor.bindEnvironment(function (callback) {
    return callback();
  });
  // Setup CloudFront domain and S3 client config
  const config = Meteor.settings.amazonAWSS3.productImages;
  cfdomain = config.cfdomain;
  client = knox.createClient({key: config.client.key, secret: config.client.secret, bucket: config.client.bucket, region: config.client.region});
}

const ProductImages = new FilesCollection({
  debug: false,
  throttle: false,
  storagePath: 'assets/app/uploads/productImages',
  collectionName: 'productImages',
  allowClientCode: false, // Disallow remove files from Client
  onBeforeUpload(file) {
    if (file.size > MAX_ALLOWED_SIZE_B) {
      return 'exceed-max-allowed-size';
    }
    if (!ALLOWED_FILE_TYPES_REGEXP.test(file.extension)) {
      return 'invalid-file-type';
    }

    return true;
  },
  onAfterUpload: function (fileRef) {
    // In onAfterUpload callback we will move file to AWS:S3
    const self = this;
    _.each(fileRef.versions, function (vRef, version) {
      // We use Random.id() instead of real file's _id to secure files from reverse
      // engineering as after viewing this code it will be easy to get access to
      // unlisted and protected files
      const filePath = "product_images/originals/" + (Random.id()) + "-" + version + "." + fileRef.extension;
      client.putFile(vRef.path, filePath, function (error, res) {
        console.log(error); // Error is always null
        bound(function () {
          let upd;
          if (error) {
            console.error(error);
          } else {
            upd = {
              $set: {}
            };
            upd['$set']["versions." + version + ".meta.pipeFrom"] = cfdomain + '/' + filePath;
            upd['$set']["versions." + version + ".meta.pipePath"] = filePath;
            self.collection.update({
              _id: fileRef._id
            }, upd, function (error) {
              if (error) {
                console.error(error);
              } else {
                // Unlink original files from FS after successful upload to AWS:S3
                self.unlink(self.collection.findOne(fileRef._id), version);
                res.resume(); // Recommended in Knox docs.
              }
            });
          }
        });
      });
    });
  },
}