[feature] More consistent API error handling (#637)

* update templates * start reworking api error handling * update template * return AP status at web endpoint if negotiated * start making api error handling much more consistent * update account endpoints to new error handling * use new api error handling in admin endpoints * go fmt ./... * use api error logic in app * use generic error handling in auth * don't export generic error handler * don't defer clearing session * user nicer error handling on oidc callback handler * tidy up the sign in handler * tidy up the token handler * use nicer error handling in blocksget * auth emojis endpoint * fix up remaining api endpoints * fix whoopsie during login flow * regenerate swagger docs * change http error logging to debug
author: tobi <31960611+tsmethurst@users.noreply.github.com> 2022-06-08 20:38:03 +0200
committer: GitHub <noreply@github.com> 2022-06-08 20:38:03 +0200
commit: 1ede54ddf6dfd2d4ba039eb7e23b74bcac65b643 (patch)
tree: 727436fb9bf9da25e30c5ded65c5b5ccaffe0cf0 /internal/api/client/followrequest
parent: [bugfix] #621: add weak type handing to mapstructure decode (#625) (diff)
download: gotosocial-1ede54ddf6dfd2d4ba039eb7e23b74bcac65b643.tar.xz
4 files changed, 54 insertions, 51 deletions
diff --git a/internal/api/client/followrequest/authorize.go b/internal/api/client/followrequest/authorize.go
index 42448846d..528c39f2b 100644
--- a/internal/api/client/followrequest/authorize.go
+++ b/internal/api/client/followrequest/authorize.go
@@ -19,12 +19,12 @@
 package followrequest
 
 import (
+	"errors"
 	"net/http"
 
-	"github.com/sirupsen/logrus"
-
 	"github.com/gin-gonic/gin"
 	"github.com/superseriousbusiness/gotosocial/internal/api"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"github.com/superseriousbusiness/gotosocial/internal/oauth"
 )
 
@@ -62,43 +62,34 @@ import (
 //      description: bad request
 //   '401':
 //      description: unauthorized
-//   '403':
-//      description: forbidden
 //   '404':
 //      description: not found
+//   '406':
+//      description: not acceptable
 //   '500':
 //      description: internal server error
 func (m *Module) FollowRequestAuthorizePOSTHandler(c *gin.Context) {
-	l := logrus.WithField("func", "FollowRequestAuthorizePOSTHandler")
-
 	authed, err := oauth.Authed(c, true, true, true, true)
 	if err != nil {
-		l.Debugf("couldn't auth: %s", err)
-		c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
+		api.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGet)
 		return
 	}
 
 	if _, err := api.NegotiateAccept(c, api.JSONAcceptHeaders...); err != nil {
-		c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
-		return
-	}
-
-	if authed.User.Disabled || !authed.User.Approved || !authed.Account.SuspendedAt.IsZero() {
-		l.Debugf("couldn't auth: %s", err)
-		c.JSON(http.StatusForbidden, gin.H{"error": "account is disabled, not yet approved, or suspended"})
+		api.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGet)
 		return
 	}
 
 	originAccountID := c.Param(IDKey)
 	if originAccountID == "" {
-		c.JSON(http.StatusBadRequest, gin.H{"error": "no follow request origin account id provided"})
+		err := errors.New("no account id specified")
+		api.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGet)
 		return
 	}
 
 	relationship, errWithCode := m.processor.FollowRequestAccept(c.Request.Context(), authed, originAccountID)
 	if errWithCode != nil {
-		l.Debug(errWithCode.Error())
-		c.JSON(errWithCode.Code(), gin.H{"error": errWithCode.Safe()})
+		api.ErrorHandler(c, errWithCode, m.processor.InstanceGet)
 		return
 	}
 
diff --git a/internal/api/client/followrequest/authorize_test.go b/internal/api/client/followrequest/authorize_test.go
index c5f4c94f2..693380d91 100644
--- a/internal/api/client/followrequest/authorize_test.go
+++ b/internal/api/client/followrequest/authorize_test.go
@@ -82,6 +82,34 @@ func (suite *AuthorizeTestSuite) TestAuthorize() {
 	suite.Equal(`{"id":"01FHMQX3GAABWSM0S2VZEC2SWC","following":false,"showing_reblogs":false,"notifying":false,"followed_by":true,"blocking":false,"blocked_by":false,"muting":false,"muting_notifications":false,"requested":false,"domain_blocking":false,"endorsed":false,"note":""}`, string(b))
 }
 
+func (suite *AuthorizeTestSuite) TestAuthorizeNoFR() {
+	requestingAccount := suite.testAccounts["remote_account_2"]
+
+	recorder := httptest.NewRecorder()
+	ctx := suite.newContext(recorder, http.MethodPost, []byte{}, fmt.Sprintf("/api/v1/follow_requests/%s/authorize", requestingAccount.ID), "")
+
+	ctx.Params = gin.Params{
+		gin.Param{
+			Key:   followrequest.IDKey,
+			Value: requestingAccount.ID,
+		},
+	}
+
+	// call the handler
+	suite.followRequestModule.FollowRequestAuthorizePOSTHandler(ctx)
+
+	suite.Equal(http.StatusNotFound, recorder.Code)
+
+	result := recorder.Result()
+	defer result.Body.Close()
+
+	// check the response
+	b, err := ioutil.ReadAll(result.Body)
+	assert.NoError(suite.T(), err)
+
+	suite.Equal(`{"error":"Not Found"}`, string(b))
+}
+
 func TestAuthorizeTestSuite(t *testing.T) {
 	suite.Run(t, &AuthorizeTestSuite{})
 }
diff --git a/internal/api/client/followrequest/get.go b/internal/api/client/followrequest/get.go
index a22278ae4..5dd079ddb 100644
--- a/internal/api/client/followrequest/get.go
+++ b/internal/api/client/followrequest/get.go
@@ -21,10 +21,9 @@ package followrequest
 import (
 	"net/http"
 
-	"github.com/sirupsen/logrus"
-
 	"github.com/gin-gonic/gin"
 	"github.com/superseriousbusiness/gotosocial/internal/api"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"github.com/superseriousbusiness/gotosocial/internal/oauth"
 )
 
@@ -71,34 +70,27 @@ import (
 //      description: bad request
 //   '401':
 //      description: unauthorized
-//   '403':
-//      description: forbidden
 //   '404':
 //      description: not found
+//   '406':
+//      description: not acceptable
+//   '500':
+//      description: internal server error
 func (m *Module) FollowRequestGETHandler(c *gin.Context) {
-	l := logrus.WithField("func", "FollowRequestGETHandler")
-
 	authed, err := oauth.Authed(c, true, true, true, true)
 	if err != nil {
-		l.Debugf("couldn't auth: %s", err)
-		c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
+		api.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGet)
 		return
 	}
 
 	if _, err := api.NegotiateAccept(c, api.JSONAcceptHeaders...); err != nil {
-		c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
-		return
-	}
-
-	if authed.User.Disabled || !authed.User.Approved || !authed.Account.SuspendedAt.IsZero() {
-		l.Debugf("couldn't auth: %s", err)
-		c.JSON(http.StatusForbidden, gin.H{"error": "account is disabled, not yet approved, or suspended"})
+		api.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGet)
 		return
 	}
 
 	accts, errWithCode := m.processor.FollowRequestsGet(c.Request.Context(), authed)
 	if errWithCode != nil {
-		c.JSON(errWithCode.Code(), gin.H{"error": errWithCode.Safe()})
+		api.ErrorHandler(c, errWithCode, m.processor.InstanceGet)
 		return
 	}
 
diff --git a/internal/api/client/followrequest/reject.go b/internal/api/client/followrequest/reject.go
index 8f4705d9f..c29ccbf5d 100644
--- a/internal/api/client/followrequest/reject.go
+++ b/internal/api/client/followrequest/reject.go
@@ -19,11 +19,12 @@
 package followrequest
 
 import (
+	"errors"
 	"net/http"
 
 	"github.com/gin-gonic/gin"
-	"github.com/sirupsen/logrus"
 	"github.com/superseriousbusiness/gotosocial/internal/api"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"github.com/superseriousbusiness/gotosocial/internal/oauth"
 )
 
@@ -59,43 +60,34 @@ import (
 //      description: bad request
 //   '401':
 //      description: unauthorized
-//   '403':
-//      description: forbidden
 //   '404':
 //      description: not found
+//   '406':
+//      description: not acceptable
 //   '500':
 //      description: internal server error
 func (m *Module) FollowRequestRejectPOSTHandler(c *gin.Context) {
-	l := logrus.WithField("func", "FollowRequestRejectPOSTHandler")
-
 	authed, err := oauth.Authed(c, true, true, true, true)
 	if err != nil {
-		l.Debugf("couldn't auth: %s", err)
-		c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
+		api.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGet)
 		return
 	}
 
 	if _, err := api.NegotiateAccept(c, api.JSONAcceptHeaders...); err != nil {
-		c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
-		return
-	}
-
-	if authed.User.Disabled || !authed.User.Approved || !authed.Account.SuspendedAt.IsZero() {
-		l.Debugf("couldn't auth: %s", err)
-		c.JSON(http.StatusForbidden, gin.H{"error": "account is disabled, not yet approved, or suspended"})
+		api.ErrorHandler(c, gtserror.NewErrorNotAcceptable(err, err.Error()), m.processor.InstanceGet)
 		return
 	}
 
 	originAccountID := c.Param(IDKey)
 	if originAccountID == "" {
-		c.JSON(http.StatusBadRequest, gin.H{"error": "no follow request origin account id provided"})
+		err := errors.New("no account id specified")
+		api.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGet)
 		return
 	}
 
 	relationship, errWithCode := m.processor.FollowRequestReject(c.Request.Context(), authed, originAccountID)
 	if errWithCode != nil {
-		l.Debug(errWithCode.Error())
-		c.JSON(errWithCode.Code(), gin.H{"error": errWithCode.Safe()})
+		api.ErrorHandler(c, errWithCode, m.processor.InstanceGet)
 		return
 	}
author	tobi <31960611+tsmethurst@users.noreply.github.com>	2022-06-08 20:38:03 +0200
committer	GitHub <noreply@github.com>	2022-06-08 20:38:03 +0200
commit	1ede54ddf6dfd2d4ba039eb7e23b74bcac65b643 (patch)
tree	727436fb9bf9da25e30c5ded65c5b5ccaffe0cf0 /internal/api/client/followrequest
parent	[bugfix] #621: add weak type handing to mapstructure decode (#625) (diff)
download	gotosocial-1ede54ddf6dfd2d4ba039eb7e23b74bcac65b643.tar.xz