From 8c7339caea1295e8fe0a9bd54013f1b9fb2d8f29 Mon Sep 17 00:00:00 2001 From: Rodney Osodo <28790446+rodneyosodo@users.noreply.github.com> Date: Wed, 3 Apr 2024 11:57:31 +0300 Subject: [PATCH] enforce error wraping in users service Signed-off-by: Rodney Osodo <28790446+rodneyosodo@users.noreply.github.com> --- internal/groups/service.go | 33 +++++++++++++++---------------- pkg/errors/service/types.go | 3 +++ users/service.go | 39 +++++++++++++------------------------ 3 files changed, 33 insertions(+), 42 deletions(-) diff --git a/internal/groups/service.go b/internal/groups/service.go index 507db4f0cd0..e3e3133cc4d 100644 --- a/internal/groups/service.go +++ b/internal/groups/service.go @@ -20,10 +20,9 @@ import ( ) var ( - errParentUnAuthz = errors.New("failed to authorize parent group") - errMemberKind = errors.New("invalid member kind") - errRetrieveGroups = errors.New("failed to retrieve groups") - errGroupIDs = errors.New("invalid group ids") + errParentUnAuthz = errors.New("failed to authorize parent group") + errMemberKind = errors.New("invalid member kind") + errGroupIDs = errors.New("invalid group ids") ) type service struct { @@ -70,7 +69,7 @@ func (svc service) CreateGroup(ctx context.Context, token, kind string, g groups g, err = svc.groups.Save(ctx, g) if err != nil { - return groups.Group{}, err + return groups.Group{}, errors.Wrap(svcerr.ErrCreateEntity, err) } // IMPROVEMENT NOTE: Add defer function , if return err is not nil, then delete group @@ -104,7 +103,7 @@ func (svc service) CreateGroup(ctx context.Context, token, kind string, g groups }) } if _, err := svc.auth.AddPolicies(ctx, &policies); err != nil { - return g, err + return g, errors.Wrap(svcerr.ErrAddPolicies, err) } return g, nil @@ -454,7 +453,7 @@ func (svc service) Assign(ctx context.Context, token, groupID, relation, memberK func (svc service) assignParentGroup(ctx context.Context, domain, parentGroupID string, groupIDs []string) (err error) { groupsPage, err := svc.groups.RetrieveByIDs(ctx, groups.Page{PageMeta: groups.PageMeta{Limit: 1<<63 - 1}}, groupIDs...) if err != nil { - return errors.Wrap(errRetrieveGroups, err) + return errors.Wrap(svcerr.ErrViewEntity, err) } if len(groupsPage.Groups) == 0 { return errGroupIDs @@ -484,7 +483,7 @@ func (svc service) assignParentGroup(ctx context.Context, domain, parentGroupID } if _, err := svc.auth.AddPolicies(ctx, &addPolicies); err != nil { - return err + return errors.Wrap(svcerr.ErrAddPolicies, err) } defer func() { if err != nil { @@ -500,7 +499,7 @@ func (svc service) assignParentGroup(ctx context.Context, domain, parentGroupID func (svc service) unassignParentGroup(ctx context.Context, domain, parentGroupID string, groupIDs []string) (err error) { groupsPage, err := svc.groups.RetrieveByIDs(ctx, groups.Page{PageMeta: groups.PageMeta{Limit: 1<<63 - 1}}, groupIDs...) if err != nil { - return errors.Wrap(errRetrieveGroups, err) + return errors.Wrap(svcerr.ErrViewEntity, err) } if len(groupsPage.Groups) == 0 { return errGroupIDs @@ -530,7 +529,7 @@ func (svc service) unassignParentGroup(ctx context.Context, domain, parentGroupI } if _, err := svc.auth.DeletePolicies(ctx, &deletePolicies); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } defer func() { if err != nil { @@ -616,7 +615,7 @@ func (svc service) DeleteGroup(ctx context.Context, token, groupID string) error Subject: groupID, ObjectType: auth.GroupType, }); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } // Remove policy of things @@ -625,7 +624,7 @@ func (svc service) DeleteGroup(ctx context.Context, token, groupID string) error Subject: groupID, ObjectType: auth.ThingType, }); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } // Remove policy from domain @@ -634,12 +633,12 @@ func (svc service) DeleteGroup(ctx context.Context, token, groupID string) error Object: groupID, ObjectType: auth.GroupType, }); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } // Remove group from database if err := svc.groups.Delete(ctx, groupID); err != nil { - return err + return errors.Wrap(svcerr.ErrRemoveEntity, err) } // Remove policy of users @@ -648,7 +647,7 @@ func (svc service) DeleteGroup(ctx context.Context, token, groupID string) error Object: groupID, ObjectType: auth.GroupType, }); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } return nil @@ -691,7 +690,7 @@ func (svc service) changeGroupStatus(ctx context.Context, token string, group gr } dbGroup, err := svc.groups.RetrieveByID(ctx, group.ID) if err != nil { - return groups.Group{}, err + return groups.Group{}, errors.Wrap(svcerr.ErrViewEntity, err) } if dbGroup.Status == group.Status { return groups.Group{}, errors.ErrStatusAlreadyAssigned @@ -704,7 +703,7 @@ func (svc service) changeGroupStatus(ctx context.Context, token string, group gr func (svc service) identify(ctx context.Context, token string) (*magistrala.IdentityRes, error) { res, err := svc.auth.Identify(ctx, &magistrala.IdentityReq{Token: token}) if err != nil { - return nil, err + return nil, errors.Wrap(svcerr.ErrAuthentication, err) } if res.GetId() == "" || res.GetDomainId() == "" { return nil, svcerr.ErrDomainAuthorization diff --git a/pkg/errors/service/types.go b/pkg/errors/service/types.go index 28071fb3a58..e7d04936dd8 100644 --- a/pkg/errors/service/types.go +++ b/pkg/errors/service/types.go @@ -61,6 +61,9 @@ var ( // ErrDeletePolicies indicates failed to delete policies. ErrDeletePolicies = errors.New("failed to delete policies") + // ErrIssueToken indicates a failure to issue token. + ErrIssueToken = errors.New("failed to issue token") + // ErrPasswordFormat indicates weak password. ErrPasswordFormat = errors.New("password does not meet the requirements") diff --git a/users/service.go b/users/service.go index 29362d201c0..405ae3db2c5 100644 --- a/users/service.go +++ b/users/service.go @@ -19,17 +19,6 @@ import ( "golang.org/x/sync/errgroup" ) -var ( - // ErrAddPolicies indictaed a failre to add policies. - errAddPolicies = errors.New("failed to add policies") - - // ErrIssueToken indicates a failure to issue token. - ErrIssueToken = errors.New("failed to issue token") - - // errDeletePolicies indictaed a failre to add policies. - errDeletePolicies = errors.New("failed to delete policies") -) - type service struct { clients postgres.Repository idProvider magistrala.IDProvider @@ -104,7 +93,7 @@ func (svc service) RegisterClient(ctx context.Context, token string, cli mgclien func (svc service) IssueToken(ctx context.Context, identity, secret, domainID string) (*magistrala.Token, error) { dbUser, err := svc.clients.RetrieveByIdentity(ctx, identity) if err != nil { - return &magistrala.Token{}, errors.Wrap(repoerr.ErrNotFound, err) + return &magistrala.Token{}, errors.Wrap(svcerr.ErrViewEntity, err) } if err := svc.hasher.Compare(secret, dbUser.Credentials.Secret); err != nil { return &magistrala.Token{}, errors.Wrap(svcerr.ErrLogin, err) @@ -139,7 +128,7 @@ func (svc service) ViewClient(ctx context.Context, token, id string) (mgclients. client, err := svc.clients.RetrieveByID(ctx, id) if err != nil { - return mgclients.Client{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrViewEntity, err) } client.Credentials.Secret = "" @@ -153,7 +142,7 @@ func (svc service) ViewProfile(ctx context.Context, token string) (mgclients.Cli } client, err := svc.clients.RetrieveByID(ctx, id) if err != nil { - return mgclients.Client{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrViewEntity, err) } client.Credentials.Secret = "" @@ -292,7 +281,7 @@ func (svc service) ResetSecret(ctx context.Context, resetToken, secret string) e } c, err := svc.clients.RetrieveByID(ctx, id) if err != nil { - return errors.Wrap(repoerr.ErrNotFound, err) + return errors.Wrap(svcerr.ErrViewEntity, err) } if c.Credentials.Identity == "" { return repoerr.ErrNotFound @@ -322,10 +311,10 @@ func (svc service) UpdateClientSecret(ctx context.Context, token, oldSecret, new } dbClient, err := svc.clients.RetrieveByID(ctx, id) if err != nil { - return mgclients.Client{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrViewEntity, err) } if _, err := svc.IssueToken(ctx, dbClient.Credentials.Identity, oldSecret, ""); err != nil { - return mgclients.Client{}, errors.Wrap(ErrIssueToken, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrIssueToken, err) } newSecret, err = svc.hasher.Hash(newSecret) if err != nil { @@ -416,7 +405,7 @@ func (svc service) changeClientStatus(ctx context.Context, token string, client } dbClient, err := svc.clients.RetrieveByID(ctx, client.ID) if err != nil { - return mgclients.Client{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrNotFound, err) } if dbClient.Status == client.Status { return mgclients.Client{}, errors.ErrStatusAlreadyAssigned @@ -461,7 +450,7 @@ func (svc service) ListMembers(ctx context.Context, token, objectKind, objectID ObjectType: objectType, }) if err != nil { - return mgclients.MembersPage{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.MembersPage{}, errors.Wrap(svcerr.ErrNotFound, err) } if len(duids.Policies) == 0 { return mgclients.MembersPage{ @@ -629,7 +618,7 @@ func (svc service) addClientPolicy(ctx context.Context, userID string, role mgcl } resp, err := svc.auth.AddPolicies(ctx, &policies) if err != nil { - return err + return errors.Wrap(svcerr.ErrAddPolicies, err) } if !resp.Added { return svcerr.ErrAuthorization @@ -659,7 +648,7 @@ func (svc service) addClientPolicyRollback(ctx context.Context, userID string, r } resp, err := svc.auth.DeletePolicies(ctx, &policies) if err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } if !resp.Deleted { return svcerr.ErrAuthorization @@ -678,10 +667,10 @@ func (svc service) updateClientPolicy(ctx context.Context, userID string, role m Object: auth.MagistralaObject, }) if err != nil { - return errors.Wrap(errAddPolicies, err) + return errors.Wrap(svcerr.ErrAddPolicies, err) } if !resp.Added { - return errors.Wrap(svcerr.ErrAuthorization, err) + return svcerr.ErrAuthorization } return nil case mgclients.UserRole: @@ -695,10 +684,10 @@ func (svc service) updateClientPolicy(ctx context.Context, userID string, role m Object: auth.MagistralaObject, }) if err != nil { - return errors.Wrap(errDeletePolicies, err) + return errors.Wrap(svcerr.ErrDeletePolicies, err) } if !resp.Deleted { - return errors.Wrap(errDeletePolicies, err) + return svcerr.ErrAuthorization } return nil }