improved error handling

2025-02-28 11:57:06 +01:00
parent e3ebbe596c
commit ef98745732
2 changed files with 25 additions and 27 deletions
--- a/go-backend/internal/controllers/user_controller.go
+++ b/go-backend/internal/controllers/user_controller.go
@@ -35,7 +35,7 @@ type RegistrationData struct {
 func (uc *UserController) CurrentUserHandler(c *gin.Context) {
 	requestUser, err := uc.ExtractUserFromContext(c)
 	if err != nil {
-		utils.RespondWithError(c, err, "Error extracting user from context in CurrentUserHandler", http.StatusBadRequest, "general", "server.error.internal_server_error")
+		utils.RespondWithError(c, err, "Error extracting user from context in CurrentUserHandler", http.StatusBadRequest, errors.Responses.Fields.User, errors.Responses.Keys.NoAuthToken)
 		return
 	}

@@ -48,17 +48,17 @@ func (uc *UserController) GetAllUsers(c *gin.Context) {

 	requestUser, err := uc.ExtractUserFromContext(c)
 	if err != nil {
-		utils.RespondWithError(c, err, "Error extracting user from context in UpdateHandler", http.StatusBadRequest, "general", "server.validation.no_auth_tokenw")
+		utils.RespondWithError(c, err, "Error extracting user from context in UpdateHandler", http.StatusBadRequest, errors.Responses.Fields.User, errors.Responses.Keys.NoAuthToken)
 		return
 	}
-	if requestUser.RoleID == constants.Roles.Member {
-		utils.RespondWithError(c, errors.ErrNotAuthorized, "Not allowed to update user", http.StatusForbidden, "user.user", "server.error.unauthorized")
+	if utils.HasPrivilige(requestUser, constants.Priviliges.View) {
+		utils.RespondWithError(c, errors.ErrNotAuthorized, "Not allowed to update user", http.StatusForbidden, errors.Responses.Fields.User, errors.Responses.Keys.Unauthorized)
 		return
 	}

 	users, err := uc.Service.GetUsers(nil)
 	if err != nil {
-		utils.RespondWithError(c, err, "Error getting users in GetAllUsers", http.StatusInternalServerError, "user.user", "server.error.internal_server_error")
+		utils.RespondWithError(c, err, "Error getting users in GetAllUsers", http.StatusInternalServerError, errors.Responses.Fields.User, errors.Responses.Keys.InternalServerError)
 		return
 	}

@@ -78,7 +78,7 @@ func (uc *UserController) UpdateHandler(c *gin.Context) {
 	// 1. Extract and validate the user ID from the route
 	requestUser, err := uc.ExtractUserFromContext(c)
 	if err != nil {
-		utils.RespondWithError(c, err, "Error extracting user from context in UpdateHandler", http.StatusBadRequest, "general", "server.validation.no_auth_tokenw")
+		utils.RespondWithError(c, err, "Error extracting user from context in UpdateHandler", http.StatusBadRequest, errors.Responses.Fields.User, errors.Responses.Keys.NoAuthToken)
 		return
 	}

@@ -91,12 +91,12 @@ func (uc *UserController) UpdateHandler(c *gin.Context) {
 	user = updateData.User

 	if !utils.HasPrivilige(requestUser, constants.Priviliges.Update) && user.ID != requestUser.ID {
-		utils.RespondWithError(c, errors.ErrNotAuthorized, "Not allowed to update user", http.StatusUnauthorized, "user.user", "server.error.unauthorized")
+		utils.RespondWithError(c, errors.ErrNotAuthorized, "Not allowed to update user", http.StatusForbidden, errors.Responses.Fields.User, errors.Responses.Keys.Unauthorized)
 		return
 	}
 	existingUser, err := uc.Service.GetUserByID(user.ID)
 	if err != nil {
-		utils.RespondWithError(c, err, "Error finding an existing user", http.StatusNotFound, "user.user", "server.error.not_found")
+		utils.RespondWithError(c, err, "Error finding an existing user", http.StatusNotFound, errors.Responses.Fields.User, errors.Responses.Keys.NotFound)
 		return
 	}
 	// user.Membership.ID = existingUser.Membership.ID
@@ -113,10 +113,10 @@ func (uc *UserController) UpdateHandler(c *gin.Context) {
 		existingUser.Password = ""
 		if err := utils.FilterAllowedStructFields(&user, existingUser, constants.MemberUpdateFields, ""); err != nil {
 			if err.Error() == "Not authorized" {
-				utils.RespondWithError(c, errors.ErrNotAuthorized, "Trying to update unauthorized fields", http.StatusUnauthorized, "user.user", "server.error.unauthorized")
-				return
+				utils.RespondWithError(c, errors.ErrNotAuthorized, "Trying to update unauthorized fields", http.StatusUnauthorized, errors.Responses.Fields.User, errors.Responses.Keys.Unauthorized)
+			} else {
+				utils.RespondWithError(c, err, "Error filtering users input fields", http.StatusInternalServerError, errors.Responses.Fields.User, errors.Responses.Keys.InternalServerError)
 			}
-			utils.RespondWithError(c, err, "Error filtering users input fields", http.StatusInternalServerError, "user.user", "server.error.internal_server_error")
 			return
 		}
 	}
@@ -136,7 +136,7 @@ func (uc *UserController) DeleteUser(c *gin.Context) {

 	requestUser, err := uc.ExtractUserFromContext(c)
 	if err != nil {
-		utils.RespondWithError(c, err, "Error extracting user from context in DeleteUser", http.StatusBadRequest, "general", "server.validation.no_auth_tokenw")
+		utils.RespondWithError(c, err, "Error extracting user from context in DeleteUser", http.StatusBadRequest, errors.Responses.Fields.User, errors.Responses.Keys.NoAuthToken)
 		return
 	}

@@ -154,13 +154,13 @@ func (uc *UserController) DeleteUser(c *gin.Context) {
 	}

 	if !utils.HasPrivilige(requestUser, constants.Priviliges.Delete) && data.User.ID != requestUser.ID {
-		utils.RespondWithError(c, errors.ErrNotAuthorized, "Not allowed to delete user", http.StatusForbidden, "user.user", "server.error.unauthorized")
+		utils.RespondWithError(c, errors.ErrNotAuthorized, "Not allowed to delete user", http.StatusForbidden, errors.Responses.Fields.User, errors.Responses.Keys.Unauthorized)
 		return
 	}

 	logger.Error.Printf("Deleting user: %v", data.User)
 	if err := uc.Service.DeleteUser(data.User.LastName, data.User.ID); err != nil {
-		utils.RespondWithError(c, err, "Error during user deletion", http.StatusInternalServerError, "user.user", "server.error.internal_server_error")
+		utils.HandleDeleteUserError(c, err)
 		return
 	}

@@ -227,7 +227,7 @@ func (uc *UserController) LoginHandler(c *gin.Context) {

 	ok, err := user.PasswordMatches(input.Password)
 	if err != nil {
-		utils.RespondWithError(c, err, "Login Error; password comparisson failed", http.StatusInternalServerError, errors.Responses.Fields.Login, errors.Responses.Keys.InternalServerError)
+		utils.RespondWithError(c, err, "Login Error; password incorrect", http.StatusInternalServerError, errors.Responses.Fields.Login, errors.Responses.Keys.InternalServerError)
 		return
 	}
 	if !ok {
@@ -265,13 +265,13 @@ func (uc *UserController) RegisterUser(c *gin.Context) {
 	logger.Info.Printf("Registering user %v", regData.User.Email)
 	selectedModel, err := uc.MembershipService.GetSubscriptionByName(&regData.User.Membership.SubscriptionModel.Name)
 	if err != nil {
-		utils.RespondWithError(c, err, "Error in Registeruser, couldn't get selected model", http.StatusNotFound, "subscription_model", "server.validation.subscription_model_not_found")
+		utils.RespondWithError(c, err, "Error in Registeruser, couldn't get selected model", http.StatusNotFound, errors.Responses.Fields.SubscriptionModel, errors.Responses.Keys.InvalidSubscriptionModel)
 		return
 	}
 	regData.User.Membership.SubscriptionModel = *selectedModel
 	if selectedModel.RequiredMembershipField != "" {
 		if err := validation.CheckParentMembershipID(regData.User.Membership); err != nil {
-			utils.RespondWithError(c, err, "Error in RegisterUser, couldn't check parent membership id", http.StatusBadRequest, "parent_membership_id", "server.validation.parent_membership_id_not_found")
+			utils.RespondWithError(c, err, "Error in RegisterUser, couldn't check parent membership id", http.StatusBadRequest, errors.Responses.Fields.ParentMemberShipID, errors.Responses.Keys.NotFound)
 			return
 		}
 	}
@@ -280,11 +280,10 @@ func (uc *UserController) RegisterUser(c *gin.Context) {
 	// Register User
 	id, token, err := uc.Service.RegisterUser(&regData.User)
 	if err != nil {
-		logger.Error.Printf("Couldn't register User(%v): %v", regData.User.Email, err)
 		if strings.Contains(err.Error(), "UNIQUE constraint failed: users.email") {
-			utils.RespondWithError(c, err, "Error in RegisterUser, couldn't register user", http.StatusConflict, "email", "server.validation.email_already_exists")
+			utils.RespondWithError(c, err, "Error in RegisterUser, couldn't register user", http.StatusConflict, errors.Responses.Fields.Email, errors.Responses.Keys.Duplicate)
 		} else {
-			utils.RespondWithError(c, err, "Error in RegisterUser, couldn't register user", http.StatusConflict, "general", "server.error.internal_server_error")
+			utils.RespondWithError(c, err, "Error in RegisterUser, couldn't register user", http.StatusConflict, errors.Responses.Fields.General, errors.Responses.Keys.InternalServerError)
 		}
 		return
 	}
@@ -308,15 +307,14 @@ func (uc *UserController) RegisterUser(c *gin.Context) {
 	for _, consent := range consents {
 		_, err = uc.ConsentService.RegisterConsent(&consent)
 		if err != nil {
-			utils.RespondWithError(c, err, "Error in RegisterUser, couldn't register consent", http.StatusInternalServerError, "general", "server.error.internal_server_error")
+			utils.RespondWithError(c, err, "Error in RegisterUser, couldn't register consent", http.StatusInternalServerError, errors.Responses.Fields.General, errors.Responses.Keys.InternalServerError)
 			return
 		}
 	}

 	// Send notifications
 	if err := uc.EmailService.SendVerificationEmail(&regData.User, &token); err != nil {
-		logger.Error.Printf("Failed to send email verification email to user(%v): %v", regData.User.Email, err)
-		// Proceed without returning error since user registration is successful
+		utils.RespondWithError(c, err, "Error in RegisterUser, couldn't send verification email", http.StatusInternalServerError, errors.Responses.Fields.Email, errors.Responses.Keys.UndeliveredVerificationMail)
 		// TODO Notify Admin
 	}

@@ -342,13 +340,13 @@ func (uc *UserController) VerifyMailHandler(c *gin.Context) {

 	verification, err := uc.Service.VerifyUser(&token, &constants.VerificationTypes.Email)
 	if err != nil {
-		utils.HandleVerifyUserError(c, err)
+		c.HTML(http.StatusBadRequest, "verification_error.html", gin.H{"ErrorMessage": "Couldn't verify user"})
 		return
 	}

 	user, err := uc.Service.GetUserByID(verification.UserID)
 	if err != nil {
-		utils.RespondWithError(c, err, "Couldn't find user", http.StatusNotFound, errors.Responses.Fields.User, errors.Responses.Keys.UserNotFoundWrongPassword)
+		c.HTML(http.StatusBadRequest, "verification_error.html", gin.H{"ErrorMessage": "Internal server error, couldn't verify user"})
 		return
 	}

--- a/go-backend/internal/controllers/user_controller_test.go
+++ b/go-backend/internal/controllers/user_controller_test.go
@@ -640,7 +640,7 @@ func testUpdateUser(t *testing.T, loginCookie http.Cookie, adminCookie http.Cook
 				u.Licence.Number = "B072RRE2I50"
 				u.FirstName = "John Missing ID"
 			},
-			expectedStatus: http.StatusUnauthorized,
+			expectedStatus: http.StatusForbidden,
 			expectedErrors: []map[string]string{
 				{"field": "user.user", "key": "server.error.unauthorized"},
 			},
@@ -692,7 +692,7 @@ func testUpdateUser(t *testing.T, loginCookie http.Cookie, adminCookie http.Cook
 			expectedErrors: []map[string]string{
 				{"field": "user.user", "key": "server.error.unauthorized"},
 			},
-			expectedStatus: http.StatusUnauthorized,
+			expectedStatus: http.StatusForbidden,
 		},
 	}
 	for _, tt := range tests {