Use well-defined server errors instead of hardcoded messages that could be slightly different and spread accross the code base. Signed-off-by: Julien Riou <julien@riou.xyz>
This commit is contained in:
parent
55de3afc71
commit
f721e56371
GPG key ID:
9A099EDA51316854
3 changed files with 137 additions and 80 deletions
|
|
@ -36,13 +36,13 @@ type PageData struct {
|
|||
DisableEditor bool
|
||||
}
|
||||
|
||||
func TemplateError(w http.ResponseWriter, pageData PageData, templates *template.Template, templateName string, logger *slog.Logger, msg string, err error) {
|
||||
func WebError(w http.ResponseWriter, pageData PageData, templates *template.Template, templateName string, logger *slog.Logger, topLevelErr error, err error) {
|
||||
// Only show the top-level error to users
|
||||
pageData.Err = fmt.Errorf("%s", msg)
|
||||
pageData.Err = topLevelErr
|
||||
|
||||
// Show full error in the logs
|
||||
if err != nil {
|
||||
err = fmt.Errorf("%s: %w", msg, err)
|
||||
err = fmt.Errorf("%v: %w", topLevelErr, err)
|
||||
} else {
|
||||
err = pageData.Err
|
||||
}
|
||||
|
|
@ -71,19 +71,23 @@ func (h *CreateNoteWithFormHandler) TemplateName() string {
|
|||
return "create"
|
||||
}
|
||||
|
||||
func (h *CreateNoteWithFormHandler) TemplateError(w http.ResponseWriter, logger *slog.Logger, msg string, err error) {
|
||||
TemplateError(w, h.PageData, h.Templates, h.TemplateName(), logger, msg, err)
|
||||
func (h *CreateNoteWithFormHandler) Name() string {
|
||||
return "CreateNoteWithFormHandler"
|
||||
}
|
||||
|
||||
func (h *CreateNoteWithFormHandler) WebError(w http.ResponseWriter, logger *slog.Logger, topLevelErr error, err error) {
|
||||
WebError(w, h.PageData, h.Templates, h.TemplateName(), logger, topLevelErr, err)
|
||||
}
|
||||
|
||||
func (h *CreateNoteWithFormHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
h.PageData.Err = nil
|
||||
|
||||
logger := h.logger.With("handler", "CreateNoteWithFormHandler")
|
||||
logger := h.logger.With("handler", h.Name())
|
||||
|
||||
logger.Debug("parsing multipart form")
|
||||
err := r.ParseMultipartForm(h.maxUploadSize)
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not parse form", err)
|
||||
h.WebError(w, logger, ErrCouldNotParseForm, err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -93,46 +97,46 @@ func (h *CreateNoteWithFormHandler) ServeHTTP(w http.ResponseWriter, r *http.Req
|
|||
logger.Debug("parsing file")
|
||||
file, handler, err := r.FormFile("file")
|
||||
if err != nil && !errors.Is(err, http.ErrMissingFile) {
|
||||
h.TemplateError(w, logger, "could not parse file", err)
|
||||
h.WebError(w, logger, ErrCouldNotParseFile, err)
|
||||
return
|
||||
}
|
||||
|
||||
if !errors.Is(err, http.ErrMissingFile) {
|
||||
defer file.Close()
|
||||
|
||||
h.logger.Debug("checking file size")
|
||||
logger.Debug("checking file size")
|
||||
if handler.Size > h.maxUploadSize {
|
||||
h.TemplateError(w, logger, "file too large", err)
|
||||
h.WebError(w, logger, ErrFileTooLarge, err)
|
||||
return
|
||||
}
|
||||
|
||||
h.logger.Debug("checking file content type")
|
||||
logger.Debug("checking file content type")
|
||||
if !strings.HasPrefix(handler.Header.Get("Content-Type"), "text/") {
|
||||
h.TemplateError(w, logger, "text file expected", err)
|
||||
h.WebError(w, logger, ErrTextFileExpected, err)
|
||||
return
|
||||
}
|
||||
|
||||
h.logger.Debug("reading uploaded file")
|
||||
logger.Debug("reading uploaded file")
|
||||
var fileContent bytes.Buffer
|
||||
n, err := io.Copy(&fileContent, file)
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not read file", err)
|
||||
h.WebError(w, logger, ErrCouldNotReadFile, err)
|
||||
return
|
||||
}
|
||||
|
||||
h.logger.Debug("file uploaded", slog.Any("bytes", n))
|
||||
logger.Debug("file uploaded", slog.Any("bytes", n))
|
||||
if n != 0 {
|
||||
content = fileContent.Bytes()
|
||||
}
|
||||
}
|
||||
|
||||
h.logger.Debug("checking content")
|
||||
logger.Debug("checking content")
|
||||
if content == nil || len(content) == 0 {
|
||||
h.TemplateError(w, logger, "empty note", nil)
|
||||
h.WebError(w, logger, ErrEmptyNote, nil)
|
||||
return
|
||||
}
|
||||
|
||||
h.logger.Debug("checking inputs")
|
||||
logger.Debug("checking inputs")
|
||||
password := r.FormValue("password")
|
||||
noEncryption := r.FormValue("no-encryption")
|
||||
encryptionKey := r.FormValue("encryption-key")
|
||||
|
|
@ -141,11 +145,11 @@ func (h *CreateNoteWithFormHandler) ServeHTTP(w http.ResponseWriter, r *http.Req
|
|||
language := r.FormValue("language")
|
||||
|
||||
if !h.PageData.AllowNoEncryption && noEncryption != "" {
|
||||
h.TemplateError(w, logger, "encryption is required", nil)
|
||||
h.WebError(w, logger, ErrEncryptionRequired, nil)
|
||||
}
|
||||
|
||||
if !h.PageData.AllowClientEncryptionKey && encryptionKey != "" {
|
||||
h.TemplateError(w, logger, "client encryption key is not allowed", nil)
|
||||
h.WebError(w, logger, ErrClientEncryptionKeyNotAllowed, nil)
|
||||
}
|
||||
|
||||
if !h.PageData.AllowClientEncryptionKey && encryptionKey == "" && noEncryption == "" {
|
||||
|
|
@ -160,7 +164,7 @@ func (h *CreateNoteWithFormHandler) ServeHTTP(w http.ResponseWriter, r *http.Req
|
|||
} else {
|
||||
expirationInt, err = strconv.Atoi(expiration)
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "invalid expiration", err)
|
||||
h.WebError(w, logger, ErrInvalidExpiration, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
|
@ -168,11 +172,11 @@ func (h *CreateNoteWithFormHandler) ServeHTTP(w http.ResponseWriter, r *http.Req
|
|||
logger.Debug("saving note to the database")
|
||||
note, err := h.db.Create(content, password, encryptionKey, encryptionKey != "", expirationInt, deleteAfterRead != "", language)
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not create note", err)
|
||||
h.WebError(w, logger, ErrCouldNotCreateNote, err)
|
||||
return
|
||||
}
|
||||
|
||||
h.logger.Debug("building note url")
|
||||
logger.Debug("building note url")
|
||||
var scheme = "http://"
|
||||
if r.TLS != nil {
|
||||
scheme = "https://"
|
||||
|
|
@ -183,7 +187,7 @@ func (h *CreateNoteWithFormHandler) ServeHTTP(w http.ResponseWriter, r *http.Req
|
|||
h.PageData.URL += "#" + encryptionKey
|
||||
}
|
||||
|
||||
h.logger.Debug("rendering page")
|
||||
logger.Debug("rendering page")
|
||||
h.Templates.ExecuteTemplate(w, h.TemplateName(), h.PageData)
|
||||
}
|
||||
|
||||
|
|
@ -198,8 +202,12 @@ func (h *GetRawWebNoteHandler) TemplateName() string {
|
|||
return "unprotectedNote"
|
||||
}
|
||||
|
||||
func (h *GetRawWebNoteHandler) TemplateError(w http.ResponseWriter, logger *slog.Logger, msg string, err error) {
|
||||
TemplateError(w, h.PageData, h.Templates, h.TemplateName(), logger, msg, err)
|
||||
func (h *GetRawWebNoteHandler) Name() string {
|
||||
return "GetRawWebNoteHandler"
|
||||
}
|
||||
|
||||
func (h *GetRawWebNoteHandler) WebError(w http.ResponseWriter, logger *slog.Logger, topLevelErr error, err error) {
|
||||
WebError(w, h.PageData, h.Templates, h.TemplateName(), logger, topLevelErr, err)
|
||||
}
|
||||
|
||||
func (h *GetRawWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
@ -208,18 +216,18 @@ func (h *GetRawWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
|
|||
vars := mux.Vars(r)
|
||||
id := vars["id"]
|
||||
|
||||
logger := h.logger.With("handler", "GetRawWebNoteHandler", "note_id", id)
|
||||
logger := h.logger.With("handler", h.Name(), "note_id", id)
|
||||
|
||||
logger.Debug("fetching note from the database")
|
||||
note, err := h.db.Get(id)
|
||||
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not find note", err)
|
||||
h.WebError(w, logger, ErrCouldNotFindNote, err)
|
||||
return
|
||||
}
|
||||
|
||||
if note == nil {
|
||||
h.TemplateError(w, logger, "note does not exist", err)
|
||||
h.WebError(w, logger, ErrNoteDoesNotExist, err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -248,8 +256,12 @@ func (h *GetProtectedRawWebNoteHandler) TemplateName() string {
|
|||
return "protectedNote"
|
||||
}
|
||||
|
||||
func (h *GetProtectedRawWebNoteHandler) TemplateError(w http.ResponseWriter, logger *slog.Logger, msg string, err error) {
|
||||
TemplateError(w, h.PageData, h.Templates, h.TemplateName(), logger, msg, err)
|
||||
func (h *GetProtectedRawWebNoteHandler) Name() string {
|
||||
return "GetProtectedRawWebNoteHandler"
|
||||
}
|
||||
|
||||
func (h *GetProtectedRawWebNoteHandler) WebError(w http.ResponseWriter, logger *slog.Logger, topLevelErr error, err error) {
|
||||
WebError(w, h.PageData, h.Templates, h.TemplateName(), logger, topLevelErr, err)
|
||||
}
|
||||
|
||||
func (h *GetProtectedRawWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
@ -258,12 +270,12 @@ func (h *GetProtectedRawWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http
|
|||
vars := mux.Vars(r)
|
||||
id := vars["id"]
|
||||
|
||||
logger := h.logger.With("handler", "GetProtectedRawWebNoteHandler", "note_id", id)
|
||||
logger := h.logger.With("handler", h.Name(), "note_id", id)
|
||||
|
||||
logger.Debug("parsing multipart form")
|
||||
err := r.ParseMultipartForm(h.maxUploadSize)
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not parse form", err)
|
||||
h.WebError(w, logger, ErrCouldNotParseForm, err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -274,24 +286,24 @@ func (h *GetProtectedRawWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http
|
|||
note, err := h.db.Get(id)
|
||||
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not find note", err)
|
||||
h.WebError(w, logger, ErrCouldNotFindNote, err)
|
||||
return
|
||||
}
|
||||
|
||||
if note == nil {
|
||||
h.TemplateError(w, logger, "note does not exist", nil)
|
||||
h.WebError(w, logger, ErrNoteDoesNotExist, nil)
|
||||
return
|
||||
}
|
||||
|
||||
if note.Encrypted {
|
||||
if encryptionKey == "" {
|
||||
h.TemplateError(w, logger, "encryption key not found", nil)
|
||||
h.WebError(w, logger, ErrEncryptionKeyNotFound, nil)
|
||||
return
|
||||
}
|
||||
logger.Debug("decrypting content")
|
||||
note.Content, err = internal.Decrypt(note.Content, encryptionKey)
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not decrypt note", err)
|
||||
h.WebError(w, logger, ErrCouldNotDecryptNote, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
|
@ -299,7 +311,7 @@ func (h *GetProtectedRawWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http
|
|||
if len(note.PasswordHash) > 0 {
|
||||
logger.Debug("comparing password hashes")
|
||||
if err := bcrypt.CompareHashAndPassword(note.PasswordHash, []byte(password)); err != nil {
|
||||
h.TemplateError(w, logger, "invalid password", err)
|
||||
h.WebError(w, logger, ErrInvalidPassword, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
|
@ -321,8 +333,12 @@ func (h *GetWebNoteHandler) TemplateName() string {
|
|||
return "unprotectedNote"
|
||||
}
|
||||
|
||||
func (h *GetWebNoteHandler) TemplateError(w http.ResponseWriter, logger *slog.Logger, msg string, err error) {
|
||||
TemplateError(w, h.PageData, h.Templates, h.TemplateName(), logger, msg, err)
|
||||
func (h *GetWebNoteHandler) Name() string {
|
||||
return "GetWebNoteHandler"
|
||||
}
|
||||
|
||||
func (h *GetWebNoteHandler) WebError(w http.ResponseWriter, logger *slog.Logger, topLevelErr error, err error) {
|
||||
WebError(w, h.PageData, h.Templates, h.TemplateName(), logger, topLevelErr, err)
|
||||
}
|
||||
|
||||
func (h *GetWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
@ -331,23 +347,23 @@ func (h *GetWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|||
vars := mux.Vars(r)
|
||||
id := vars["id"]
|
||||
|
||||
logger := h.logger.With("handler", "GetWebNoteHandler", "note_id", id)
|
||||
logger := h.logger.With("handler", h.Name(), "note_id", id)
|
||||
|
||||
note, err := h.db.Get(id)
|
||||
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not find note", err)
|
||||
h.WebError(w, logger, ErrCouldNotFindNote, err)
|
||||
return
|
||||
}
|
||||
|
||||
if note == nil {
|
||||
h.TemplateError(w, logger, "note does not exist", nil)
|
||||
h.WebError(w, logger, ErrNoteDoesNotExist, nil)
|
||||
return
|
||||
}
|
||||
|
||||
h.PageData.Note = note
|
||||
|
||||
h.logger.Debug("rendering page")
|
||||
logger.Debug("rendering page")
|
||||
h.Templates.ExecuteTemplate(w, h.TemplateName(), h.PageData)
|
||||
}
|
||||
|
||||
|
|
@ -363,8 +379,12 @@ func (h *GetProtectedWebNoteHandler) TemplateName() string {
|
|||
return "protectedNote"
|
||||
}
|
||||
|
||||
func (h *GetProtectedWebNoteHandler) TemplateError(w http.ResponseWriter, logger *slog.Logger, msg string, err error) {
|
||||
TemplateError(w, h.PageData, h.Templates, h.TemplateName(), logger, msg, err)
|
||||
func (h *GetProtectedWebNoteHandler) Name() string {
|
||||
return "GetProtectedWebNoteHandler"
|
||||
}
|
||||
|
||||
func (h *GetProtectedWebNoteHandler) WebError(w http.ResponseWriter, logger *slog.Logger, topLevelErr error, err error) {
|
||||
WebError(w, h.PageData, h.Templates, h.TemplateName(), logger, topLevelErr, err)
|
||||
}
|
||||
|
||||
func (h *GetProtectedWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
@ -373,12 +393,12 @@ func (h *GetProtectedWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Re
|
|||
vars := mux.Vars(r)
|
||||
id := vars["id"]
|
||||
|
||||
logger := h.logger.With("handler", "GetProtectedWebNoteHandler", "note_id", id)
|
||||
logger := h.logger.With("handler", h.Name(), "note_id", id)
|
||||
|
||||
h.logger.Debug("parsing multipart form")
|
||||
logger.Debug("parsing multipart form")
|
||||
err := r.ParseMultipartForm(h.maxUploadSize)
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not parse form", err)
|
||||
h.WebError(w, logger, ErrCouldNotParseForm, err)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -388,37 +408,37 @@ func (h *GetProtectedWebNoteHandler) ServeHTTP(w http.ResponseWriter, r *http.Re
|
|||
note, err := h.db.Get(id)
|
||||
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not find note", err)
|
||||
h.WebError(w, logger, ErrCouldNotFindNote, err)
|
||||
return
|
||||
}
|
||||
|
||||
if note == nil {
|
||||
h.TemplateError(w, logger, "note does not exist", nil)
|
||||
h.WebError(w, logger, ErrNoteDoesNotExist, nil)
|
||||
return
|
||||
}
|
||||
|
||||
if note.Encrypted {
|
||||
if encryptionKey == "" {
|
||||
h.TemplateError(w, logger, "encryption key not found", nil)
|
||||
h.WebError(w, logger, ErrEncryptionKeyNotFound, nil)
|
||||
return
|
||||
}
|
||||
note.Content, err = internal.Decrypt(note.Content, encryptionKey)
|
||||
if err != nil {
|
||||
h.TemplateError(w, logger, "could not decrypt note", err)
|
||||
h.WebError(w, logger, ErrCouldNotDecryptNote, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if len(note.PasswordHash) > 0 {
|
||||
if err := bcrypt.CompareHashAndPassword(note.PasswordHash, []byte(password)); err != nil {
|
||||
h.TemplateError(w, logger, "invalid password", err)
|
||||
h.WebError(w, logger, ErrInvalidPassword, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
h.PageData.Note = note
|
||||
|
||||
h.logger.Debug("rendering page")
|
||||
logger.Debug("rendering page")
|
||||
h.Templates.ExecuteTemplate(w, h.TemplateName(), h.PageData)
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue