diff --git a/api/openapi/users.yml b/api/openapi/users.yml index 44b98b42b5..63d7643e8b 100644 --- a/api/openapi/users.yml +++ b/api/openapi/users.yml @@ -383,7 +383,7 @@ paths: tags: - Users parameters: - - $ref: "#/components/parameters/Referrer" + - $ref: "#/components/parameters/Referer" requestBody: $ref: "#/components/requestBodies/RequestPasswordReset" responses: @@ -391,6 +391,8 @@ paths: description: Users link for resetting password. "400": description: Failed due to malformed JSON. + "404": + description: A non-existent entity request. "415": description: Missing or invalid content type. "422": @@ -883,8 +885,8 @@ paths: security: - bearerAuth: [] responses: - "200": - description: Member assigned. + "204": + description: Member unassigned. "400": description: Failed due to malformed group's ID. "401": @@ -1211,6 +1213,7 @@ components: secret: type: string example: password + minimum: 8 description: User secret password. metadata: type: object @@ -1352,10 +1355,12 @@ components: old_secret: type: string example: oldpassword + minimum: 8 description: Old user secret password. new_secret: type: string example: newpassword + minimum: 8 description: New user secret password. required: - old_secret @@ -1451,6 +1456,7 @@ components: secret: type: string example: password + minimum: 8 description: User secret password. required: - identity @@ -1490,8 +1496,8 @@ components: example: 1970-01-01_00:00:00 parameters: - Referrer: - name: Referrer + Referer: + name: Referer description: Host being sent by browser. in: header schema: @@ -1815,9 +1821,11 @@ components: password: type: string format: password + minimum: 8 description: New password. old_password: type: string + minimum: 8 format: password description: Old password. diff --git a/auth/service.go b/auth/service.go index ba2a4781a4..83b34c6f1e 100644 --- a/auth/service.go +++ b/auth/service.go @@ -10,7 +10,6 @@ import ( "time" "github.com/absmach/magistrala" - "github.com/absmach/magistrala/internal/postgres" "github.com/absmach/magistrala/pkg/errors" svcerr "github.com/absmach/magistrala/pkg/errors/service" ) @@ -670,7 +669,7 @@ func (svc service) ListDomains(ctx context.Context, token string, p Page) (Domai } dp, err := svc.domains.ListDomains(ctx, p) if err != nil { - return DomainsPage{}, postgres.HandleError(svcerr.ErrViewEntity, err) + return DomainsPage{}, errors.Wrap(svcerr.ErrViewEntity, err) } if p.SubjectID == "" { for i := range dp.Domains { diff --git a/internal/groups/service.go b/internal/groups/service.go index d802caeba3..e3e3133cc4 100644 --- a/internal/groups/service.go +++ b/internal/groups/service.go @@ -20,10 +20,9 @@ import ( ) var ( - errParentUnAuthz = errors.New("failed to authorize parent group") - errMemberKind = errors.New("invalid member kind") - errRetrieveGroups = errors.New("failed to retrieve groups") - errGroupIDs = errors.New("invalid group ids") + errParentUnAuthz = errors.New("failed to authorize parent group") + errMemberKind = errors.New("invalid member kind") + errGroupIDs = errors.New("invalid group ids") ) type service struct { @@ -70,7 +69,7 @@ func (svc service) CreateGroup(ctx context.Context, token, kind string, g groups g, err = svc.groups.Save(ctx, g) if err != nil { - return groups.Group{}, err + return groups.Group{}, errors.Wrap(svcerr.ErrCreateEntity, err) } // IMPROVEMENT NOTE: Add defer function , if return err is not nil, then delete group @@ -104,7 +103,7 @@ func (svc service) CreateGroup(ctx context.Context, token, kind string, g groups }) } if _, err := svc.auth.AddPolicies(ctx, &policies); err != nil { - return g, err + return g, errors.Wrap(svcerr.ErrAddPolicies, err) } return g, nil @@ -228,7 +227,7 @@ func (svc service) ListGroups(ctx context.Context, token, memberKind, memberID s gp, err := svc.groups.RetrieveByIDs(ctx, gm, ids...) if err != nil { - return groups.Page{}, err + return groups.Page{}, errors.Wrap(svcerr.ErrViewEntity, err) } if gm.ListPerms && len(gp.Groups) > 0 { @@ -454,7 +453,7 @@ func (svc service) Assign(ctx context.Context, token, groupID, relation, memberK func (svc service) assignParentGroup(ctx context.Context, domain, parentGroupID string, groupIDs []string) (err error) { groupsPage, err := svc.groups.RetrieveByIDs(ctx, groups.Page{PageMeta: groups.PageMeta{Limit: 1<<63 - 1}}, groupIDs...) if err != nil { - return errors.Wrap(errRetrieveGroups, err) + return errors.Wrap(svcerr.ErrViewEntity, err) } if len(groupsPage.Groups) == 0 { return errGroupIDs @@ -484,7 +483,7 @@ func (svc service) assignParentGroup(ctx context.Context, domain, parentGroupID } if _, err := svc.auth.AddPolicies(ctx, &addPolicies); err != nil { - return err + return errors.Wrap(svcerr.ErrAddPolicies, err) } defer func() { if err != nil { @@ -500,7 +499,7 @@ func (svc service) assignParentGroup(ctx context.Context, domain, parentGroupID func (svc service) unassignParentGroup(ctx context.Context, domain, parentGroupID string, groupIDs []string) (err error) { groupsPage, err := svc.groups.RetrieveByIDs(ctx, groups.Page{PageMeta: groups.PageMeta{Limit: 1<<63 - 1}}, groupIDs...) if err != nil { - return errors.Wrap(errRetrieveGroups, err) + return errors.Wrap(svcerr.ErrViewEntity, err) } if len(groupsPage.Groups) == 0 { return errGroupIDs @@ -530,7 +529,7 @@ func (svc service) unassignParentGroup(ctx context.Context, domain, parentGroupI } if _, err := svc.auth.DeletePolicies(ctx, &deletePolicies); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } defer func() { if err != nil { @@ -616,7 +615,7 @@ func (svc service) DeleteGroup(ctx context.Context, token, groupID string) error Subject: groupID, ObjectType: auth.GroupType, }); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } // Remove policy of things @@ -625,7 +624,7 @@ func (svc service) DeleteGroup(ctx context.Context, token, groupID string) error Subject: groupID, ObjectType: auth.ThingType, }); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } // Remove policy from domain @@ -634,12 +633,12 @@ func (svc service) DeleteGroup(ctx context.Context, token, groupID string) error Object: groupID, ObjectType: auth.GroupType, }); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } // Remove group from database if err := svc.groups.Delete(ctx, groupID); err != nil { - return err + return errors.Wrap(svcerr.ErrRemoveEntity, err) } // Remove policy of users @@ -648,7 +647,7 @@ func (svc service) DeleteGroup(ctx context.Context, token, groupID string) error Object: groupID, ObjectType: auth.GroupType, }); err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } return nil @@ -691,7 +690,7 @@ func (svc service) changeGroupStatus(ctx context.Context, token string, group gr } dbGroup, err := svc.groups.RetrieveByID(ctx, group.ID) if err != nil { - return groups.Group{}, err + return groups.Group{}, errors.Wrap(svcerr.ErrViewEntity, err) } if dbGroup.Status == group.Status { return groups.Group{}, errors.ErrStatusAlreadyAssigned @@ -704,7 +703,7 @@ func (svc service) changeGroupStatus(ctx context.Context, token string, group gr func (svc service) identify(ctx context.Context, token string) (*magistrala.IdentityRes, error) { res, err := svc.auth.Identify(ctx, &magistrala.IdentityReq{Token: token}) if err != nil { - return nil, err + return nil, errors.Wrap(svcerr.ErrAuthentication, err) } if res.GetId() == "" || res.GetDomainId() == "" { return nil, svcerr.ErrDomainAuthorization diff --git a/pkg/errors/service/types.go b/pkg/errors/service/types.go index 28071fb3a5..e7d04936dd 100644 --- a/pkg/errors/service/types.go +++ b/pkg/errors/service/types.go @@ -61,6 +61,9 @@ var ( // ErrDeletePolicies indicates failed to delete policies. ErrDeletePolicies = errors.New("failed to delete policies") + // ErrIssueToken indicates a failure to issue token. + ErrIssueToken = errors.New("failed to issue token") + // ErrPasswordFormat indicates weak password. ErrPasswordFormat = errors.New("password does not meet the requirements") diff --git a/pkg/sdk/go/channels_test.go b/pkg/sdk/go/channels_test.go index 4dba870a8a..f0742b3964 100644 --- a/pkg/sdk/go/channels_test.go +++ b/pkg/sdk/go/channels_test.go @@ -110,7 +110,7 @@ func TestCreateChannel(t *testing.T) { Status: mgclients.EnabledStatus.String(), }, token: token, - err: errors.NewSDKErrorWithStatus(repoerr.ErrCreateEntity, http.StatusUnprocessableEntity), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrCreateEntity, svcerr.ErrCreateEntity), http.StatusUnprocessableEntity), }, { desc: "create channel with missing name", @@ -203,7 +203,7 @@ func TestListChannels(t *testing.T) { token: invalidToken, offset: offset, limit: limit, - err: errors.NewSDKErrorWithStatus(svcerr.ErrAuthentication, http.StatusUnauthorized), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrAuthentication, svcerr.ErrAuthentication), http.StatusUnauthorized), response: nil, }, { @@ -616,7 +616,7 @@ func TestListChannelsByThing(t *testing.T) { clientID: testsutil.GenerateUUID(t), page: sdk.PageMetadata{}, response: []sdk.Channel(nil), - err: errors.NewSDKErrorWithStatus(svcerr.ErrAuthentication, http.StatusUnauthorized), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrAuthentication, svcerr.ErrAuthentication), http.StatusUnauthorized), }, } @@ -659,7 +659,7 @@ func TestEnableChannel(t *testing.T) { repoCall1 := grepo.On("RetrieveByID", mock.Anything, mock.Anything).Return(mggroups.Group{}, repoerr.ErrNotFound) repoCall2 := grepo.On("ChangeStatus", mock.Anything, mock.Anything).Return(nil) _, err := mgsdk.EnableChannel("wrongID", validToken) - assert.Equal(t, errors.NewSDKErrorWithStatus(svcerr.ErrNotFound, http.StatusNotFound), err, fmt.Sprintf("Enable channel with wrong id: expected %v got %v", svcerr.ErrNotFound, err)) + assert.Equal(t, errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrNotFound), http.StatusNotFound), err, fmt.Sprintf("Enable channel with wrong id: expected %v got %v", svcerr.ErrNotFound, err)) ok := repoCall1.Parent.AssertCalled(t, "RetrieveByID", mock.Anything, "wrongID") assert.True(t, ok, "RetrieveByID was not called on enabling channel") repoCall.Unset() @@ -711,7 +711,7 @@ func TestDisableChannel(t *testing.T) { repoCall1 := grepo.On("ChangeStatus", mock.Anything, mock.Anything).Return(nil) repoCall2 := grepo.On("RetrieveByID", mock.Anything, mock.Anything).Return(mggroups.Group{}, repoerr.ErrNotFound) _, err := mgsdk.DisableChannel("wrongID", validToken) - assert.Equal(t, err, errors.NewSDKErrorWithStatus(svcerr.ErrNotFound, http.StatusNotFound), fmt.Sprintf("Disable channel with wrong id: expected %v got %v", svcerr.ErrNotFound, err)) + assert.Equal(t, err, errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrNotFound), http.StatusNotFound), fmt.Sprintf("Disable channel with wrong id: expected %v got %v", svcerr.ErrNotFound, err)) ok := repoCall1.Parent.AssertCalled(t, "RetrieveByID", mock.Anything, "wrongID") assert.True(t, ok, "Memberships was not called on disabling channel with wrong id") repoCall.Unset() diff --git a/pkg/sdk/go/groups_test.go b/pkg/sdk/go/groups_test.go index 459fe826ef..a07993a1c8 100644 --- a/pkg/sdk/go/groups_test.go +++ b/pkg/sdk/go/groups_test.go @@ -98,7 +98,7 @@ func TestCreateGroup(t *testing.T) { ParentID: wrongID, Status: clients.EnabledStatus.String(), }, - err: errors.NewSDKErrorWithStatus(svcerr.ErrCreateEntity, http.StatusUnprocessableEntity), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrCreateEntity, svcerr.ErrCreateEntity), http.StatusUnprocessableEntity), }, { desc: "create group with missing name", @@ -203,7 +203,7 @@ func TestListGroups(t *testing.T) { token: invalidToken, offset: offset, limit: limit, - err: errors.NewSDKErrorWithStatus(svcerr.ErrAuthentication, http.StatusUnauthorized), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrAuthentication, svcerr.ErrAuthentication), http.StatusUnauthorized), response: nil, }, { @@ -333,7 +333,7 @@ func TestListParentGroups(t *testing.T) { token: invalidToken, offset: offset, limit: limit, - err: errors.NewSDKErrorWithStatus(svcerr.ErrAuthentication, http.StatusUnauthorized), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrAuthentication, svcerr.ErrAuthentication), http.StatusUnauthorized), response: nil, }, { @@ -464,7 +464,7 @@ func TestListChildrenGroups(t *testing.T) { token: invalidToken, offset: offset, limit: limit, - err: errors.NewSDKErrorWithStatus(svcerr.ErrAuthentication, http.StatusUnauthorized), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrAuthentication, svcerr.ErrAuthentication), http.StatusUnauthorized), response: nil, }, { @@ -796,7 +796,7 @@ func TestEnableGroup(t *testing.T) { repoCall1 := grepo.On("RetrieveByID", mock.Anything, mock.Anything).Return(mggroups.Group{}, repoerr.ErrNotFound) repoCall2 := grepo.On("ChangeStatus", mock.Anything, mock.Anything).Return(nil) _, err := mgsdk.EnableGroup("wrongID", validToken) - assert.Equal(t, err, errors.NewSDKErrorWithStatus(svcerr.ErrNotFound, http.StatusNotFound), fmt.Sprintf("Enable group with wrong id: expected %v got %v", svcerr.ErrNotFound, err)) + assert.Equal(t, err, errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrNotFound), http.StatusNotFound), fmt.Sprintf("Enable group with wrong id: expected %v got %v", svcerr.ErrNotFound, err)) ok := repoCall1.Parent.AssertCalled(t, "RetrieveByID", mock.Anything, "wrongID") assert.True(t, ok, "RetrieveByID was not called on enabling group") repoCall.Unset() @@ -849,7 +849,7 @@ func TestDisableGroup(t *testing.T) { repoCall1 := grepo.On("ChangeStatus", mock.Anything, mock.Anything).Return(nil) repoCall2 := grepo.On("RetrieveByID", mock.Anything, mock.Anything).Return(mggroups.Group{}, repoerr.ErrNotFound) _, err := mgsdk.DisableGroup("wrongID", validToken) - assert.Equal(t, err, errors.NewSDKErrorWithStatus(svcerr.ErrNotFound, http.StatusNotFound), fmt.Sprintf("Disable group with wrong id: expected %v got %v", svcerr.ErrNotFound, err)) + assert.Equal(t, err, errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrNotFound), http.StatusNotFound), fmt.Sprintf("Disable group with wrong id: expected %v got %v", svcerr.ErrNotFound, err)) ok := repoCall1.Parent.AssertCalled(t, "RetrieveByID", mock.Anything, "wrongID") assert.True(t, ok, "Memberships was not called on disabling group with wrong id") repoCall.Unset() diff --git a/pkg/sdk/go/things_test.go b/pkg/sdk/go/things_test.go index 8c8e8f795d..ac463662ac 100644 --- a/pkg/sdk/go/things_test.go +++ b/pkg/sdk/go/things_test.go @@ -581,7 +581,7 @@ func TestListThingsByChannel(t *testing.T) { channelID: wrongID, page: sdk.PageMetadata{}, response: []sdk.Thing(nil), - err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrNotFound, svcerr.ErrNotFound), http.StatusNotFound), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrViewEntity), http.StatusUnprocessableEntity), }, } diff --git a/pkg/sdk/go/tokens_test.go b/pkg/sdk/go/tokens_test.go index ad5f07a957..be448f08c6 100644 --- a/pkg/sdk/go/tokens_test.go +++ b/pkg/sdk/go/tokens_test.go @@ -11,7 +11,7 @@ import ( "github.com/absmach/magistrala" "github.com/absmach/magistrala/internal/apiutil" "github.com/absmach/magistrala/pkg/errors" - repoerr "github.com/absmach/magistrala/pkg/errors/repository" + svcerr "github.com/absmach/magistrala/pkg/errors/service" sdk "github.com/absmach/magistrala/pkg/sdk/go" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" @@ -69,7 +69,7 @@ func TestIssueToken(t *testing.T) { login: sdk.Login{Identity: "invalid", Secret: "secret"}, token: &magistrala.Token{}, dbClient: wrongClient, - err: errors.NewSDKErrorWithStatus(errors.Wrap(repoerr.ErrNotFound, repoerr.ErrNotFound), http.StatusNotFound), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrViewEntity), http.StatusUnprocessableEntity), }, } for _, tc := range cases { diff --git a/pkg/sdk/go/users_test.go b/pkg/sdk/go/users_test.go index a591eeb091..0ced676c82 100644 --- a/pkg/sdk/go/users_test.go +++ b/pkg/sdk/go/users_test.go @@ -257,7 +257,7 @@ func TestListClients(t *testing.T) { token: invalidToken, offset: offset, limit: limit, - err: errors.NewSDKErrorWithStatus(errors.Wrap(repoerr.ErrNotFound, repoerr.ErrNotFound), http.StatusNotFound), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrViewEntity), http.StatusUnprocessableEntity), response: nil, }, { @@ -265,7 +265,7 @@ func TestListClients(t *testing.T) { token: "", offset: offset, limit: limit, - err: errors.NewSDKErrorWithStatus(errors.Wrap(repoerr.ErrNotFound, repoerr.ErrNotFound), http.StatusNotFound), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrViewEntity), http.StatusUnprocessableEntity), response: nil, }, { @@ -273,7 +273,7 @@ func TestListClients(t *testing.T) { token: token, offset: offset, limit: 0, - err: errors.NewSDKErrorWithStatus(errors.Wrap(repoerr.ErrNotFound, repoerr.ErrNotFound), http.StatusNotFound), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrViewEntity), http.StatusUnprocessableEntity), response: nil, }, { @@ -411,7 +411,7 @@ func TestClient(t *testing.T) { response: sdk.User{}, token: validToken, clientID: wrongID, - err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrNotFound, svcerr.ErrNotFound), http.StatusNotFound), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, svcerr.ErrViewEntity), http.StatusUnprocessableEntity), }, { desc: "view client with an invalid token and invalid client id", @@ -821,7 +821,7 @@ func TestUpdateClientSecret(t *testing.T) { token: validToken, response: sdk.User{}, repoErr: apiutil.ErrMissingSecret, - err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrNotFound, repoerr.ErrMissingSecret), http.StatusBadRequest), + err: errors.NewSDKErrorWithStatus(errors.Wrap(svcerr.ErrViewEntity, repoerr.ErrMissingSecret), http.StatusBadRequest), }, } diff --git a/things/service.go b/things/service.go index 853e2d0e66..e94a7b876a 100644 --- a/things/service.go +++ b/things/service.go @@ -202,7 +202,7 @@ func (svc service) ListClients(ctx context.Context, token, reqUserID string, pm tp, err := svc.clients.RetrieveAllByIDs(ctx, pm) if err != nil { - return mgclients.ClientsPage{}, err + return mgclients.ClientsPage{}, errors.Wrap(svcerr.ErrViewEntity, err) } if pm.ListPerms && len(tp.Clients) > 0 { @@ -542,7 +542,7 @@ func (svc service) ListClientsByGroup(ctx context.Context, token, groupID string cp, err := svc.clients.RetrieveAllByIDs(ctx, pm) if err != nil { - return mgclients.MembersPage{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.MembersPage{}, errors.Wrap(svcerr.ErrViewEntity, err) } if pm.ListPerms && len(cp.Clients) > 0 { diff --git a/users/service.go b/users/service.go index 7bae9278fa..28473044d4 100644 --- a/users/service.go +++ b/users/service.go @@ -19,17 +19,6 @@ import ( "golang.org/x/sync/errgroup" ) -var ( - // ErrAddPolicies indictaed a failre to add policies. - errAddPolicies = errors.New("failed to add policies") - - // ErrIssueToken indicates a failure to issue token. - ErrIssueToken = errors.New("failed to issue token") - - // errDeletePolicies indictaed a failre to add policies. - errDeletePolicies = errors.New("failed to delete policies") -) - type service struct { clients postgres.Repository idProvider magistrala.IDProvider @@ -90,7 +79,7 @@ func (svc service) RegisterClient(ctx context.Context, token string, cli mgclien defer func() { if err != nil { if errRollback := svc.addClientPolicyRollback(ctx, cli.ID, cli.Role); errRollback != nil { - err = errors.Wrap(err, errors.Wrap(repoerr.ErrRollbackTx, errRollback)) + err = errors.Wrap(errors.Wrap(repoerr.ErrRollbackTx, errRollback), err) } } }() @@ -104,7 +93,7 @@ func (svc service) RegisterClient(ctx context.Context, token string, cli mgclien func (svc service) IssueToken(ctx context.Context, identity, secret, domainID string) (*magistrala.Token, error) { dbUser, err := svc.clients.RetrieveByIdentity(ctx, identity) if err != nil { - return &magistrala.Token{}, errors.Wrap(repoerr.ErrNotFound, err) + return &magistrala.Token{}, errors.Wrap(svcerr.ErrViewEntity, err) } if err := svc.hasher.Compare(secret, dbUser.Credentials.Secret); err != nil { return &magistrala.Token{}, errors.Wrap(svcerr.ErrLogin, err) @@ -139,7 +128,7 @@ func (svc service) ViewClient(ctx context.Context, token, id string) (mgclients. client, err := svc.clients.RetrieveByID(ctx, id) if err != nil { - return mgclients.Client{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrViewEntity, err) } client.Credentials.Secret = "" @@ -153,7 +142,7 @@ func (svc service) ViewProfile(ctx context.Context, token string) (mgclients.Cli } client, err := svc.clients.RetrieveByID(ctx, id) if err != nil { - return mgclients.Client{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrViewEntity, err) } client.Credentials.Secret = "" @@ -168,7 +157,7 @@ func (svc service) ListClients(ctx context.Context, token string, pm mgclients.P if err := svc.checkSuperAdmin(ctx, userID); err == nil { pg, err := svc.clients.RetrieveAll(ctx, pm) if err != nil { - return mgclients.ClientsPage{}, errors.Wrap(svcerr.ErrNotFound, err) + return mgclients.ClientsPage{}, errors.Wrap(svcerr.ErrViewEntity, err) } return pg, err } @@ -183,7 +172,7 @@ func (svc service) ListClients(ctx context.Context, token string, pm mgclients.P } pg, err := svc.clients.RetrieveAll(ctx, p) if err != nil { - return mgclients.ClientsPage{}, errors.Wrap(svcerr.ErrNotFound, err) + return mgclients.ClientsPage{}, errors.Wrap(svcerr.ErrViewEntity, err) } return pg, nil } @@ -292,7 +281,7 @@ func (svc service) ResetSecret(ctx context.Context, resetToken, secret string) e } c, err := svc.clients.RetrieveByID(ctx, id) if err != nil { - return errors.Wrap(repoerr.ErrNotFound, err) + return errors.Wrap(svcerr.ErrViewEntity, err) } if c.Credentials.Identity == "" { return repoerr.ErrNotFound @@ -322,10 +311,10 @@ func (svc service) UpdateClientSecret(ctx context.Context, token, oldSecret, new } dbClient, err := svc.clients.RetrieveByID(ctx, id) if err != nil { - return mgclients.Client{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrViewEntity, err) } if _, err := svc.IssueToken(ctx, dbClient.Credentials.Identity, oldSecret, ""); err != nil { - return mgclients.Client{}, errors.Wrap(ErrIssueToken, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrIssueToken, err) } newSecret, err = svc.hasher.Hash(newSecret) if err != nil { @@ -416,7 +405,7 @@ func (svc service) changeClientStatus(ctx context.Context, token string, client } dbClient, err := svc.clients.RetrieveByID(ctx, client.ID) if err != nil { - return mgclients.Client{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.Client{}, errors.Wrap(svcerr.ErrNotFound, err) } if dbClient.Status == client.Status { return mgclients.Client{}, errors.ErrStatusAlreadyAssigned @@ -461,7 +450,7 @@ func (svc service) ListMembers(ctx context.Context, token, objectKind, objectID ObjectType: objectType, }) if err != nil { - return mgclients.MembersPage{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.MembersPage{}, errors.Wrap(svcerr.ErrNotFound, err) } if len(duids.Policies) == 0 { return mgclients.MembersPage{ @@ -479,7 +468,7 @@ func (svc service) ListMembers(ctx context.Context, token, objectKind, objectID cp, err := svc.clients.RetrieveAll(ctx, pm) if err != nil { - return mgclients.MembersPage{}, errors.Wrap(repoerr.ErrNotFound, err) + return mgclients.MembersPage{}, errors.Wrap(svcerr.ErrViewEntity, err) } if pm.ListPerms && len(cp.Clients) > 0 { @@ -629,7 +618,7 @@ func (svc service) addClientPolicy(ctx context.Context, userID string, role mgcl } resp, err := svc.auth.AddPolicies(ctx, &policies) if err != nil { - return err + return errors.Wrap(svcerr.ErrAddPolicies, err) } if !resp.Added { return svcerr.ErrAuthorization @@ -659,7 +648,7 @@ func (svc service) addClientPolicyRollback(ctx context.Context, userID string, r } resp, err := svc.auth.DeletePolicies(ctx, &policies) if err != nil { - return err + return errors.Wrap(svcerr.ErrDeletePolicies, err) } if !resp.Deleted { return svcerr.ErrAuthorization @@ -678,10 +667,10 @@ func (svc service) updateClientPolicy(ctx context.Context, userID string, role m Object: auth.MagistralaObject, }) if err != nil { - return errors.Wrap(errAddPolicies, err) + return errors.Wrap(svcerr.ErrAddPolicies, err) } if !resp.Added { - return errors.Wrap(svcerr.ErrAuthorization, err) + return svcerr.ErrAuthorization } return nil case mgclients.UserRole: @@ -695,10 +684,10 @@ func (svc service) updateClientPolicy(ctx context.Context, userID string, role m Object: auth.MagistralaObject, }) if err != nil { - return errors.Wrap(errDeletePolicies, err) + return errors.Wrap(svcerr.ErrDeletePolicies, err) } if !resp.Deleted { - return errors.Wrap(errDeletePolicies, err) + return svcerr.ErrAuthorization } return nil } diff --git a/users/service_test.go b/users/service_test.go index 5750e592d5..d9638810e6 100644 --- a/users/service_test.go +++ b/users/service_test.go @@ -40,13 +40,11 @@ var ( Metadata: validCMetadata, Status: mgclients.EnabledStatus, } - validToken = "token" - inValidToken = "invalid" - validID = "d4ebb847-5d0e-4e46-bdd9-b6aceaaa3a22" - wrongID = testsutil.GenerateUUID(&testing.T{}) - errHashPassword = errors.New("generate hash from password failed") - errAddPolicies = errors.New("failed to add policies") - errDeletePolicies = errors.New("failed to delete policies") + validToken = "token" + inValidToken = "invalid" + validID = "d4ebb847-5d0e-4e46-bdd9-b6aceaaa3a22" + wrongID = testsutil.GenerateUUID(&testing.T{}) + errHashPassword = errors.New("generate hash from password failed") ) func newService(selfRegister bool) (users.Service, *mocks.Repository, *authmocks.AuthClient, users.Emailer) { @@ -225,8 +223,8 @@ func TestRegisterClient(t *testing.T) { Role: mgclients.AdminRole, }, addPoliciesResponse: &magistrala.AddPoliciesRes{Added: true}, - addPoliciesResponseErr: errAddPolicies, - err: errAddPolicies, + addPoliciesResponseErr: svcerr.ErrAddPolicies, + err: svcerr.ErrAddPolicies, }, { desc: "register a new client with failed to delete policies with err", @@ -240,9 +238,9 @@ func TestRegisterClient(t *testing.T) { }, addPoliciesResponse: &magistrala.AddPoliciesRes{Added: true}, deletePoliciesResponse: &magistrala.DeletePoliciesRes{Deleted: false}, - deletePoliciesResponseErr: errDeletePolicies, + deletePoliciesResponseErr: svcerr.ErrConflict, saveErr: repoerr.ErrConflict, - err: errDeletePolicies, + err: svcerr.ErrConflict, }, { desc: "register a new client with failed to delete policies with failed to delete", @@ -257,7 +255,7 @@ func TestRegisterClient(t *testing.T) { addPoliciesResponse: &magistrala.AddPoliciesRes{Added: true}, deletePoliciesResponse: &magistrala.DeletePoliciesRes{Deleted: false}, saveErr: repoerr.ErrConflict, - err: svcerr.ErrAuthorization, + err: svcerr.ErrConflict, }, } @@ -1034,7 +1032,7 @@ func TestUpdateClientRole(t *testing.T) { addPolicyResponse: &magistrala.AddPolicyRes{}, addPolicyErr: errors.ErrMalformedEntity, token: validToken, - err: errAddPolicies, + err: svcerr.ErrAddPolicies, }, { desc: "update client role to user role successfully ", @@ -1053,7 +1051,7 @@ func TestUpdateClientRole(t *testing.T) { deletePolicyResponse: &magistrala.DeletePolicyRes{Deleted: false}, updateRoleResponse: mgclients.Client{}, token: validToken, - err: errDeletePolicies, + err: svcerr.ErrFailedPolicyUpdate, }, { desc: "update client role to user role with failed to delete policy with error", @@ -1063,7 +1061,7 @@ func TestUpdateClientRole(t *testing.T) { updateRoleResponse: mgclients.Client{}, token: validToken, deletePolicyErr: svcerr.ErrMalformedEntity, - err: errDeletePolicies, + err: svcerr.ErrDeletePolicies, }, { desc: "Update client with failed repo update and roll back",