Rework APIs to use Go error

Author: ppebb

api/ban.go

@@ -15,18 +15,17 @@ import (
 
 func HandleBan(w http.ResponseWriter, r *http.Request) {
 	var user *database.User
-	var success bool
-	var err string
 	var statusCode int
+	var err error
 
 	if r.Method == http.MethodPost {
-		user, success, err, statusCode = handleBanImpl(r)
+		user, statusCode, err = handleBanImpl(r)
 	} else if r.Method == http.MethodOptions {
 		statusCode = http.StatusNoContent
 		w.Header().Set("Access-Control-Allow-Methods", "POST")
 		w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
 	} else {
-		err = "Incorrect request. POST only."
+		err = ErrPostOnly
 		statusCode = http.StatusMethodNotAllowed
 		w.Header().Set("Allow", "POST")
 	}
@@ -41,7 +40,7 @@ func HandleBan(w http.ResponseWriter, r *http.Request) {
 
 	if statusCode != http.StatusNoContent {
 		w.Header().Set("Content-Type", "application/json")
-		jsonData, _ = json.Marshal(UserActionResponse{*user, success, err})
+		jsonData, _ = json.Marshal(UserActionResponse{*user, err == nil, resolveError(err)})
 	}
 
 	w.Header().Set("Content-Length", strconv.Itoa(len(jsonData)))
@@ -61,30 +60,30 @@ type BanRequestSpec struct {
 	Moderator    string `json:"moderator"`
 }
 
-func handleBanImpl(r *http.Request) (*database.User, bool, string, int) {
+func handleBanImpl(r *http.Request) (*database.User, int, error) {
 	// TODO: Actual authentication rather than a fixed secret
 
 	body, err := io.ReadAll(r.Body)
 	if err != nil {
-		return nil, false, "Unable to read request body", http.StatusBadRequest
+		return nil, http.StatusBadRequest, ErrRequestBody
 	}
 
 	var req BanRequestSpec
 	err = json.Unmarshal(body, &req)
 	if err != nil {
-		return nil, false, err.Error(), http.StatusBadRequest
+		return nil, http.StatusBadRequest, err
 	}
 
 	if apiSecret == "" || req.Secret != apiSecret {
-		return nil, false, "Invalid API secret in request", http.StatusUnauthorized
+		return nil, http.StatusUnauthorized, ErrInvalidSecret
 	}
 
 	if req.ProfileID == 0 {
-		return nil, false, "Profile ID missing or 0 in request", http.StatusBadRequest
+		return nil, http.StatusBadRequest, ErrPIDMissing
 	}
 
 	if req.Reason == "" {
-		return nil, false, "Missing ban reason in request", http.StatusBadRequest
+		return nil, http.StatusBadRequest, ErrReason
 	}
 
 	moderator := req.Moderator
@@ -94,27 +93,24 @@ func handleBanImpl(r *http.Request) (*database.User, bool, string, int) {
 
 	minutes := req.Days*24*60 + req.Hours*60 + req.Minutes
 	if minutes == 0 {
-		return nil, false, "Ban length missing or 0", http.StatusBadRequest
+		return nil, http.StatusBadRequest, ErrLength
 	}
 
 	length := time.Duration(minutes) * time.Minute
 
 	logging.Notice("API:"+moderator, "Ban profile:", aurora.Cyan(req.ProfileID), "TOS:", aurora.Cyan(req.Tos), "Length:", aurora.Cyan(length), "Reason:", aurora.BrightCyan(req.Reason), "Reason (Hidden):", aurora.BrightCyan(req.ReasonHidden))
 
 	if !database.BanUser(pool, ctx, req.ProfileID, req.Tos, length, req.Reason, req.ReasonHidden, moderator) {
-		return nil, false, "Failed to ban user", http.StatusInternalServerError
+		return nil, http.StatusInternalServerError, ErrTransaction
 	}
 
 	gpcm.KickPlayerCustomMessage(req.ProfileID, req.Reason, gpcm.WWFCMsgProfileRestrictedCustom)
 
-	var message string
 	user, success := database.GetProfile(pool, ctx, req.ProfileID)
 
-	if success {
-		message = ""
-	} else {
-		message = "Unable to query user data from the database"
+	if !success {
+		return nil, http.StatusInternalServerError, ErrUserQueryTransaction
 	}
 
-	return &user, success, message, http.StatusOK
+	return &user, http.StatusOK, nil
 }

api/clear.go

@@ -10,18 +10,17 @@ import (
 
 func HandleClear(w http.ResponseWriter, r *http.Request) {
 	var user *database.User
-	var success bool
-	var err string
 	var statusCode int
+	var err error
 
 	if r.Method == http.MethodPost {
-		user, success, err, statusCode = handleClearImpl(r)
+		user, statusCode, err = handleClearImpl(r)
 	} else if r.Method == http.MethodOptions {
 		statusCode = http.StatusNoContent
 		w.Header().Set("Access-Control-Allow-Methods", "POST")
 		w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
 	} else {
-		err = "Incorrect request. POST only."
+		err = ErrPostOnly
 		statusCode = http.StatusMethodNotAllowed
 		w.Header().Set("Allow", "POST")
 	}
@@ -36,7 +35,7 @@ func HandleClear(w http.ResponseWriter, r *http.Request) {
 
 	if statusCode != http.StatusNoContent {
 		w.Header().Set("Content-Type", "application/json")
-		jsonData, _ = json.Marshal(UserActionResponse{*user, success, err})
+		jsonData, _ = json.Marshal(UserActionResponse{*user, err == nil, resolveError(err)})
 	}
 
 	w.Header().Set("Content-Length", strconv.Itoa(len(jsonData)))
@@ -49,30 +48,29 @@ type ClearRequestSpec struct {
 	ProfileID uint32 `json:"pid"`
 }
 
-func handleClearImpl(r *http.Request) (*database.User, bool, string, int) {
+func handleClearImpl(r *http.Request) (*database.User, int, error) {
 	// TODO: Actual authentication rather than a fixed secret
 
 	body, err := io.ReadAll(r.Body)
 	if err != nil {
-		return nil, false, "Unable to read request body", http.StatusBadRequest
+		return nil, http.StatusBadRequest, ErrRequestBody
 	}
 
 	var req ClearRequestSpec
 	err = json.Unmarshal(body, &req)
 	if err != nil {
-		return nil, false, err.Error(), http.StatusBadRequest
+		return nil, http.StatusBadRequest, err
 	}
 
 	if apiSecret == "" || req.Secret != apiSecret {
-		return nil, false, "Invalid API secret in request", http.StatusUnauthorized
+		return nil, http.StatusUnauthorized, ErrInvalidSecret
 	}
 
 	user, success := database.ClearProfile(pool, ctx, req.ProfileID)
 
 	if !success {
-		return nil, false, "Unable to query user data from the database", http.StatusInternalServerError
+		return nil, http.StatusInternalServerError, ErrTransaction
 	}
 
-	// Don't return empty JSON, this is placeholder for now.
-	return &user, true, "", http.StatusOK
+	return &user, http.StatusOK, nil
 }

api/common.go

@@ -0,0 +1,34 @@
+package api
+
+import (
+	"errors"
+	"wwfc/database"
+)
+
+var (
+	ErrPostOnly             = errors.New("Incorrect request. POST only.")
+	ErrGetOnly              = errors.New("Incorrect request. GET only.")
+	ErrPostGetOnly          = errors.New("Incorrect request. POST and GET only.")
+	ErrRequestBody          = errors.New("Unable to read request body")
+	ErrInvalidSecret        = errors.New("Invalid API secret in request")
+	ErrPIDMissing           = errors.New("Profile ID missing or 0 in request")
+	ErrReason               = errors.New("Missing reason in request")
+	ErrLength               = errors.New("Ban length missing or 0")
+	ErrTransaction          = errors.New("Failed to complete database transaction")
+	ErrUserQuery            = errors.New("Failed to find user in the database")
+	ErrUserQueryTransaction = errors.New("Failed to find user in the database, but the intended transaction may have gone through")
+)
+
+func resolveError(err error) string {
+	if err != nil {
+		return err.Error()
+	}
+
+	return ""
+}
+
+type UserActionResponse struct {
+	User    database.User
+	Success bool
+	Error   string
+}

api/get_hash.go

@@ -10,18 +10,17 @@ import (
 
 func HandleGetHash(w http.ResponseWriter, r *http.Request) {
 	var store database.HashStore
-	var success bool
-	var err string
 	var statusCode int
+	var err error
 
 	if r.Method == http.MethodPost {
-		store, success, err, statusCode = handleGetHashImpl(r)
+		store, statusCode, err = handleGetHashImpl(r)
 	} else if r.Method == http.MethodOptions {
 		statusCode = http.StatusNoContent
 		w.Header().Set("Access-Control-Allow-Methods", "POST")
 		w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
 	} else {
-		err = "Incorrect request. POST only."
+		err = ErrPostOnly
 		statusCode = http.StatusMethodNotAllowed
 		w.Header().Set("Allow", "POST")
 	}
@@ -32,7 +31,7 @@ func HandleGetHash(w http.ResponseWriter, r *http.Request) {
 
 	if statusCode != http.StatusNoContent {
 		w.Header().Set("Content-Type", "application/json")
-		jsonData, _ = json.Marshal(GetHashResponse{success, err, store})
+		jsonData, _ = json.Marshal(GetHashResponse{err == nil, resolveError(err), store})
 	}
 
 	w.Header().Set("Content-Length", strconv.Itoa(len(jsonData)))
@@ -50,23 +49,21 @@ type GetHashResponse struct {
 	Hashes  database.HashStore
 }
 
-func handleGetHashImpl(r *http.Request) (database.HashStore, bool, string, int) {
-	ret := database.HashStore{}
-
+func handleGetHashImpl(r *http.Request) (database.HashStore, int, error) {
 	body, err := io.ReadAll(r.Body)
 	if err != nil {
-		return ret, false, "Unable to read request body", http.StatusBadRequest
+		return nil, http.StatusBadRequest, ErrRequestBody
 	}
 
 	var req GetHashRequestSpec
 	err = json.Unmarshal(body, &req)
 	if err != nil {
-		return ret, false, err.Error(), http.StatusBadRequest
+		return nil, http.StatusBadRequest, err
 	}
 
 	if apiSecret == "" || req.Secret != apiSecret {
-		return nil, false, "Invalid API secret in request", http.StatusUnauthorized
+		return nil, http.StatusUnauthorized, ErrInvalidSecret
 	}
 
-	return database.GetHashes(), true, "", http.StatusOK
+	return database.GetHashes(), http.StatusOK, nil
 }

api/kick.go

@@ -11,18 +11,17 @@ import (
 
 func HandleKick(w http.ResponseWriter, r *http.Request) {
 	var user *database.User
-	var success bool
-	var err string
 	var statusCode int
+	var err error
 
 	if r.Method == http.MethodPost {
-		user, success, err, statusCode = handleKickImpl(r)
+		user, statusCode, err = handleKickImpl(r)
 	} else if r.Method == http.MethodOptions {
 		statusCode = http.StatusNoContent
 		w.Header().Set("Access-Control-Allow-Methods", "POST")
 		w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
 	} else {
-		err = "Incorrect request. POST only."
+		err = ErrPostOnly
 		statusCode = http.StatusMethodNotAllowed
 		w.Header().Set("Allow", "POST")
 	}
@@ -37,7 +36,7 @@ func HandleKick(w http.ResponseWriter, r *http.Request) {
 
 	if statusCode != http.StatusNoContent {
 		w.Header().Set("Content-Type", "application/json")
-		jsonData, _ = json.Marshal(UserActionResponse{*user, success, err})
+		jsonData, _ = json.Marshal(UserActionResponse{*user, err == nil, resolveError(err)})
 	}
 
 	w.Header().Set("Content-Length", strconv.Itoa(len(jsonData)))
@@ -51,42 +50,39 @@ type KickRequestSpec struct {
 	ProfileID uint32 `json:"pid"`
 }
 
-func handleKickImpl(r *http.Request) (*database.User, bool, string, int) {
+func handleKickImpl(r *http.Request) (*database.User, int, error) {
 	// TODO: Actual authentication rather than a fixed secret
 
 	body, err := io.ReadAll(r.Body)
 	if err != nil {
-		return nil, false, "Unable to read request body", http.StatusBadRequest
+		return nil, http.StatusBadRequest, ErrRequestBody
 	}
 
 	var req KickRequestSpec
 	err = json.Unmarshal(body, &req)
 	if err != nil {
-		return nil, false, err.Error(), http.StatusBadRequest
+		return nil, http.StatusBadRequest, err
 	}
 
 	if apiSecret == "" || req.Secret != apiSecret {
-		return nil, false, "Invalid API secret in request", http.StatusUnauthorized
+		return nil, http.StatusUnauthorized, ErrInvalidSecret
 	}
 
 	if req.ProfileID == 0 {
-		return nil, false, "Profile ID missing or 0 in request", http.StatusBadRequest
+		return nil, http.StatusBadRequest, ErrPIDMissing
 	}
 
 	if req.Reason == "" {
-		return nil, false, "Missing kick reason in request", http.StatusBadRequest
+		return nil, http.StatusBadRequest, ErrReason
 	}
 
 	gpcm.KickPlayerCustomMessage(req.ProfileID, req.Reason, gpcm.WWFCMsgKickedCustom)
 
-	var message string
 	user, success := database.GetProfile(pool, ctx, req.ProfileID)
 
-	if success {
-		message = ""
-	} else {
-		message = "Unable to query user data from the database"
+	if !success {
+		return nil, http.StatusInternalServerError, ErrUserQueryTransaction
 	}
 
-	return &user, success, message, http.StatusOK
+	return &user, http.StatusOK, nil
 }