IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

update to use AppError.Where() to differentiate errors (#24379)

Browse Source 
Co-authored-by: Mattermost Build <build@mattermost.com>
This commit is contained in:
Scott Bishel 2023-09-08 08:17:58 -06:00 committed by GitHub
parent 2d1848bf14
commit 15faf4a69c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/channels/api4/bot.go
View File

@ -135,13 +135,13 @@ func getBot(c *Context, w http.ResponseWriter, r *http.Request) {
// Pretend like the bot doesn't exist at all to avoid revealing that the // Pretend like the bot doesn't exist at all to avoid revealing that the
// user is a bot. It's kind of silly in this case, sine we created the bot, // user is a bot. It's kind of silly in this case, sine we created the bot,
// but we don't have read bot permissions. // but we don't have read bot permissions.
c.Err = model.MakeBotNotFoundError(botUserId) c.Err = model.MakeBotNotFoundError("permissions", botUserId)
return return
} }
} else { } else {
// Pretend like the bot doesn't exist at all, to avoid revealing that the // Pretend like the bot doesn't exist at all, to avoid revealing that the
// user is a bot. // user is a bot.
c.Err = model.MakeBotNotFoundError(botUserId) c.Err = model.MakeBotNotFoundError("permissions", botUserId)
return return
} }

6
server/channels/app/authorization.go
View File

@ -263,7 +263,7 @@ func (a *App) SessionHasPermissionToUserOrBot(session model.Session, userID stri
if err == nil { if err == nil {
return true return true
} }
if err.Id == "store.sql_bot.get.missing.app_error" && err.Unwrap() != nil { if err.Id == "store.sql_bot.get.missing.app_error" && err.Where == "SqlBotStore.Get" {
if a.SessionHasPermissionToUser(session, userID) { if a.SessionHasPermissionToUser(session, userID) {
return true return true
} }
@ -385,7 +385,7 @@ func (a *App) SessionHasPermissionToManageBot(session model.Session, botUserId s
if !a.SessionHasPermissionTo(session, model.PermissionReadBots) { if !a.SessionHasPermissionTo(session, model.PermissionReadBots) {
// If the user doesn't have permission to read bots, pretend as if // If the user doesn't have permission to read bots, pretend as if
// the bot doesn't exist at all. // the bot doesn't exist at all.
return model.MakeBotNotFoundError(botUserId) return model.MakeBotNotFoundError("permissions", botUserId)
} }
return a.MakePermissionError(&session, []*model.Permission{model.PermissionManageBots}) return a.MakePermissionError(&session, []*model.Permission{model.PermissionManageBots})
} }
@ -394,7 +394,7 @@ func (a *App) SessionHasPermissionToManageBot(session model.Session, botUserId s
if !a.SessionHasPermissionTo(session, model.PermissionReadOthersBots) { if !a.SessionHasPermissionTo(session, model.PermissionReadOthersBots) {
// If the user doesn't have permission to read others' bots, // If the user doesn't have permission to read others' bots,
// pretend as if the bot doesn't exist at all. // pretend as if the bot doesn't exist at all.
return model.MakeBotNotFoundError(botUserId) return model.MakeBotNotFoundError("permissions", botUserId)
} }
return a.MakePermissionError(&session, []*model.Permission{model.PermissionManageOthersBots}) return a.MakePermissionError(&session, []*model.Permission{model.PermissionManageOthersBots})
} }

12
server/channels/app/bot.go
View File

@ -353,7 +353,7 @@ func (a *App) PatchBot(botUserId string, botPatch *model.BotPatch) (*model.Bot,
var appErr *model.AppError var appErr *model.AppError
switch { switch {
case errors.As(nErr, &nfErr): case errors.As(nErr, &nfErr):
return nil, model.MakeBotNotFoundError(nfErr.ID).Wrap(nErr) return nil, model.MakeBotNotFoundError("SqlBotStore.Get", nfErr.ID).Wrap(nErr)
case errors.As(nErr, &appErr): // in case we haven't converted to plain error. case errors.As(nErr, &appErr): // in case we haven't converted to plain error.
return nil, appErr return nil, appErr
default: // last fallback in case it doesn't map to an existing app error. default: // last fallback in case it doesn't map to an existing app error.
@ -370,7 +370,7 @@ func (a *App) GetBot(botUserId string, includeDeleted bool) (*model.Bot, *model.
var nfErr *store.ErrNotFound var nfErr *store.ErrNotFound
switch { switch {
case errors.As(err, &nfErr): case errors.As(err, &nfErr):
return nil, model.MakeBotNotFoundError(nfErr.ID).Wrap(err) return nil, model.MakeBotNotFoundError("SqlBotStore.Get", nfErr.ID).Wrap(err)
default: // last fallback in case it doesn't map to an existing app error. default: // last fallback in case it doesn't map to an existing app error.
return nil, model.NewAppError("GetBot", "app.bot.getbot.internal_error", nil, "", http.StatusInternalServerError).Wrap(err) return nil, model.NewAppError("GetBot", "app.bot.getbot.internal_error", nil, "", http.StatusInternalServerError).Wrap(err)
} }
@ -409,7 +409,7 @@ func (a *App) UpdateBotActive(c request.CTX, botUserId string, active bool) (*mo
var nfErr *store.ErrNotFound var nfErr *store.ErrNotFound
switch { switch {
case errors.As(nErr, &nfErr): case errors.As(nErr, &nfErr):
return nil, model.MakeBotNotFoundError(nfErr.ID).Wrap(nErr) return nil, model.MakeBotNotFoundError("SqlBotStore.Get", nfErr.ID).Wrap(nErr)
default: // last fallback in case it doesn't map to an existing app error. default: // last fallback in case it doesn't map to an existing app error.
return nil, model.NewAppError("UpdateBotActive", "app.bot.getbot.internal_error", nil, "", http.StatusInternalServerError).Wrap(nErr) return nil, model.NewAppError("UpdateBotActive", "app.bot.getbot.internal_error", nil, "", http.StatusInternalServerError).Wrap(nErr)
} }
@ -431,7 +431,7 @@ func (a *App) UpdateBotActive(c request.CTX, botUserId string, active bool) (*mo
var appErr *model.AppError var appErr *model.AppError
switch { switch {
case errors.As(nErr, &nfErr): case errors.As(nErr, &nfErr):
return nil, model.MakeBotNotFoundError(nfErr.ID).Wrap(nErr) return nil, model.MakeBotNotFoundError("SqlBotStore.Get", nfErr.ID).Wrap(nErr)
case errors.As(nErr, &appErr): // in case we haven't converted to plain error. case errors.As(nErr, &appErr): // in case we haven't converted to plain error.
return nil, appErr return nil, appErr
default: // last fallback in case it doesn't map to an existing app error. default: // last fallback in case it doesn't map to an existing app error.
@ -469,7 +469,7 @@ func (a *App) UpdateBotOwner(botUserId, newOwnerId string) (*model.Bot, *model.A
var nfErr *store.ErrNotFound var nfErr *store.ErrNotFound
switch { switch {
case errors.As(err, &nfErr): case errors.As(err, &nfErr):
return nil, model.MakeBotNotFoundError(nfErr.ID).Wrap(err) return nil, model.MakeBotNotFoundError("SqlBotStore.Get", nfErr.ID).Wrap(err)
default: // last fallback in case it doesn't map to an existing app error. default: // last fallback in case it doesn't map to an existing app error.
return nil, model.NewAppError("UpdateBotOwner", "app.bot.getbot.internal_error", nil, "", http.StatusInternalServerError).Wrap(err) return nil, model.NewAppError("UpdateBotOwner", "app.bot.getbot.internal_error", nil, "", http.StatusInternalServerError).Wrap(err)
} }
@ -483,7 +483,7 @@ func (a *App) UpdateBotOwner(botUserId, newOwnerId string) (*model.Bot, *model.A
var appErr *model.AppError var appErr *model.AppError
switch { switch {
case errors.As(err, &nfErr): case errors.As(err, &nfErr):
return nil, model.MakeBotNotFoundError(nfErr.ID).Wrap(err) return nil, model.MakeBotNotFoundError("SqlBotStore.Get", nfErr.ID).Wrap(err)
case errors.As(err, &appErr): // in case we haven't converted to plain error. case errors.As(err, &appErr): // in case we haven't converted to plain error.
return nil, appErr return nil, appErr
default: // last fallback in case it doesn't map to an existing app error. default: // last fallback in case it doesn't map to an existing app error.

4
server/public/model/bot.go
View File

@ -213,8 +213,8 @@ func (l *BotList) Etag() string {
// MakeBotNotFoundError creates the error returned when a bot does not exist, or when the user isn't allowed to query the bot. // MakeBotNotFoundError creates the error returned when a bot does not exist, or when the user isn't allowed to query the bot.
// The errors must the same in both cases to avoid leaking that a user is a bot. // The errors must the same in both cases to avoid leaking that a user is a bot.
func MakeBotNotFoundError(userId string) *AppError { func MakeBotNotFoundError(where, userId string) *AppError {
return NewAppError("SqlBotStore.Get", "store.sql_bot.get.missing.app_error", map[string]any{"user_id": userId}, "", http.StatusNotFound) return NewAppError(where, "store.sql_bot.get.missing.app_error", map[string]any{"user_id": userId}, "", http.StatusNotFound)
} }
func IsBotDMChannel(channel *Channel, botUserID string) bool { func IsBotDMChannel(channel *Channel, botUserID string) bool {