ducky/devices
ducky/devices/apiv1/handlers.go
Update trout to fix routing bug. Update to tip on trout to fix the routing bug that was causing us such issues. See the commit message of trout at 3df515f0cec5 for more details.
| paddy@15 | 1 package apiv1 |
| paddy@15 | 2 |
| paddy@15 | 3 import ( |
| paddy@17 | 4 "fmt" |
| paddy@15 | 5 "log" |
| paddy@15 | 6 "net/http" |
| paddy@15 | 7 |
| paddy@15 | 8 "code.secondbit.org/api.hg" |
| paddy@15 | 9 "code.secondbit.org/ducky/devices.hg" |
| paddy@18 | 10 "code.secondbit.org/trout.hg" |
| paddy@18 | 11 "code.secondbit.org/uuid.hg" |
| paddy@15 | 12 |
| paddy@15 | 13 "golang.org/x/net/context" |
| paddy@15 | 14 ) |
| paddy@15 | 15 |
| paddy@15 | 16 type createRequest struct { |
| paddy@15 | 17 Devices []DeviceChange `json:"devices"` |
| paddy@15 | 18 } |
| paddy@15 | 19 |
| paddy@15 | 20 func handleCreateDevices(ctx context.Context, w http.ResponseWriter, r *http.Request) { |
| paddy@15 | 21 var req createRequest |
| paddy@16 | 22 |
| paddy@16 | 23 userID, err := api.AuthUser(r) |
| paddy@16 | 24 if err != nil { |
| paddy@18 | 25 api.Encode(w, r, http.StatusUnauthorized, Response{Errors: api.AccessDeniedError}) |
| paddy@16 | 26 return |
| paddy@16 | 27 } |
| paddy@16 | 28 |
| paddy@16 | 29 err = api.Decode(r, &req) |
| paddy@15 | 30 if err != nil { |
| paddy@15 | 31 api.Encode(w, r, http.StatusBadRequest, Response{Errors: api.InvalidFormatError}) |
| paddy@15 | 32 return |
| paddy@15 | 33 } |
| paddy@15 | 34 |
| paddy@15 | 35 devicesToCreate := createDevicesFromChanges(req.Devices) |
| paddy@16 | 36 passedScopes := api.GetScopes(r) |
| paddy@17 | 37 for pos, device := range devicesToCreate { |
| paddy@16 | 38 err := validateDeviceCreation(device, passedScopes, userID) |
| paddy@16 | 39 if err == nil { |
| paddy@16 | 40 continue |
| paddy@16 | 41 } |
| paddy@16 | 42 var requestErr api.RequestError |
| paddy@16 | 43 switch err { |
| paddy@16 | 44 case errUnauthorizedLastSeen: |
| paddy@16 | 45 requestErr.Slug = api.RequestErrAccessDenied |
| paddy@17 | 46 requestErr.Field = fmt.Sprintf("devices/%d/lastSeen", pos) |
| paddy@16 | 47 case errUnauthorizedCreated: |
| paddy@16 | 48 requestErr.Slug = api.RequestErrAccessDenied |
| paddy@17 | 49 requestErr.Field = fmt.Sprintf("devices/%d/created", pos) |
| paddy@16 | 50 case errUnauthorizedOwner: |
| paddy@16 | 51 requestErr.Slug = api.RequestErrAccessDenied |
| paddy@17 | 52 requestErr.Field = fmt.Sprintf("devices/%d/owner", pos) |
| paddy@16 | 53 case errInvalidDeviceType: |
| paddy@16 | 54 requestErr.Slug = api.RequestErrInvalidValue |
| paddy@17 | 55 requestErr.Field = fmt.Sprintf("devices/%d/type", pos) |
| paddy@16 | 56 case errDeviceNameTooShort: |
| paddy@17 | 57 if len(device.Name) == 0 { |
| paddy@17 | 58 requestErr.Slug = api.RequestErrMissing |
| paddy@17 | 59 } else { |
| paddy@17 | 60 requestErr.Slug = api.RequestErrInsufficient |
| paddy@17 | 61 } |
| paddy@17 | 62 requestErr.Field = fmt.Sprintf("devices/%d/name", pos) |
| paddy@16 | 63 case errDeviceNameTooLong: |
| paddy@16 | 64 requestErr.Slug = api.RequestErrOverflow |
| paddy@17 | 65 requestErr.Field = fmt.Sprintf("devices/%d/name", pos) |
| paddy@16 | 66 } |
| paddy@16 | 67 if requestErr.Slug != "" { |
| paddy@16 | 68 api.Encode(w, r, http.StatusBadRequest, Response{Errors: []api.RequestError{requestErr}}) |
| paddy@15 | 69 return |
| paddy@15 | 70 } |
| paddy@16 | 71 api.Encode(w, r, http.StatusInternalServerError, Response{Errors: api.ActOfGodError}) |
| paddy@15 | 72 } |
| paddy@15 | 73 createdDevices, err := devices.CreateMany(devicesToCreate, ctx) |
| paddy@15 | 74 if err != nil { |
| paddy@15 | 75 // BUG(paddy): we should filter out non-internal errors here and expose better error responses |
| paddy@15 | 76 log.Printf("Error creating devices: %+v\n", err) |
| paddy@15 | 77 api.Encode(w, r, http.StatusInternalServerError, Response{Errors: api.ActOfGodError}) |
| paddy@15 | 78 return |
| paddy@15 | 79 } |
| paddy@18 | 80 var resp Response |
| paddy@15 | 81 for _, device := range createdDevices { |
| paddy@16 | 82 resp.Devices = append(resp.Devices, apiDeviceFromCore(device, api.CheckScopes(passedScopes, ScopeViewPushToken.ID))) |
| paddy@15 | 83 } |
| paddy@15 | 84 api.Encode(w, r, http.StatusCreated, resp) |
| paddy@15 | 85 } |
| paddy@18 | 86 |
| paddy@18 | 87 func handleGetDevices(ctx context.Context, w http.ResponseWriter, r *http.Request) { |
| paddy@18 | 88 userID, err := api.AuthUser(r) |
| paddy@18 | 89 if err != nil { |
| paddy@18 | 90 api.Encode(w, r, http.StatusUnauthorized, Response{Errors: api.AccessDeniedError}) |
| paddy@18 | 91 return |
| paddy@18 | 92 } |
| paddy@18 | 93 |
| paddy@18 | 94 passedScopes := api.GetScopes(r) |
| paddy@18 | 95 if !api.CheckScopes(passedScopes, ScopeViewDevices.ID) { |
| paddy@18 | 96 api.Encode(w, r, http.StatusForbidden, Response{Errors: api.AccessDeniedError}) |
| paddy@18 | 97 return |
| paddy@18 | 98 } |
| paddy@18 | 99 |
| paddy@18 | 100 var retrievedDevices []devices.Device |
| paddy@18 | 101 requestedIDStrs := r.URL.Query()["id"] |
| paddy@18 | 102 requestedIDStrs = append(requestedIDStrs, trout.RequestVars(r)[http.CanonicalHeaderKey("id")]...) |
| paddy@18 | 103 |
| paddy@18 | 104 if len(requestedIDStrs) < 1 { |
| paddy@18 | 105 retrievedDevices, err = devices.ListByOwner(userID, ctx) |
| paddy@18 | 106 if err != nil { |
| paddy@18 | 107 log.Printf("Error listing devices: %+v\n", err) |
| paddy@18 | 108 api.Encode(w, r, http.StatusInternalServerError, Response{Errors: api.ActOfGodError}) |
| paddy@18 | 109 return |
| paddy@18 | 110 } |
| paddy@18 | 111 } else { |
| paddy@18 | 112 requestedIDs := make([]uuid.ID, 0, len(requestedIDStrs)) |
| paddy@18 | 113 var reqErrs []api.RequestError |
| paddy@18 | 114 for pos, idStr := range requestedIDStrs { |
| paddy@18 | 115 id, err := uuid.Parse(idStr) |
| paddy@18 | 116 if err != nil { |
| paddy@18 | 117 reqErrs = append(reqErrs, api.RequestError{Slug: api.RequestErrInvalidFormat, Param: fmt.Sprintf("id[%d]", pos)}) |
| paddy@18 | 118 continue |
| paddy@18 | 119 } |
| paddy@18 | 120 requestedIDs = append(requestedIDs, id) |
| paddy@18 | 121 } |
| paddy@18 | 122 if len(reqErrs) > 0 { |
| paddy@18 | 123 api.Encode(w, r, http.StatusBadRequest, Response{Errors: reqErrs}) |
| paddy@18 | 124 return |
| paddy@18 | 125 } |
| paddy@18 | 126 getDevices, err := devices.GetMany(requestedIDs, ctx) |
| paddy@18 | 127 if err != nil { |
| paddy@18 | 128 api.Encode(w, r, http.StatusInternalServerError, Response{Errors: api.ActOfGodError}) |
| paddy@18 | 129 return |
| paddy@18 | 130 } |
| paddy@18 | 131 for _, device := range getDevices { |
| paddy@18 | 132 if device.Owner.Equal(userID) { |
| paddy@18 | 133 retrievedDevices = append(retrievedDevices, device) |
| paddy@18 | 134 } |
| paddy@18 | 135 } |
| paddy@18 | 136 } |
| paddy@18 | 137 |
| paddy@18 | 138 var resp Response |
| paddy@18 | 139 for _, device := range retrievedDevices { |
| paddy@18 | 140 resp.Devices = append(resp.Devices, apiDeviceFromCore(device, api.CheckScopes(passedScopes, ScopeViewPushToken.ID))) |
| paddy@18 | 141 } |
| paddy@18 | 142 api.Encode(w, r, http.StatusOK, resp) |
| paddy@18 | 143 } |