ducky/devices

Paddy 2015-12-19 Parent:a700ede02f91 Child:b2fdf827758e

17:ad63b888f899 Go to Latest

ducky/devices/apiv1/handlers.go

Fix JSON pointers in errors when creating devices. Our JSON pointers used to point at the root of the document, but the properties were actually in objects in an array keyed off of "devices", so we had to update the field property of our errors to match. While we were in there, we fixed the "insufficient" error for a Device's name to be "missing" when the name is an empty string. So far, the only way for a Device's name for it to be insufficient is _for it to be the empty string_, but if in the future we raise the minimum length of the Device name, there will be a distinction and I'd like the code to recognise it.

Download raw file
View source Diff to previous Annotate
History
1 package apiv1
2
3 import (
4 "fmt"
5 "log"
6 "net/http"
7
8 "code.secondbit.org/api.hg"
9 "code.secondbit.org/ducky/devices.hg"
10
11 "golang.org/x/net/context"
12 )
13
14 type createRequest struct {
15 Devices []DeviceChange `json:"devices"`
16 }
17
18 func handleCreateDevices(ctx context.Context, w http.ResponseWriter, r *http.Request) {
19 var req createRequest
20 var resp Response
21
22 userID, err := api.AuthUser(r)
23 if err != nil {
24 if err == api.ErrUserIDNotSet {
25 api.Encode(w, r, http.StatusUnauthorized, Response{Errors: api.AccessDeniedError})
26 return
27 }
28 api.Encode(w, r, http.StatusForbidden, Response{Errors: api.AccessDeniedError})
29 return
30 }
31
32 err = api.Decode(r, &req)
33 if err != nil {
34 api.Encode(w, r, http.StatusBadRequest, Response{Errors: api.InvalidFormatError})
35 return
36 }
37
38 devicesToCreate := createDevicesFromChanges(req.Devices)
39 passedScopes := api.GetScopes(r)
40 for pos, device := range devicesToCreate {
41 err := validateDeviceCreation(device, passedScopes, userID)
42 if err == nil {
43 continue
44 }
45 var requestErr api.RequestError
46 switch err {
47 case errUnauthorizedLastSeen:
48 requestErr.Slug = api.RequestErrAccessDenied
49 requestErr.Field = fmt.Sprintf("devices/%d/lastSeen", pos)
50 case errUnauthorizedCreated:
51 requestErr.Slug = api.RequestErrAccessDenied
52 requestErr.Field = fmt.Sprintf("devices/%d/created", pos)
53 case errUnauthorizedOwner:
54 requestErr.Slug = api.RequestErrAccessDenied
55 requestErr.Field = fmt.Sprintf("devices/%d/owner", pos)
56 case errInvalidDeviceType:
57 requestErr.Slug = api.RequestErrInvalidValue
58 requestErr.Field = fmt.Sprintf("devices/%d/type", pos)
59 case errDeviceNameTooShort:
60 if len(device.Name) == 0 {
61 requestErr.Slug = api.RequestErrMissing
62 } else {
63 requestErr.Slug = api.RequestErrInsufficient
64 }
65 requestErr.Field = fmt.Sprintf("devices/%d/name", pos)
66 case errDeviceNameTooLong:
67 requestErr.Slug = api.RequestErrOverflow
68 requestErr.Field = fmt.Sprintf("devices/%d/name", pos)
69 }
70 if requestErr.Slug != "" {
71 api.Encode(w, r, http.StatusBadRequest, Response{Errors: []api.RequestError{requestErr}})
72 return
73 }
74 api.Encode(w, r, http.StatusInternalServerError, Response{Errors: api.ActOfGodError})
75 }
76 createdDevices, err := devices.CreateMany(devicesToCreate, ctx)
77 if err != nil {
78 // BUG(paddy): we should filter out non-internal errors here and expose better error responses
79 log.Printf("Error creating devices: %+v\n", err)
80 api.Encode(w, r, http.StatusInternalServerError, Response{Errors: api.ActOfGodError})
81 return
82 }
83 for _, device := range createdDevices {
84 resp.Devices = append(resp.Devices, apiDeviceFromCore(device, api.CheckScopes(passedScopes, ScopeViewPushToken.ID)))
85 }
86 api.Encode(w, r, http.StatusCreated, resp)
87 }