Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-24 07:49:41 +02:00
Code Issues Releases Activity

chore(handlers): replace structs by functions for HTTP errors EE-4227 (#7664)

Browse source
This commit is contained in:
andres-portainer 2022-09-14 20:42:39 -03:00 committed by GitHub
parent 7accdf704c
commit 9ef5636718
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
157 changed files with 1123 additions and 1147 deletions
Download patch file Download diff file Expand all files Collapse all files

20
api/http/handler/users/user_remove_access_token.go
View file

@ -31,45 +31,45 @@ import (
func (handler *Handler) userRemoveAccessToken(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
userID, err := request.RetrieveNumericRouteVariableValue(r, "id")
if err != nil {
return &httperror.HandlerError{http.StatusBadRequest, "Invalid user identifier route variable", err}
return httperror.BadRequest("Invalid user identifier route variable", err)
}
apiKeyID, err := request.RetrieveNumericRouteVariableValue(r, "keyID")
if err != nil {
return &httperror.HandlerError{http.StatusBadRequest, "Invalid api-key identifier route variable", err}
return httperror.BadRequest("Invalid api-key identifier route variable", err)
}
tokenData, err := security.RetrieveTokenData(r)
if err != nil {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve user authentication token", err}
return httperror.InternalServerError("Unable to retrieve user authentication token", err)
}
if tokenData.Role != portainer.AdministratorRole && tokenData.ID != portainer.UserID(userID) {
return &httperror.HandlerError{http.StatusForbidden, "Permission denied to get user access tokens", httperrors.ErrUnauthorized}
return httperror.Forbidden("Permission denied to get user access tokens", httperrors.ErrUnauthorized)
}
_, err = handler.DataStore.User().User(portainer.UserID(userID))
if err != nil {
if handler.DataStore.IsErrObjectNotFound(err) {
return &httperror.HandlerError{http.StatusNotFound, "Unable to find a user with the specified identifier inside the database", err}
return httperror.NotFound("Unable to find a user with the specified identifier inside the database", err)
}
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a user with the specified identifier inside the database", err}
return httperror.InternalServerError("Unable to find a user with the specified identifier inside the database", err)
}
// check if the key exists and the key belongs to the user
apiKey, err := handler.apiKeyService.GetAPIKey(portainer.APIKeyID(apiKeyID))
if err != nil {
return &httperror.HandlerError{http.StatusInternalServerError, "API Key not found", err}
return httperror.InternalServerError("API Key not found", err)
}
if apiKey.UserID != portainer.UserID(userID) {
return &httperror.HandlerError{http.StatusForbidden, "Permission denied to remove api-key", httperrors.ErrUnauthorized}
return httperror.Forbidden("Permission denied to remove api-key", httperrors.ErrUnauthorized)
}
err = handler.apiKeyService.DeleteAPIKey(portainer.APIKeyID(apiKeyID))
if err != nil {
if err == apikey.ErrInvalidAPIKey {
return &httperror.HandlerError{http.StatusNotFound, "Unable to find an api-key with the specified identifier inside the database", err}
return httperror.NotFound("Unable to find an api-key with the specified identifier inside the database", err)
}
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove the api-key from the user", err}
return httperror.InternalServerError("Unable to remove the api-key from the user", err)
}
return response.Empty(w)