Move UsersError to BoxError

2019-10-24 14:40:26 -07:00
parent 9b4d43075e
commit bc3169deb3
9 changed files with 169 additions and 219 deletions
--- a/src/routes/users.js
+++ b/src/routes/users.js
@@ -15,10 +15,28 @@ exports = module.exports = {

 var assert = require('assert'),
    auditSource = require('../auditsource.js'),
+    BoxError = require('../boxerror.js'),
    HttpError = require('connect-lastmile').HttpError,
    HttpSuccess = require('connect-lastmile').HttpSuccess,
-    users = require('../users.js'),
-    UsersError = users.UsersError;
+    users = require('../users.js');
+
+function toHttpError(error) {
+    switch (error.reason) {
+    case BoxError.NOT_FOUND:
+        return new HttpError(404, error);
+    case BoxError.ALREADY_EXISTS:
+        return new HttpError(409, error);
+    case BoxError.BAD_FIELD:
+        return new HttpError(400, error);
+    case BoxError.EXTERNAL_ERROR:
+        return new HttpError(424, error);
+    case BoxError.INVALID_CREDENTIALS:
+        return new HttpError(412, error);
+    case BoxError.INTERNAL_ERROR:
+    default:
+        return new HttpError(500, error);
+    }
+}

 function create(req, res, next) {
    assert.strictEqual(typeof req.body, 'object');
@@ -35,9 +53,7 @@ function create(req, res, next) {
    var displayName = req.body.displayName || '';

    users.create(username, password, email, displayName, { invitor: req.user, admin: req.body.admin }, auditSource.fromRequest(req), function (error, user) {
-        if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(400, error.message));
-        if (error && error.reason === UsersError.ALREADY_EXISTS) return next(new HttpError(409, error.message));
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        var userInfo = {
            id: user.id,
@@ -72,10 +88,7 @@ function update(req, res, next) {
    if ('active' in req.body && typeof req.body.active !== 'boolean') return next(new HttpError(400, 'active must be a boolean'));

    users.update(req.params.userId, req.body, auditSource.fromRequest(req), function (error) {
-        if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(400, error.message));
-        if (error && error.reason === UsersError.ALREADY_EXISTS) return next(new HttpError(409, error.message));
-        if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'User not found'));
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        next(new HttpSuccess(204));
    });
@@ -91,7 +104,7 @@ function list(req, res, next) {
    if (req.query.search && typeof req.query.search !== 'string') return next(new HttpError(400, 'search must be a string'));

    users.getAllPaged(req.query.search || null, page, perPage, function (error, results) {
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        results = results.map(users.removeRestrictedFields);

@@ -104,8 +117,7 @@ function get(req, res, next) {
    assert.strictEqual(typeof req.user, 'object');

    users.get(req.params.userId, function (error, result) {
-        if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'No such user'));
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        next(new HttpSuccess(200, users.removePrivateFields(result)));
    });
@@ -117,9 +129,7 @@ function remove(req, res, next) {
    if (req.user.id === req.params.userId) return next(new HttpError(409, 'Not allowed to remove yourself.'));

    users.remove(req.params.userId, auditSource.fromRequest(req), function (error) {
-        if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(400, error.message));
-        if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'No such user'));
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        next(new HttpSuccess(204));
    });
@@ -133,9 +143,7 @@ function verifyPassword(req, res, next) {
    if (typeof req.body.password !== 'string') return next(new HttpError(400, 'API call requires user password'));

    users.verifyWithUsername(req.user.username, req.body.password, function (error) {
-        if (error && error.reason === UsersError.WRONG_PASSWORD) return next(new HttpError(412, 'Password incorrect'));
-        if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'No such user'));
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        req.body.password = '<redacted>'; // this will prevent logs from displaying plain text password

@@ -147,8 +155,7 @@ function createInvite(req, res, next) {
    assert.strictEqual(typeof req.params.userId, 'string');

    users.createInvite(req.params.userId, function (error, resetToken) {
-        if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'User not found'));
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        next(new HttpSuccess(200, { resetToken: resetToken }));
    });
@@ -158,9 +165,7 @@ function sendInvite(req, res, next) {
    assert.strictEqual(typeof req.params.userId, 'string');

    users.sendInvite(req.params.userId, { invitor: req.user }, function (error) {
-        if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'User not found'));
-        if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(409, 'Call createInvite API first'));
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        next(new HttpSuccess(200, { }));
    });
@@ -173,8 +178,7 @@ function setGroups(req, res, next) {
    if (!Array.isArray(req.body.groupIds)) return next(new HttpError(400, 'API call requires a groups array.'));

    users.setMembership(req.params.userId, req.body.groupIds, function (error) {
-        if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'One or more groups not found'));
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        next(new HttpSuccess(204));
    });
@@ -187,9 +191,7 @@ function changePassword(req, res, next) {
    if (typeof req.body.password !== 'string') return next(new HttpError(400, 'password must be a string'));

    users.setPassword(req.params.userId, req.body.password, function (error) {
-        if (error && error.reason === UsersError.BAD_FIELD) return next(new HttpError(400, error.message));
-        if (error && error.reason === UsersError.NOT_FOUND) return next(new HttpError(404, 'User not found'));
-        if (error) return next(new HttpError(500, error));
+        if (error) return next(toHttpError(error));

        next(new HttpSuccess(204));
    });