chore: simplify not enough permission error

2024-10-16 15:10:31 +08:00 · 2024-10-16 15:10:31 +08:00 · 383629ab1c
parent 34a7fd3633
commit 383629ab1c
8 changed files with 19 additions and 108 deletions
--- a/libs/app-error/src/lib.rs
+++ b/libs/app-error/src/lib.rs
@ -64,8 +64,8 @@ pub enum AppError {
  #[error("Not Logged In:{0}")]
  NotLoggedIn(String),

-  #[error("{user}: do not have permissions to {action}")]
-  NotEnoughPermissions { user: String, action: String },
+  #[error("User does not have permissions to execute this action")]
+  NotEnoughPermissions,

  #[error("s3 response error:{0}")]
  S3ResponseError(String),
--- a/libs/database/src/workspace.rs
+++ b/libs/database/src/workspace.rs
@ -517,10 +517,7 @@ pub async fn delete_workspace_members(
  .unwrap_or(false);

  if is_owner {
-    return Err(AppError::NotEnoughPermissions {
-      user: member_email.to_string(),
-      action: format!("delete member from workspace {}", workspace_id),
-    });
+    return Err(AppError::NotEnoughPermissions);
  }

  sqlx::query!(
--- a/services/appflowy-collaborate/src/collab/storage.rs
+++ b/services/appflowy-collaborate/src/collab/storage.rs
@ -92,10 +92,7 @@ where
      .await?;

    if !can_write_workspace {
-      return Err(AppError::NotEnoughPermissions {
-        user: uid.to_string(),
-        action: format!("write workspace:{}", workspace_id),
-      });
+      return Err(AppError::NotEnoughPermissions);
    }
    Ok(())
  }
@ -113,10 +110,7 @@ where
      .await?;

    if !can_write {
-      return Err(AppError::NotEnoughPermissions {
-        user: uid.to_string(),
-        action: format!("update collab:{}", object_id),
-      });
+      return Err(AppError::NotEnoughPermissions);
    }
    Ok(())
  }
@ -375,10 +369,7 @@ where
          .await?;

        if !can_read {
-          return Err(AppError::NotEnoughPermissions {
-            user: uid.to_string(),
-            action: format!("read collab:{}", params.object_id),
-          });
+          return Err(AppError::NotEnoughPermissions);
        }
      },
      GetCollabOrigin::Server => {},
@ -470,10 +461,7 @@ where
      .enforce_delete(workspace_id, uid, object_id)
      .await?
    {
-      return Err(AppError::NotEnoughPermissions {
-        user: uid.to_string(),
-        action: format!("delete collab:{}", object_id),
-      });
+      return Err(AppError::NotEnoughPermissions);
    }
    self.cache.delete_collab(object_id).await?;
    Ok(())
--- a/src/api/access_request.rs
+++ b/src/api/access_request.rs
@ -42,7 +42,6 @@ async fn get_access_request_handler(
    &state.pg_pool,
    state.collab_access_control_storage.clone(),
    access_request_id,
-    *uuid,
    uid,
  )
  .await?;
@ -105,7 +104,6 @@ async fn post_approve_access_request_handler(
    &appflowy_web_url,
    access_request_id,
    uid,
-    *uuid,
    is_approved,
  )
  .await?;
--- a/src/api/workspace.rs
+++ b/src/api/workspace.rs
@ -273,13 +273,7 @@ async fn delete_workspace_handler(
    .enforce_role(&uid, &workspace_id.to_string(), AFRole::Owner)
    .await?;
  if !has_access {
-    return Err(
-      AppError::NotEnoughPermissions {
-        user: user_uuid.to_string(),
-        action: "delete workspace".to_string(),
-      }
-      .into(),
-    );
+    return Err(AppError::NotEnoughPermissions.into());
  }
  workspace::ops::delete_workspace_for_user(
    state.pg_pool.clone(),
@ -319,13 +313,7 @@ async fn post_workspace_invite_handler(
    .enforce_role(&uid, &workspace_id.to_string(), AFRole::Owner)
    .await?;
  if !has_access {
-    return Err(
-      AppError::NotEnoughPermissions {
-        user: user_uuid.to_string(),
-        action: "invite workspace member".to_string(),
-      }
-      .into(),
-    );
+    return Err(AppError::NotEnoughPermissions.into());
  }

  let invited_members = payload.into_inner();
@ -401,13 +389,7 @@ async fn get_workspace_settings_handler(
    .enforce_action(&uid, &workspace_id.to_string(), Action::Read)
    .await?;
  if !has_access {
-    return Err(
-      AppError::NotEnoughPermissions {
-        user: user_uuid.to_string(),
-        action: "read workspace setting".to_string(),
-      }
-      .into(),
-    );
+    return Err(AppError::NotEnoughPermissions.into());
  }
  let settings = workspace::ops::get_workspace_settings(&state.pg_pool, &workspace_id).await?;
  Ok(AppResponse::Ok().with_data(settings).into())
@ -428,13 +410,7 @@ async fn post_workspace_settings_handler(
    .enforce_action(&uid, &workspace_id.to_string(), Action::Write)
    .await?;
  if !has_access {
-    return Err(
-      AppError::NotEnoughPermissions {
-        user: user_uuid.to_string(),
-        action: "update workspace setting".to_string(),
-      }
-      .into(),
-    );
+    return Err(AppError::NotEnoughPermissions.into());
  }
  let settings =
    workspace::ops::update_workspace_settings(&state.pg_pool, &workspace_id, data).await?;
@ -453,13 +429,7 @@ async fn get_workspace_members_handler(
    .enforce_action(&uid, &workspace_id.to_string(), Action::Read)
    .await?;
  if !has_access {
-    return Err(
-      AppError::NotEnoughPermissions {
-        user: user_uuid.to_string(),
-        action: "get workspace members".to_string(),
-      }
-      .into(),
-    );
+    return Err(AppError::NotEnoughPermissions.into());
  }
  let members = workspace::ops::get_workspace_members(&state.pg_pool, &workspace_id)
    .await?
@ -488,13 +458,7 @@ async fn remove_workspace_member_handler(
    .enforce_role(&uid, &workspace_id.to_string(), AFRole::Owner)
    .await?;
  if !has_access {
-    return Err(
-      AppError::NotEnoughPermissions {
-        user: user_uuid.to_string(),
-        action: "remove workspace member".to_string(),
-      }
-      .into(),
-    );
+    return Err(AppError::NotEnoughPermissions.into());
  }

  let member_emails = payload
@ -527,13 +491,7 @@ async fn get_workspace_member_handler(
    .enforce_action(&uid, &workspace_id.to_string(), Action::Read)
    .await?;
  if !has_access {
-    return Err(
-      AppError::NotEnoughPermissions {
-        user: user_uuid.to_string(),
-        action: "get workspace member".to_string(),
-      }
-      .into(),
-    );
+    return Err(AppError::NotEnoughPermissions.into());
  }
  let member_row =
    workspace::ops::get_workspace_member(&user_uuid_to_retrieved, &state.pg_pool, &workspace_id)
@ -590,13 +548,7 @@ async fn update_workspace_member_handler(
    .enforce_role(&uid, &workspace_id.to_string(), AFRole::Owner)
    .await?;
  if !has_access {
-    return Err(
-      AppError::NotEnoughPermissions {
-        user: user_uuid.to_string(),
-        action: "update workspace member".to_string(),
-      }
-      .into(),
-    );
+    return Err(AppError::NotEnoughPermissions.into());
  }

  let changeset = payload.into_inner();
--- a/src/biz/access_request/ops.rs
+++ b/src/biz/access_request/ops.rs
@ -74,16 +74,12 @@ pub async fn get_access_request(
  pg_pool: &PgPool,
  collab_storage: Arc<CollabAccessControlStorage>,
  access_request_id: Uuid,
-  user_uuid: Uuid,
  user_uid: i64,
 ) -> Result<AccessRequest, AppError> {
  let access_request_with_view_id =
    select_access_request_by_request_id(pg_pool, access_request_id).await?;
  if access_request_with_view_id.workspace.owner_uid != user_uid {
-    return Err(AppError::NotEnoughPermissions {
-      user: user_uuid.to_string(),
-      action: "get access request".to_string(),
-    });
+    return Err(AppError::NotEnoughPermissions);
  }
  let folder = get_latest_collab_folder(
    collab_storage,
@ -125,7 +121,6 @@ pub async fn approve_or_reject_access_request(
  appflowy_web_url: &str,
  request_id: Uuid,
  uid: i64,
-  user_uuid: Uuid,
  is_approved: bool,
 ) -> Result<(), AppError> {
  let access_request = select_access_request_by_request_id(pg_pool, request_id).await?;
@ -137,10 +132,7 @@ pub async fn approve_or_reject_access_request(
    )
    .await?;
  if !has_access {
-    return Err(AppError::NotEnoughPermissions {
-      user: user_uuid.to_string(),
-      action: "approve access request".to_string(),
-    });
+    return Err(AppError::NotEnoughPermissions);
  }

  let mut txn = pg_pool.begin().await.context("approving request")?;
--- a/src/biz/collab/access_control.rs
+++ b/src/biz/collab/access_control.rs
@ -119,15 +119,7 @@ impl MiddlewareAccessControl for CollabMiddlewareAccessControl {
    if result {
      Ok(())
    } else {
-      Err(AppError::NotEnoughPermissions {
-        user: uid.to_string(),
-        action: format!(
-          "access collab:{} with url:{}, method:{}",
-          oid,
-          path.as_str(),
-          method
-        ),
-      })
+      Err(AppError::NotEnoughPermissions)
    }
  }
 }
--- a/src/biz/workspace/access_control.rs
+++ b/src/biz/workspace/access_control.rs
@ -142,15 +142,7 @@ impl MiddlewareAccessControl for WorkspaceMiddlewareAccessControl {
    if result {
      Ok(())
    } else {
-      Err(AppError::NotEnoughPermissions {
-        user: uid.to_string(),
-        action: format!(
-          "access workspace:{} with given url:{}, method: {}",
-          resource_id,
-          path.as_str(),
-          method,
-        ),
-      })
+      Err(AppError::NotEnoughPermissions)
    }
  }
 }