jason/cpolis
1
0
Fork 1
Code Issues Pull Requests 1 Packages Projects Releases 56 Wiki Activity

feature/better-error-handling #1

Closed
jonathan wants to merge 2 commits from jonathan/cpolis:feature/better-error-handling into main
pull from: jonathan/cpolis:feature/better-error-handling
merge into: jason:main
Conversation 1 Commits 2 Files Changed 2 +194 -82
2 changed files with 194 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
cmd/backend/atom.go
View File

@ -3,6 +3,7 @@ package backend
import ( import (
"fmt" "fmt"
"io" "io"
"log"
"os" "os"
"git.streifling.com/jason/atom" "git.streifling.com/jason/atom"
@ -22,73 +23,81 @@ func GenerateAtomFeed(c *Config, db *DB) (*string, error) {
articles, err := db.GetCertainArticles("published", true) articles, err := db.GetCertainArticles("published", true)
if err != nil { if err != nil {
return nil, fmt.Errorf("error getting published articles for Atom feed: %v", err) log.Printf("Error retrieving published articles for Atom feed: %v", err)
return nil, fmt.Errorf("error getting published articles for Atom feed: %w", err)
} }
for _, article := range articles { for _, article := range articles {
articleTitle, err := ConvertToPlain(article.Title) articleTitle, err := ConvertToPlain(article.Title)
if err != nil { if err != nil {
return nil, fmt.Errorf("error converting title to plain text for Atom feed: %v", err) log.Printf("Error converting article title to plain text for Atom feed: %v", err)
return nil, fmt.Errorf("error converting title to plain text for Atom feed: %w", err)
} }
entry := atom.NewEntry(articleTitle) entry := atom.NewEntry(articleTitle)
entry.ID = atom.NewID(fmt.Sprint("urn:entry:", article.ID)) entry.ID = atom.NewID(fmt.Sprintf("urn:entry:%d", article.ID))
entry.Published = atom.NewDate(article.Created) entry.Published = atom.NewDate(article.Created)
entry.Content = atom.NewContent(atom.OutOfLine, "text/html", fmt.Sprint(c.Domain, "/article/serve/", article.UUID)) entry.Content = atom.NewContent(atom.OutOfLine, "text/html", fmt.Sprintf("%s/article/serve/%s", c.Domain, article.UUID))
if article.AutoGenerated { if article.AutoGenerated {
entry.Summary = atom.NewText("text", "automatically generated") entry.Summary = atom.NewText("text", "automatically generated")
} else { } else {
articleSummary, err := ConvertToPlain(article.Summary) articleSummary, err := ConvertToPlain(article.Summary)
if err != nil { if err != nil {
return nil, fmt.Errorf("error converting description to plain text for Atom feed: %v", err) log.Printf("Error converting article summary to plain text for Atom feed: %v", err)
return nil, fmt.Errorf("error converting description to plain text for Atom feed: %w", err)
} }
entry.Summary = atom.NewText("text", articleSummary) entry.Summary = atom.NewText("text", articleSummary)
} }
if len(article.BannerLink) > 0 { if len(article.BannerLink) > 0 {
linkID := entry.AddLink(atom.NewLink(c.Domain + "/image/serve/" + article.BannerLink)) linkID := entry.AddLink(atom.NewLink(fmt.Sprintf("%s/image/serve/%s", c.Domain, article.BannerLink)))
entry.Links[linkID].Rel = "enclosure" entry.Links[linkID].Rel = "enclosure"
entry.Links[linkID].Type = "image/webp" entry.Links[linkID].Type = "image/webp"
} }
authors, err := db.GetArticleAuthors(c, article.ID) authors, err := db.GetArticleAuthors(c, article.ID)
if err != nil { if err != nil {
return nil, fmt.Errorf("error getting article's authors for Atom feed: %v", err) log.Printf("Error retrieving authors for article ID %d for Atom feed: %v", article.ID, err)
return nil, fmt.Errorf("error getting article's authors for Atom feed: %w", err)
} }
for _, author := range authors { for _, author := range authors {
user, err := db.GetUser(c, author.ID) user, err := db.GetUser(c, author.ID)
if err != nil { if err != nil {
return nil, fmt.Errorf("error getting user info for Atom feed: %v", err) log.Printf("Error retrieving user info for author ID %d for Atom feed: %v", author.ID, err)
return nil, fmt.Errorf("error getting user info for Atom feed: %w", err)
} }
authorID := entry.AddAuthor(atom.NewPerson(user.FirstName + " " + user.LastName)) authorID := entry.AddAuthor(atom.NewPerson(fmt.Sprintf("%s %s", user.FirstName, user.LastName)))
entry.Authors[authorID].URI = c.Domain + "/image/serve/" + user.ProfilePicLink entry.Authors[authorID].URI = fmt.Sprintf("%s/image/serve/%s", c.Domain, user.ProfilePicLink)
} }
contributors, err := db.GetArticleContributors(c, article.ID) contributors, err := db.GetArticleContributors(c, article.ID)
if err != nil { if err != nil {
return nil, fmt.Errorf("error getting article's contributors for Atom feed: %v", err) log.Printf("Error retrieving contributors for article ID %d for Atom feed: %v", article.ID, err)
return nil, fmt.Errorf("error getting article's contributors for Atom feed: %w", err)
} }
for _, contributor := range contributors { for _, contributor := range contributors {
user, err := db.GetUser(c, contributor.ID) user, err := db.GetUser(c, contributor.ID)
if err != nil { if err != nil {
return nil, fmt.Errorf("error getting user info for Atom feed: %v", err) log.Printf("Error retrieving user info for contributor ID %d for Atom feed: %v", contributor.ID, err)
return nil, fmt.Errorf("error getting user info for Atom feed: %w", err)
} }
contributorID := entry.AddContributor(atom.NewPerson(user.FirstName + " " + user.LastName)) contributorID := entry.AddContributor(atom.NewPerson(fmt.Sprintf("%s %s", user.FirstName, user.LastName)))
entry.Contributors[contributorID].URI = c.Domain + "/image/serve/" + user.ProfilePicLink entry.Contributors[contributorID].URI = fmt.Sprintf("%s/image/serve/%s", c.Domain, user.ProfilePicLink)
} }
tags, err := db.GetArticleTags(article.ID) tags, err := db.GetArticleTags(article.ID)
if err != nil { if err != nil {
return nil, fmt.Errorf("error getting tags for articles for Atom feed: %v", err) log.Printf("Error retrieving tags for article ID %d for Atom feed: %v", article.ID, err)
return nil, fmt.Errorf("error getting tags for articles for Atom feed: %w", err)
} }
for _, tag := range tags { for _, tag := range tags {
entry.AddCategory(atom.NewCategory(tag.Name)) entry.AddCategory(atom.NewCategory(tag.Name))
} }
if article.IsInIssue || article.AutoGenerated { if article.IsInIssue || article.AutoGenerated {
entry.AddCategory(atom.NewCategory(fmt.Sprint("Orient Express ", article.IssueID))) entry.AddCategory(atom.NewCategory(fmt.Sprintf("Orient Express %d", article.IssueID)))
} }
if article.AutoGenerated { if article.AutoGenerated {
entry.AddCategory(atom.NewCategory("autogenerated")) entry.AddCategory(atom.NewCategory("autogenerated"))
@ -99,29 +108,39 @@ func GenerateAtomFeed(c *Config, db *DB) (*string, error) {
} }
if err = feed.Check(); err != nil { if err = feed.Check(); err != nil {
return nil, fmt.Errorf("error checking Atom feed: %v", err) log.Printf("Error checking Atom feed: %v", err)
return nil, fmt.Errorf("error checking Atom feed: %w", err)
} }
atom, err := feed.ToXML("UTF-8") atomXML, err := feed.ToXML("UTF-8")
if err != nil { if err != nil {
return nil, fmt.Errorf("error converting Atom feed to XML: %v", err) log.Printf("Error converting Atom feed to XML: %v", err)
return nil, fmt.Errorf("error converting Atom feed to XML: %w", err)
} }
return &atom, nil return &atomXML, nil
} }
func SaveAtomFeed(filename string, feed *string) error { func SaveAtomFeed(filename string, feed *string) error {
file, err := os.Create(filename) file, err := os.Create(filename)
if err != nil { if err != nil {
return fmt.Errorf("error creating file for Atom feed: %v", err) log.Printf("Error creating file for Atom feed: %v", err)
return fmt.Errorf("error creating file for Atom feed: %w", err)
} }
defer file.Close() defer func() {
if cerr := file.Close(); cerr != nil {
log.Printf("Error closing file for Atom feed: %v", cerr)
}
}()
if err = file.Chmod(0644); err != nil { if err = file.Chmod(0644); err != nil {
return fmt.Errorf("error setting permissions for Atom file: %v", err) log.Printf("Error setting permissions for Atom file '%s': %v", filename, err)
return fmt.Errorf("error setting permissions for Atom file: %w", err)
} }
if _, err = io.WriteString(file, *feed); err != nil { if _, err = io.WriteString(file, *feed); err != nil {
return fmt.Errorf("error writing to Atom file: %v", err) log.Printf("Error writing to Atom file '%s': %v", filename, err)
return fmt.Errorf("error writing to Atom file: %w", err)
} }
return nil return nil

157
cmd/backend/users.go
View File

@ -37,15 +37,19 @@ type User struct {
func readKey(filename string) ([]byte, error) { func readKey(filename string) ([]byte, error) {
key, err := os.ReadFile(filename) key, err := os.ReadFile(filename)
if err != nil { if err != nil {
return nil, fmt.Errorf("error reading from aes key file: %v", err) log.Printf("Error reading AES key file '%s': %v", filename, err)
return nil, fmt.Errorf("error reading from AES key file: %v", err)
} }
if len(key) != 44 { if len(key) != 44 {
return nil, errors.New("key is not 32 bytes long") errMsg := "key is not 32 bytes long"
log.Println(errMsg)
return nil, errors.New(errMsg)
} }
key, err = base64.StdEncoding.DecodeString(string(key)) key, err = base64.StdEncoding.DecodeString(string(key))
if err != nil { if err != nil {
log.Printf("Error base64 decoding key: %v", err)
return nil, fmt.Errorf("error base64 decoding key: %v", err) return nil, fmt.Errorf("error base64 decoding key: %v", err)
} }
@ -55,14 +59,17 @@ func readKey(filename string) ([]byte, error) {
func key(c *Config) ([]byte, error) { func key(c *Config) ([]byte, error) {
key, err := readKey(c.AESKeyFile) key, err := readKey(c.AESKeyFile)
if err != nil { if err != nil {
log.Printf("Error reading key: %v", err)
key = make([]byte, 32) key = make([]byte, 32)
if _, err := rand.Read(key); err != nil { if _, err := rand.Read(key); err != nil {
log.Printf("Error generating random key: %v", err)
return nil, fmt.Errorf("error generating random key: %v", err) return nil, fmt.Errorf("error generating random key: %v", err)
} }
fileKey := make([]byte, 44) fileKey := make([]byte, 44)
base64.StdEncoding.Encode(fileKey, key) base64.StdEncoding.Encode(fileKey, key)
if err = os.WriteFile(c.AESKeyFile, fileKey, 0600); err != nil { if err = os.WriteFile(c.AESKeyFile, fileKey, 0600); err != nil {
log.Printf("Error writing key to file '%s': %v", c.AESKeyFile, err)
return nil, fmt.Errorf("error writing key to file: %v", err) return nil, fmt.Errorf("error writing key to file: %v", err)
} }
} }
@ -73,21 +80,25 @@ func key(c *Config) ([]byte, error) {
func aesEncrypt(c *Config, plaintext string) (string, error) { func aesEncrypt(c *Config, plaintext string) (string, error) {
key, err := key(c) key, err := key(c)
if err != nil { if err != nil {
log.Printf("Error retrieving key: %v", err)
return "", fmt.Errorf("error retrieving key: %v", err) return "", fmt.Errorf("error retrieving key: %v", err)
} }
block, err := aes.NewCipher(key) block, err := aes.NewCipher(key)
if err != nil { if err != nil {
log.Printf("Error creating cipher block: %v", err)
return "", fmt.Errorf("error creating cipher block: %v", err) return "", fmt.Errorf("error creating cipher block: %v", err)
} }
gcm, err := cipher.NewGCM(block) gcm, err := cipher.NewGCM(block)
if err != nil { if err != nil {
return "", fmt.Errorf("error creating new gcm: %v", err) log.Printf("Error creating GCM: %v", err)
return "", fmt.Errorf("error creating new GCM: %v", err)
} }
nonce := make([]byte, gcm.NonceSize()) nonce := make([]byte, gcm.NonceSize())
if _, err := io.ReadFull(rand.Reader, nonce); err != nil { if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
log.Printf("Error creating nonce: %v", err)
return "", fmt.Errorf("error creating nonce: %v", err) return "", fmt.Errorf("error creating nonce: %v", err)
} }
@ -98,30 +109,40 @@ func aesEncrypt(c *Config, plaintext string) (string, error) {
func aesDecrypt(c *Config, ciphertext string) (string, error) { func aesDecrypt(c *Config, ciphertext string) (string, error) {
key, err := key(c) key, err := key(c)
if err != nil { if err != nil {
log.Printf("Error retrieving key: %v", err)
return "", fmt.Errorf("error retrieving key: %v", err) return "", fmt.Errorf("error retrieving key: %v", err)
} }
block, err := aes.NewCipher(key) block, err := aes.NewCipher(key)
if err != nil { if err != nil {
log.Printf("Error creating cipher block: %v", err)
return "", fmt.Errorf("error creating cipher block: %v", err) return "", fmt.Errorf("error creating cipher block: %v", err)
} }
gcm, err := cipher.NewGCM(block) gcm, err := cipher.NewGCM(block)
if err != nil { if err != nil {
return "", fmt.Errorf("error creating new gcm: %v", err) log.Printf("Error creating GCM: %v", err)
return "", fmt.Errorf("error creating new GCM: %v", err)
} }
data, err := base64.StdEncoding.DecodeString(ciphertext) data, err := base64.StdEncoding.DecodeString(ciphertext)
if err != nil { if err != nil {
log.Printf("Error base64 decoding ciphertext: %v", err)
return "", fmt.Errorf("error base64 decoding ciphertext: %v", err) return "", fmt.Errorf("error base64 decoding ciphertext: %v", err)
} }
nonceSize := gcm.NonceSize() nonceSize := gcm.NonceSize()
if len(data) < nonceSize {
errMsg := "ciphertext too short"
log.Println(errMsg)
return "", fmt.Errorf(errMsg)
}
nonce, cipherText := data[:nonceSize], data[nonceSize:] nonce, cipherText := data[:nonceSize], data[nonceSize:]
plaintext, err := gcm.Open(nil, nonce, cipherText, nil) plaintext, err := gcm.Open(nil, nonce, cipherText, nil)
if err != nil { if err != nil {
return "", fmt.Errorf("error aes decoding ciphertext: %v", err) log.Printf("Error AES decoding ciphertext: %v", err)
return "", fmt.Errorf("error AES decoding ciphertext: %v", err)
} }
return string(plaintext), nil return string(plaintext), nil
@ -130,21 +151,25 @@ func aesDecrypt(c *Config, ciphertext string) (string, error) {
func (db *DB) AddUser(c *Config, u *User, pass string) (int64, error) { func (db *DB) AddUser(c *Config, u *User, pass string) (int64, error) {
hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost) hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
if err != nil { if err != nil {
log.Printf("Error creating password hash: %v", err)
return 0, fmt.Errorf("error creating password hash: %v", err) return 0, fmt.Errorf("error creating password hash: %v", err)
} }
aesFirstName, err := aesEncrypt(c, u.FirstName) aesFirstName, err := aesEncrypt(c, u.FirstName)
if err != nil { if err != nil {
log.Printf("Error encrypting first name: %v", err)
return 0, fmt.Errorf("error encrypting first name: %v", err) return 0, fmt.Errorf("error encrypting first name: %v", err)
} }
aesLastName, err := aesEncrypt(c, u.LastName) aesLastName, err := aesEncrypt(c, u.LastName)
if err != nil { if err != nil {
log.Printf("Error encrypting last name: %v", err)
return 0, fmt.Errorf("error encrypting last name: %v", err) return 0, fmt.Errorf("error encrypting last name: %v", err)
} }
aesEmail, err := aesEncrypt(c, u.Email) aesEmail, err := aesEncrypt(c, u.Email)
if err != nil { if err != nil {
log.Printf("Error encrypting email: %v", err)
return 0, fmt.Errorf("error encrypting email: %v", err) return 0, fmt.Errorf("error encrypting email: %v", err)
} }
@ -155,10 +180,12 @@ func (db *DB) AddUser(c *Config, u *User, pass string) (int64, error) {
result, err := db.Exec(query, u.UserName, string(hashedPass), aesFirstName, aesLastName, aesEmail, u.ProfilePicLink, u.Role) result, err := db.Exec(query, u.UserName, string(hashedPass), aesFirstName, aesLastName, aesEmail, u.ProfilePicLink, u.Role)
if err != nil { if err != nil {
log.Printf("Error inserting new user '%v' into DB: %v", u.UserName, err)
return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err) return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err)
} }
id, err := result.LastInsertId() id, err := result.LastInsertId()
if err != nil { if err != nil {
log.Printf("Error retrieving last insert ID: %v", err)
return 0, fmt.Errorf("error inserting user into DB: %v", err) return 0, fmt.Errorf("error inserting user into DB: %v", err)
} }
@ -175,6 +202,7 @@ func (db *DB) GetID(userName string) int64 {
` `
row := db.QueryRow(query, userName) row := db.QueryRow(query, userName)
if err := row.Scan(&id); err != nil { // seems like the only possible error is ErrNoRows if err := row.Scan(&id); err != nil { // seems like the only possible error is ErrNoRows
log.Printf("Error retrieving ID for user '%v': %v", userName, err)
return 0 return 0
} }
@ -191,10 +219,12 @@ func (db *DB) CheckPassword(id int64, pass string) error {
` `
row := db.QueryRow(query, id) row := db.QueryRow(query, id)
if err := row.Scan(&queriedPass); err != nil { if err := row.Scan(&queriedPass); err != nil {
log.Printf("Error reading password from DB for ID '%v': %v", id, err)
return fmt.Errorf("error reading password from DB: %v", err) return fmt.Errorf("error reading password from DB: %v", err)
} }
if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil { if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(pass)); err != nil {
log.Printf("Incorrect password for ID '%v': %v", id, err)
return fmt.Errorf("incorrect password: %v", err) return fmt.Errorf("incorrect password: %v", err)
} }
@ -210,23 +240,26 @@ func (tx *Tx) ChangePassword(id int64, oldPass, newPass string) error {
` `
row := tx.QueryRow(getQuery, id) row := tx.QueryRow(getQuery, id)
if err := row.Scan(&queriedPass); err != nil { if err := row.Scan(&queriedPass); err != nil {
log.Printf("Error reading password from DB during password change for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error reading password from DB: %v", err) return fmt.Errorf("error reading password from DB: %v", err)
} }
if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(oldPass)); err != nil { if err := bcrypt.CompareHashAndPassword([]byte(queriedPass), []byte(oldPass)); err != nil {
log.Printf("Incorrect old password for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("incorrect password: %v", err) return fmt.Errorf("incorrect password: %v", err)
} }
newHashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost) newHashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
if err != nil { if err != nil {
log.Printf("Error creating new password hash for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error creating password hash: %v", err) return fmt.Errorf("error creating password hash: %v", err)
} }
@ -237,8 +270,9 @@ func (tx *Tx) ChangePassword(id int64, oldPass, newPass string) error {
WHERE id = ? WHERE id = ?
` `
if _, err = tx.Exec(setQuery, string(newHashedPass), id); err != nil { if _, err = tx.Exec(setQuery, string(newHashedPass), id); err != nil {
log.Printf("Error updating password in DB for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error updating password in DB: %v", err) return fmt.Errorf("error updating password in DB: %v", err)
} }
@ -260,21 +294,25 @@ func (db *DB) GetUser(c *Config, id int64) (*User, error) {
row := db.QueryRow(query, id) row := db.QueryRow(query, id)
if err := row.Scan(&user.ID, &user.UserName, &aesFirstName, &aesLastName, &aesEmail, &user.ProfilePicLink, &user.Role); err != nil { if err := row.Scan(&user.ID, &user.UserName, &aesFirstName, &aesLastName, &aesEmail, &user.ProfilePicLink, &user.Role); err != nil {
log.Printf("Error reading user information from DB for ID '%v': %v", id, err)
return nil, fmt.Errorf("error reading user information: %v", err) return nil, fmt.Errorf("error reading user information: %v", err)
} }
user.FirstName, err = aesDecrypt(c, aesFirstName) user.FirstName, err = aesDecrypt(c, aesFirstName)
if err != nil { if err != nil {
log.Printf("Error decrypting first name for ID '%v': %v", id, err)
return nil, fmt.Errorf("error decrypting first name: %v", err) return nil, fmt.Errorf("error decrypting first name: %v", err)
} }
user.LastName, err = aesDecrypt(c, aesLastName) user.LastName, err = aesDecrypt(c, aesLastName)
if err != nil { if err != nil {
log.Printf("Error decrypting last name for ID '%v': %v", id, err)
return nil, fmt.Errorf("error decrypting last name: %v", err) return nil, fmt.Errorf("error decrypting last name: %v", err)
} }
user.Email, err = aesDecrypt(c, aesEmail) user.Email, err = aesDecrypt(c, aesEmail)
if err != nil { if err != nil {
log.Printf("Error decrypting email for ID '%v': %v", id, err)
return nil, fmt.Errorf("error decrypting email: %v", err) return nil, fmt.Errorf("error decrypting email: %v", err)
} }
@ -290,13 +328,15 @@ func (db *DB) UpdateOwnUserAttributes(c *Config, id int64, userName, firstName,
err := func() error { err := func() error {
tx.Tx, err = db.Begin() tx.Tx, err = db.Begin()
if err != nil { if err != nil {
log.Printf("Error starting transaction: %v", err)
return fmt.Errorf("error starting transaction: %v", err) return fmt.Errorf("error starting transaction: %v", err)
} }
if !passwordEmpty { if !passwordEmpty {
if err = tx.ChangePassword(id, oldPass, newPass); err != nil { if err = tx.ChangePassword(id, oldPass, newPass); err != nil {
log.Printf("Error changing password for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error changing password: %v", err) return fmt.Errorf("error changing password: %v", err)
} }
@ -304,24 +344,27 @@ func (db *DB) UpdateOwnUserAttributes(c *Config, id int64, userName, firstName,
aesFirstName, err := aesEncrypt(c, firstName) aesFirstName, err := aesEncrypt(c, firstName)
if err != nil { if err != nil {
log.Printf("Error encrypting first name for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error encrypting first name: %v", err) return fmt.Errorf("error encrypting first name: %v", err)
} }
aesLastName, err := aesEncrypt(c, lastName) aesLastName, err := aesEncrypt(c, lastName)
if err != nil { if err != nil {
log.Printf("Error encrypting last name for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error encrypting last name: %v", err) return fmt.Errorf("error encrypting last name: %v", err)
} }
aesEmail, err := aesEncrypt(c, email) aesEmail, err := aesEncrypt(c, email)
if err != nil { if err != nil {
log.Printf("Error encrypting email for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error encrypting email: %v", err) return fmt.Errorf("error encrypting email: %v", err)
} }
@ -333,13 +376,15 @@ func (db *DB) UpdateOwnUserAttributes(c *Config, id int64, userName, firstName,
&Attribute{Table: "users", ID: id, AttName: "email", Value: aesEmail}, &Attribute{Table: "users", ID: id, AttName: "email", Value: aesEmail},
&Attribute{Table: "users", ID: id, AttName: "profile_pic_link", Value: profilePicLink}, &Attribute{Table: "users", ID: id, AttName: "profile_pic_link", Value: profilePicLink},
); err != nil { ); err != nil {
log.Printf("Error updating attributes in DB for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error updating attributes in DB: %v", err) return fmt.Errorf("error updating attributes in DB: %v", err)
} }
if err = tx.Commit(); err != nil { if err = tx.Commit(); err != nil {
log.Printf("Error committing transaction for ID '%v': %v", id, err)
return fmt.Errorf("error committing transaction: %v", err) return fmt.Errorf("error committing transaction: %v", err)
} }
@ -353,7 +398,9 @@ func (db *DB) UpdateOwnUserAttributes(c *Config, id int64, userName, firstName,
wait(i) wait(i)
} }
return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries) errMsg := fmt.Sprintf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
log.Println(errMsg)
return fmt.Errorf(errMsg)
} }
func (db *DB) AddFirstUser(c *Config, u *User, pass string) (int64, error) { func (db *DB) AddFirstUser(c *Config, u *User, pass string) (int64, error) {
@ -369,17 +416,20 @@ func (db *DB) AddFirstUser(c *Config, u *User, pass string) (int64, error) {
id, err := func() (int64, error) { id, err := func() (int64, error) {
tx, err := db.BeginTx(context.Background(), txOptions) tx, err := db.BeginTx(context.Background(), txOptions)
if err != nil { if err != nil {
log.Printf("Error starting transaction: %v", err)
return 0, fmt.Errorf("error starting transaction: %v", err) return 0, fmt.Errorf("error starting transaction: %v", err)
} }
if err := tx.QueryRow(selectQuery).Scan(&numUsers); err != nil { if err := tx.QueryRow(selectQuery).Scan(&numUsers); err != nil {
log.Printf("Error retrieving number of users: %v", err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return 0, fmt.Errorf("error getting ID of %v: %v", u.UserName, err) return 0, fmt.Errorf("error getting ID of %v: %v", u.UserName, err)
} }
if numUsers != 0 { if numUsers != 0 {
if err = tx.Commit(); err != nil { if err = tx.Commit(); err != nil {
log.Printf("Error committing transaction: %v", err)
return 0, fmt.Errorf("error committing transaction: %v", err) return 0, fmt.Errorf("error committing transaction: %v", err)
} }
return -1, nil return -1, nil
@ -387,53 +437,60 @@ func (db *DB) AddFirstUser(c *Config, u *User, pass string) (int64, error) {
hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost) hashedPass, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
if err != nil { if err != nil {
log.Printf("Error creating password hash: %v", err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return 0, fmt.Errorf("error creating password hash: %v", err) return 0, fmt.Errorf("error creating password hash: %v", err)
} }
aesFirstName, err := aesEncrypt(c, u.FirstName) aesFirstName, err := aesEncrypt(c, u.FirstName)
if err != nil { if err != nil {
log.Printf("Error encrypting first name: %v", err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return 0, fmt.Errorf("error encrypting first name: %v", err) return 0, fmt.Errorf("error encrypting first name: %v", err)
} }
aesLastName, err := aesEncrypt(c, u.LastName) aesLastName, err := aesEncrypt(c, u.LastName)
if err != nil { if err != nil {
log.Printf("Error encrypting last name: %v", err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return 0, fmt.Errorf("error encrypting last name: %v", err) return 0, fmt.Errorf("error encrypting last name: %v", err)
} }
aesEmail, err := aesEncrypt(c, u.Email) aesEmail, err := aesEncrypt(c, u.Email)
if err != nil { if err != nil {
log.Printf("Error encrypting email: %v", err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return 0, fmt.Errorf("error encrypting email: %v", err) return 0, fmt.Errorf("error encrypting email: %v", err)
} }
result, err := tx.Exec(insertQuery, u.UserName, string(hashedPass), aesFirstName, aesLastName, aesEmail, u.ProfilePicLink, u.Role) result, err := tx.Exec(insertQuery, u.UserName, string(hashedPass), aesFirstName, aesLastName, aesEmail, u.ProfilePicLink, u.Role)
if err != nil { if err != nil {
log.Printf("Error inserting new user '%v' into DB: %v", u.UserName, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err) return 0, fmt.Errorf("error inserting new user %v into DB: %v", u.UserName, err)
} }
id, err := result.LastInsertId() id, err := result.LastInsertId()
if err != nil { if err != nil {
log.Printf("Error retrieving last insert ID: %v", err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return 0, fmt.Errorf("error inserting user into DB: %v", err) return 0, fmt.Errorf("error inserting user into DB: %v", err)
} }
if err = tx.Commit(); err != nil { if err = tx.Commit(); err != nil {
log.Printf("Error committing transaction: %v", err)
return 0, fmt.Errorf("error committing transaction: %v", err) return 0, fmt.Errorf("error committing transaction: %v", err)
} }
return id, nil return id, nil
@ -445,7 +502,9 @@ func (db *DB) AddFirstUser(c *Config, u *User, pass string) (int64, error) {
log.Println(err) log.Println(err)
wait(i) wait(i)
} }
return 0, fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries) errMsg := fmt.Sprintf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
log.Println(errMsg)
return 0, fmt.Errorf(errMsg)
} }
func (db *DB) GetAllUsers(c *Config) ([]*User, error) { func (db *DB) GetAllUsers(c *Config) ([]*User, error) {
@ -456,34 +515,45 @@ func (db *DB) GetAllUsers(c *Config) ([]*User, error) {
rows, err := db.Query(query) rows, err := db.Query(query)
if err != nil { if err != nil {
log.Printf("Error retrieving all users from DB: %v", err)
return nil, fmt.Errorf("error getting all users from DB: %v", err) return nil, fmt.Errorf("error getting all users from DB: %v", err)
} }
defer rows.Close()
users := make([]*User, 0) users := make([]*User, 0)
for rows.Next() { for rows.Next() {
user := new(User) user := new(User)
if err = rows.Scan(&user.ID, &user.UserName, &aesFirstName, &aesLastName, &aesEmail, &user.ProfilePicLink, &user.Role); err != nil { if err = rows.Scan(&user.ID, &user.UserName, &aesFirstName, &aesLastName, &aesEmail, &user.ProfilePicLink, &user.Role); err != nil {
log.Printf("Error scanning user information: %v", err)
return nil, fmt.Errorf("error getting user info: %v", err) return nil, fmt.Errorf("error getting user info: %v", err)
} }
user.FirstName, err = aesDecrypt(c, aesFirstName) user.FirstName, err = aesDecrypt(c, aesFirstName)
if err != nil { if err != nil {
log.Printf("Error decrypting first name for user ID '%v': %v", user.ID, err)
return nil, fmt.Errorf("error decrypting first name: %v", err) return nil, fmt.Errorf("error decrypting first name: %v", err)
} }
user.LastName, err = aesDecrypt(c, aesLastName) user.LastName, err = aesDecrypt(c, aesLastName)
if err != nil { if err != nil {
log.Printf("Error decrypting last name for user ID '%v': %v", user.ID, err)
return nil, fmt.Errorf("error decrypting last name: %v", err) return nil, fmt.Errorf("error decrypting last name: %v", err)
} }
user.Email, err = aesDecrypt(c, aesEmail) user.Email, err = aesDecrypt(c, aesEmail)
if err != nil { if err != nil {
log.Printf("Error decrypting email for user ID '%v': %v", user.ID, err)
return nil, fmt.Errorf("error decrypting email: %v", err) return nil, fmt.Errorf("error decrypting email: %v", err)
} }
users = append(users, user) users = append(users, user)
} }
if err = rows.Err(); err != nil {
log.Printf("Error iterating over rows: %v", err)
return nil, fmt.Errorf("error iterating over rows: %v", err)
}
return users, nil return users, nil
} }
@ -495,50 +565,63 @@ func (db *DB) GetAllUsersMap(c *Config) (map[int64]*User, error) {
rows, err := db.Query(query) rows, err := db.Query(query)
if err != nil { if err != nil {
log.Printf("Error retrieving all users from DB: %v", err)
return nil, fmt.Errorf("error getting all users from DB: %v", err) return nil, fmt.Errorf("error getting all users from DB: %v", err)
} }
defer rows.Close()
users := make(map[int64]*User, 0) users := make(map[int64]*User)
for rows.Next() { for rows.Next() {
user := new(User) user := new(User)
if err = rows.Scan(&user.ID, &user.UserName, &aesFirstName, &aesLastName, &aesEmail, &user.ProfilePicLink, &user.Role); err != nil { if err = rows.Scan(&user.ID, &user.UserName, &aesFirstName, &aesLastName, &aesEmail, &user.ProfilePicLink, &user.Role); err != nil {
log.Printf("Error scanning user information: %v", err)
return nil, fmt.Errorf("error getting user info: %v", err) return nil, fmt.Errorf("error getting user info: %v", err)
} }
user.FirstName, err = aesDecrypt(c, aesFirstName) user.FirstName, err = aesDecrypt(c, aesFirstName)
if err != nil { if err != nil {
log.Printf("Error decrypting first name for user ID '%v': %v", user.ID, err)
return nil, fmt.Errorf("error decrypting first name: %v", err) return nil, fmt.Errorf("error decrypting first name: %v", err)
} }
user.LastName, err = aesDecrypt(c, aesLastName) user.LastName, err = aesDecrypt(c, aesLastName)
if err != nil { if err != nil {
log.Printf("Error decrypting last name for user ID '%v': %v", user.ID, err)
return nil, fmt.Errorf("error decrypting last name: %v", err) return nil, fmt.Errorf("error decrypting last name: %v", err)
} }
user.Email, err = aesDecrypt(c, aesEmail) user.Email, err = aesDecrypt(c, aesEmail)
if err != nil { if err != nil {
log.Printf("Error decrypting email for user ID '%v': %v", user.ID, err)
return nil, fmt.Errorf("error decrypting email: %v", err) return nil, fmt.Errorf("error decrypting email: %v", err)
} }
users[user.ID] = user users[user.ID] = user
} }
if err = rows.Err(); err != nil {
log.Printf("Error iterating over rows: %v", err)
return nil, fmt.Errorf("error iterating over rows: %v", err)
}
return users, nil return users, nil
} }
func (tx *Tx) SetPassword(id int64, newPass string) error { func (tx *Tx) SetPassword(id int64, newPass string) error {
hashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost) hashedPass, err := bcrypt.GenerateFromPassword([]byte(newPass), bcrypt.DefaultCost)
if err != nil { if err != nil {
log.Printf("Error creating password hash for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error creating password hash: %v", err) return fmt.Errorf("error creating password hash: %v", err)
} }
setQuery := "UPDATE users SET password = ? WHERE id = ?" setQuery := "UPDATE users SET password = ? WHERE id = ?"
if _, err = tx.Exec(setQuery, string(hashedPass), id); err != nil { if _, err = tx.Exec(setQuery, string(hashedPass), id); err != nil {
log.Printf("Error updating password in DB for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error updating password in DB: %v", err) return fmt.Errorf("error updating password in DB: %v", err)
} }
@ -555,13 +638,15 @@ func (db *DB) UpdateUserAttributes(c *Config, id int64, userName, firstName, las
err := func() error { err := func() error {
tx.Tx, err = db.Begin() tx.Tx, err = db.Begin()
if err != nil { if err != nil {
log.Printf("Error starting transaction: %v", err)
return fmt.Errorf("error starting transaction: %v", err) return fmt.Errorf("error starting transaction: %v", err)
} }
if !passwordEmpty { if !passwordEmpty {
if err = tx.SetPassword(id, newPass); err != nil { if err = tx.SetPassword(id, newPass); err != nil {
log.Printf("Error setting new password for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error changing password: %v", err) return fmt.Errorf("error changing password: %v", err)
} }
@ -569,24 +654,27 @@ func (db *DB) UpdateUserAttributes(c *Config, id int64, userName, firstName, las
aesFirstName, err := aesEncrypt(c, firstName) aesFirstName, err := aesEncrypt(c, firstName)
if err != nil { if err != nil {
log.Printf("Error encrypting first name for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error encrypting first name: %v", err) return fmt.Errorf("error encrypting first name: %v", err)
} }
aesLastName, err := aesEncrypt(c, lastName) aesLastName, err := aesEncrypt(c, lastName)
if err != nil { if err != nil {
log.Printf("Error encrypting last name for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error encrypting last name: %v", err) return fmt.Errorf("error encrypting last name: %v", err)
} }
aesEmail, err := aesEncrypt(c, email) aesEmail, err := aesEncrypt(c, email)
if err != nil { if err != nil {
log.Printf("Error encrypting email for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error encrypting email: %v", err) return fmt.Errorf("error encrypting email: %v", err)
} }
@ -599,13 +687,15 @@ func (db *DB) UpdateUserAttributes(c *Config, id int64, userName, firstName, las
&Attribute{Table: "users", ID: id, AttName: "profile_pic_link", Value: profilePicLink}, &Attribute{Table: "users", ID: id, AttName: "profile_pic_link", Value: profilePicLink},
&Attribute{Table: "users", ID: id, AttName: "role", Value: role}, &Attribute{Table: "users", ID: id, AttName: "role", Value: role},
); err != nil { ); err != nil {
log.Printf("Error updating attributes in DB for ID '%v': %v", id, err)
if rollbackErr := tx.Rollback(); rollbackErr != nil { if rollbackErr := tx.Rollback(); rollbackErr != nil {
log.Fatalf("transaction error: %v, rollback error: %v", err, rollbackErr) log.Fatalf("Transaction error: %v, Rollback error: %v", err, rollbackErr)
} }
return fmt.Errorf("error updating attributes in DB: %v", err) return fmt.Errorf("error updating attributes in DB: %v", err)
} }
if err = tx.Commit(); err != nil { if err = tx.Commit(); err != nil {
log.Printf("Error committing transaction for ID '%v': %v", id, err)
return fmt.Errorf("error committing transaction: %v", err) return fmt.Errorf("error committing transaction: %v", err)
} }
@ -619,7 +709,9 @@ func (db *DB) UpdateUserAttributes(c *Config, id int64, userName, firstName, las
wait(i) wait(i)
} }
return fmt.Errorf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries) errMsg := fmt.Sprintf("error: %v unsuccessful retries for DB operation, aborting", TxMaxRetries)
log.Println(errMsg)
return fmt.Errorf(errMsg)
} }
func (db *DB) DeleteUser(id int64) error { func (db *DB) DeleteUser(id int64) error {
@ -627,6 +719,7 @@ func (db *DB) DeleteUser(id int64) error {
_, err := db.Exec(query, id) _, err := db.Exec(query, id)
if err != nil { if err != nil {
log.Printf("Error deleting user with ID '%v' from DB: %v", id, err)
return fmt.Errorf("error deleting user %v from DB: %v", id, err) return fmt.Errorf("error deleting user %v from DB: %v", id, err)
} }