Better error handling in the API

10 years ago · 1d299dedfc
parent d50c3b385a
commit 1d299dedfc
3 changed files with 31 additions and 5 deletions
--- a/lib/Vroom/I18N/en.pm
+++ b/lib/Vroom/I18N/en.pm
@ -8,6 +8,7 @@ our %Lexicon = (
  "VROOM_IS_FREE_SOFTWARE"               => "VROOM is a free software",
  "POWERED_BY"                           => "Proudly powered by",
  "ERROR_NAME_INVALID"                   => "This name is not valid",
+  "ERROR_ROOM_NAME_MISSING"              => "Vous devez fournir un nom de salon",
  "ERROR_NAME_RESERVED"                  => "This name is reserved and cannot be used",
  "ERROR_NAME_CONFLICT"                  => "A room with this name already exists, please choose another one",
  "ERROR_ROOM_s_DOESNT_EXIST"            => "The room %s doesn't exist",
--- a/lib/Vroom/I18N/fr.pm
+++ b/lib/Vroom/I18N/fr.pm
@ -10,6 +10,7 @@ our %Lexicon = (
    "VROOM_IS_FREE_SOFTWARE"                    => "VROOM est un logiciel libre",
    "POWERED_BY"                                => "Fièrement propulsé par",
    "ERROR_NAME_INVALID"                        => "Ce nom n'est pas valide",
+    "ERROR_ROOM_NAME_MISSING"                   => "Vous devez fournir un nom de salon",
    "ERROR_NAME_RESERVED"                       => "Ce nom est réservé et ne peut être utilisé",
    "ERROR_NAME_CONFLICT"                       => "Ce nom est déjà pris, choisissez en un autre",
    "ERROR_ROOM_s_DOESNT_EXIST"                 => "Le salon %s n'existe pas",
--- a/vroom.pl
+++ b/vroom.pl
@ -1272,8 +1272,20 @@ any '/api' => sub {
    param  => $req->{param}
  );

+  # This action isn't possible with the privs associated to the API Key
+  if (!$res){
+    return $self->render(
+      json => {
+        status => 'error',
+        msg    => $self->l('NOT_ALLOWED'),
+        err    => 'NOT_ALLOWED'
+      },
+      status => '401'
+    );
+  }
+
  # Here are method not tied to a room
-  if ($res && $req->{action} eq 'get_room_list'){
+  if ($req->{action} eq 'get_room_list'){
    my $rooms = $self->get_room_list;
    # Blank out a few param we don't need
    foreach my $r (keys %{$rooms}){
@ -1289,17 +1301,29 @@ any '/api' => sub {
    );
  }

+  if (!$req->{param}->{room}){
+    return $self->render(
+      json => {
+        status => 'error',
+        msg    => $self->l('ERROR_ROOM_NAME_MISSING'),
+        err    => 'ERROR_ROOM_NAME_MISSING'
+      },
+      status => '400'
+    );
+  }
+
  $room = $self->get_room_by_name($req->{param}->{room});
-  if (!$res || (!$room && $req->{param}->{room})){
+  if (!$room){
    return $self->render(
      json => {
        status => 'error',
-        msg    => $self->l('NOT_ALLOWED'),
-        err    => 'NOT_ALLOWED'
+        msg    => sprintf($self->l('ERROR_ROOM_s_DOESNT_EXIST'), $req->{param}->{room}),
+        err    => 'ERROR_ROOM_DOESNT_EXIST'
      },
-      status => '401'
+      status => '400'
    );
  }
+
  # Ok, now, we don't have to bother with authorization anymore
  if ($req->{action} eq 'invite_email'){
    my $rcpts = $req->{param}->{rcpts};