refactor: add AppError helpers and harden upload/download error handling
- refactor: replace inline AppError literals with model.New*Error constructors in service and handler layers - feat: PromoteStaged falls back to copy/delete when os.Rename returns EXDEV (cross-device link) - fix: upload error messages no longer leak internal multipart field names or parser implementation details - fix: upload size violations are converted to domain error ErrUploadTooLarge at the handler boundary - fix: download logs error and size mismatch when io.Copy fails or writes fewer bytes than expected - test: add tests for field name leak prevention, parser error sanitization, read errors after response start, and EXDEV fallback
This commit is contained in:
@@ -7,10 +7,11 @@ import (
|
||||
)
|
||||
|
||||
var (
|
||||
ErrNotFound = errors.New("resource not found")
|
||||
ErrDuplicate = errors.New("resource already exists")
|
||||
ErrUnauthorized = errors.New("unauthorized")
|
||||
ErrForbidden = errors.New("forbidden")
|
||||
ErrNotFound = errors.New("resource not found")
|
||||
ErrDuplicate = errors.New("resource already exists")
|
||||
ErrUnauthorized = errors.New("unauthorized")
|
||||
ErrForbidden = errors.New("forbidden")
|
||||
ErrUploadTooLarge = errors.New("upload exceeds maximum size")
|
||||
)
|
||||
|
||||
// AppError is a service-layer error that carries an HTTP status, a user-safe
|
||||
@@ -25,6 +26,31 @@ type AppError struct {
|
||||
func (e *AppError) Error() string { return e.Message }
|
||||
func (e *AppError) Unwrap() error { return e.Err }
|
||||
|
||||
// NewBadRequestError creates a 400 AppError.
|
||||
func NewBadRequestError(message string) *AppError {
|
||||
return &AppError{Status: http.StatusBadRequest, Message: message}
|
||||
}
|
||||
|
||||
// NewConflictError creates a 409 AppError.
|
||||
func NewConflictError(message string) *AppError {
|
||||
return &AppError{Status: http.StatusConflict, Message: message}
|
||||
}
|
||||
|
||||
// NewNotFoundError creates a 404 AppError.
|
||||
func NewNotFoundError(message string, cause error) *AppError {
|
||||
return &AppError{Status: http.StatusNotFound, Message: message, Err: cause}
|
||||
}
|
||||
|
||||
// NewForbiddenError creates a 403 AppError.
|
||||
func NewForbiddenError(message string, cause error) *AppError {
|
||||
return &AppError{Status: http.StatusForbidden, Message: message, Err: cause}
|
||||
}
|
||||
|
||||
// NewPayloadTooLargeError creates a 413 AppError.
|
||||
func NewPayloadTooLargeError(message string, cause error) *AppError {
|
||||
return &AppError{Status: http.StatusRequestEntityTooLarge, Message: message, Err: cause}
|
||||
}
|
||||
|
||||
// NewInternalError creates a 500 AppError with a wrapped internal cause.
|
||||
// msg describes the operation that failed; cause is the underlying error.
|
||||
func NewInternalError(msg string, cause error) *AppError {
|
||||
|
||||
Reference in New Issue
Block a user