Merge branch 'api-specs-post' into fix-api-phase-2

Author: prkhrkat

CHANGELOG/release-notes-v1.8.0.md

@@ -0,0 +1,57 @@
+## v1.8.0
+
+## Enhancements
+- feat: added the plugin for aws ecr retagging (#6695)
+- feat:  Argo version update v2.13.3(#6817)
+- feat: ArgoCD v2.13.3 support for private chart providers (#6766)
+- feat: flux cd deployment  (#6660)
+- feat: add app name in labels list api (#6688)
+- feat: Audit ci trigger, precd and post cd trigger so that retrigger can happen from last failed config snapshot  (#6659)
+- feat: optimize ci cd workflow (#6744)
+- feat: automate API specs workflow and documentation (#6786)
+  
+## Bugs
+- fix: argo sync (#6718)
+- fix: cluster delete (#6706)
+- fix: Notifier v1 removed (#6705)
+- fix: app clone panic (#6696)
+- fix: Spdy migration to websocket (#6682)
+- fix: Fix scanning optimisation (#6683)
+- fix: panic in logs api (#6684)
+- fix: Empty migration seq (#6673)
+- fix: Removing default value of idleReplicaCount (#6721)
+- fix: send HideApiToken env var in api token create and update response (#6727)
+- fix: removed timeout notification (#6760)
+- fix: unify unit formatting and conversion for CPU and memory in cluster resources (#6768)
+- fix: cron job suspend (#6771)
+- fix: panic app group  (#6785)
+- fix: api responses enhancements (#6797)
+- fix: post apis minor validations (#6811)
+- fix: dex scopes override default required scopes (#6816)
+- fix: error handler correction (#6824)
+
+## Others
+- chore: added sql file of 4.21 (#6716)
+- misc: added support for service extraSpec (#6702)
+- chore: when output dir path is /devtroncd in any pipeline stage step then the ci runner is stuck in recursive self-copy situation  (#6686)
+- misc: Removing default value of idleReplicaCount (#6730)
+- chore: chart service crud and configProperties (#6642)
+- misc: Added Github Actions for linting and building api specs (#6720)
+- misc: open api spec addition (#6750)
+- misc: Updated the build-docs.yaml  (#6752)
+- misc: fixing swagger openapi.yaml (#6751)
+- misc: adding codeowner for swagger api spec (#6754)
+- misc: swagger api spec fixes (#6755)
+- misc: Update openapi spec (#6758)
+- misc: updated the title of openapi specs (#6759)
+- misc: Timeout main notification (#6761)
+- misc: Api changes for env enhancement (#6769)
+- misc: changes in description of api spec (#6767)
+- chore: Update `authenticator` and `common-lib` dependencies to latest versions. (#6779)
+- chore: added sql files for sync (#6780)
+- chore: migration number chnage (#6783)
+- chore: add resource recommendation APIs and update openapi.yaml (#6784)
+- misc: added support for cronjob annotations and probes (#6787)
+- misc: Validation on payload and Error handling, API Specs revised (#6790)
+- misc: sql query param refacter (#6810)
+  

api/restHandler/UserAttributesRestHandler.go

@@ -18,15 +18,14 @@ package restHandler
 
 import (
 	"encoding/json"
-	"errors"
-	"github.com/devtron-labs/devtron/pkg/attributes/bean"
 	"net/http"
 
+	"github.com/devtron-labs/devtron/pkg/attributes/bean"
+
 	"github.com/devtron-labs/devtron/api/restHandler/common"
 	"github.com/devtron-labs/devtron/pkg/attributes"
 	"github.com/devtron-labs/devtron/pkg/auth/authorisation/casbin"
 	"github.com/devtron-labs/devtron/pkg/auth/user"
-	"github.com/gorilla/mux"
 	"go.uber.org/zap"
 )
 
@@ -56,18 +55,32 @@ func NewUserAttributesRestHandlerImpl(logger *zap.SugaredLogger, enforcer casbin
 }
 
 func (handler *UserAttributesRestHandlerImpl) AddUserAttributes(w http.ResponseWriter, r *http.Request) {
-	dto, success := handler.validateUserAttributesRequest(w, r, "PatchUserAttributes")
+	dto, success := handler.validateUserAttributesRequest(w, r, "AddUserAttributes")
 	if !success {
 		return
 	}
 
-	handler.logger.Infow("request payload, AddUserAttributes", "payload", dto)
+	handler.logger.Infow("Adding user attributes",
+		"operation", "add_user_attributes",
+		"userId", dto.UserId,
+		"key", dto.Key)
+
 	resp, err := handler.userAttributesService.AddUserAttributes(dto)
 	if err != nil {
-		handler.logger.Errorw("service err, AddUserAttributes", "err", err, "payload", dto)
-		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		handler.logger.Errorw("Failed to add user attributes",
+			"operation", "add_user_attributes",
+			"userId", dto.UserId,
+			"key", dto.Key,
+			"err", err)
+
+		// Use enhanced error response builder
+		errBuilder := common.NewErrorResponseBuilder(w, r).
+			WithOperation("user attributes creation").
+			WithResource("user attribute", dto.Key)
+		errBuilder.HandleError(err)
 		return
 	}
+
 	common.WriteJsonResp(w, nil, resp, http.StatusOK)
 }
 
@@ -78,18 +91,32 @@ func (handler *UserAttributesRestHandlerImpl) AddUserAttributes(w http.ResponseW
 // @Success 200 {object} attributes.UserAttributesDto
 // @Router /orchestrator/attributes/user/update [POST]
 func (handler *UserAttributesRestHandlerImpl) UpdateUserAttributes(w http.ResponseWriter, r *http.Request) {
-	dto, success := handler.validateUserAttributesRequest(w, r, "PatchUserAttributes")
+	dto, success := handler.validateUserAttributesRequest(w, r, "UpdateUserAttributes")
 	if !success {
 		return
 	}
 
-	handler.logger.Infow("request payload, UpdateUserAttributes", "payload", dto)
+	handler.logger.Infow("Updating user attributes",
+		"operation", "update_user_attributes",
+		"userId", dto.UserId,
+		"key", dto.Key)
+
 	resp, err := handler.userAttributesService.UpdateUserAttributes(dto)
 	if err != nil {
-		handler.logger.Errorw("service err, UpdateUserAttributes", "err", err, "payload", dto)
-		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		handler.logger.Errorw("Failed to update user attributes",
+			"operation", "update_user_attributes",
+			"userId", dto.UserId,
+			"key", dto.Key,
+			"err", err)
+
+		// Use enhanced error response builder
+		errBuilder := common.NewErrorResponseBuilder(w, r).
+			WithOperation("user attributes update").
+			WithResource("user attribute", dto.Key)
+		errBuilder.HandleError(err)
 		return
 	}
+
 	common.WriteJsonResp(w, nil, resp, http.StatusOK)
 }
 
@@ -99,38 +126,68 @@ func (handler *UserAttributesRestHandlerImpl) PatchUserAttributes(w http.Respons
 		return
 	}
 
-	handler.logger.Infow("request payload, PatchUserAttributes", "payload", dto)
+	handler.logger.Infow("Patching user attributes",
+		"operation", "patch_user_attributes",
+		"userId", dto.UserId,
+		"key", dto.Key)
+
 	resp, err := handler.userAttributesService.PatchUserAttributes(dto)
 	if err != nil {
-		handler.logger.Errorw("service err, PatchUserAttributes", "err", err, "payload", dto)
-		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		handler.logger.Errorw("Failed to patch user attributes",
+			"operation", "patch_user_attributes",
+			"userId", dto.UserId,
+			"key", dto.Key,
+			"err", err)
+
+		// Use enhanced error response builder
+		errBuilder := common.NewErrorResponseBuilder(w, r).
+			WithOperation("user attributes patch").
+			WithResource("user attribute", dto.Key)
+		errBuilder.HandleError(err)
 		return
 	}
+
 	common.WriteJsonResp(w, nil, resp, http.StatusOK)
 }
 
 func (handler *UserAttributesRestHandlerImpl) validateUserAttributesRequest(w http.ResponseWriter, r *http.Request, operation string) (*bean.UserAttributesDto, bool) {
+	// 1. Authentication check using enhanced error handling
 	userId, err := handler.userService.GetLoggedInUser(r)
 	if userId == 0 || err != nil {
 		common.HandleUnauthorized(w, r)
 		return nil, false
 	}
 
+	// 2. Request body parsing with enhanced error handling
 	decoder := json.NewDecoder(r.Body)
 	var dto bean.UserAttributesDto
 	err = decoder.Decode(&dto)
 	if err != nil {
-		handler.logger.Errorw("request err, "+operation, "err", err, "payload", dto)
-		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		handler.logger.Errorw("Request parsing error",
+			"operation", operation,
+			"err", err,
+			"userId", userId)
+
+		// Use enhanced error response builder for request parsing errors
+		errBuilder := common.NewErrorResponseBuilder(w, r).
+			WithOperation(operation).
+			WithResource("user attributes", "")
+		errBuilder.HandleError(err)
 		return nil, false
 	}
 
 	dto.UserId = userId
 
+	// 3. Get user email with enhanced error handling
 	emailId, err := handler.userService.GetActiveEmailById(userId)
 	if err != nil {
-		handler.logger.Errorw("request err, "+operation, "err", err, "payload", dto)
-		common.WriteJsonResp(w, errors.New("unauthorized"), nil, http.StatusForbidden)
+		handler.logger.Errorw("Failed to get user email",
+			"operation", operation,
+			"userId", userId,
+			"err", err)
+
+		// Use enhanced error response for forbidden access
+		common.WriteForbiddenError(w, "access user attributes", "user")
 		return nil, false
 	}
 	dto.EmailId = emailId
@@ -145,36 +202,58 @@ func (handler *UserAttributesRestHandlerImpl) validateUserAttributesRequest(w ht
 // @Success 200 {object} attributes.UserAttributesDto
 // @Router /orchestrator/attributes/user/get [GET]
 func (handler *UserAttributesRestHandlerImpl) GetUserAttribute(w http.ResponseWriter, r *http.Request) {
+	// 1. Authentication check using enhanced error handling
 	userId, err := handler.userService.GetLoggedInUser(r)
 	if userId == 0 || err != nil {
 		common.HandleUnauthorized(w, r)
 		return
 	}
 
-	vars := mux.Vars(r)
-	key := vars["key"]
-	if key == "" {
-		handler.logger.Errorw("request err, GetUserAttribute", "err", err, "key", key)
-		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+	// 2. Enhanced parameter extraction with automatic validation
+	key, err := common.ExtractStringPathParamWithContext(w, r, "key")
+	if err != nil {
+		// Error already written by ExtractStringPathParamWithContext
 		return
 	}
 
-	dto := bean.UserAttributesDto{}
-
+	// 3. Get user email with enhanced error handling
 	emailId, err := handler.userService.GetActiveEmailById(userId)
 	if err != nil {
-		handler.logger.Errorw("request err, UpdateUserAttributes", "err", err, "payload", dto)
-		common.WriteJsonResp(w, errors.New("unauthorized"), nil, http.StatusForbidden)
+		handler.logger.Errorw("Failed to get user email",
+			"operation", "get_user_attribute",
+			"userId", userId,
+			"key", key,
+			"err", err)
+
+		// Use enhanced error response for forbidden access
+		common.WriteForbiddenError(w, "access user attributes", "user")
 		return
 	}
-	dto.EmailId = emailId
-	dto.Key = key
 
+	// 4. Prepare DTO
+	dto := bean.UserAttributesDto{
+		UserId:  userId,
+		EmailId: emailId,
+		Key:     key,
+	}
+
+	// 5. Service call with enhanced error handling
 	res, err := handler.userAttributesService.GetUserAttribute(&dto)
 	if err != nil {
-		handler.logger.Errorw("service err, GetAttributesById", "err", err)
-		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		handler.logger.Errorw("Failed to get user attribute",
+			"operation", "get_user_attribute",
+			"userId", userId,
+			"key", key,
+			"err", err)
+
+		// Use enhanced error response builder
+		errBuilder := common.NewErrorResponseBuilder(w, r).
+			WithOperation("user attribute retrieval").
+			WithResource("user attribute", key)
+		errBuilder.HandleError(err)
 		return
 	}
+
+	// 6. Success response
 	common.WriteJsonResp(w, nil, res, http.StatusOK)
 }