gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-07 22:01:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
36e722ba12542bafff9b161e1212ce8c1aeaaa25
certctl/internal/api/handler/agent_groups.go
T
shankar0123 36e722ba12 WIP: M-1 handler sentinel error mapping (checkpoint before branch cleanup) 
Uncommitted migration work at the time of branch cleanup. Tagged as
checkpoint/m1-migration-wip so the commit survives git gc --prune=now.

Session context: Phase 3 Part B+C of the M-1 sentinel error migration
was in progress. 38 modified files, 4 new files (errors.go + errors_test.go
in internal/service/ and internal/api/handler/). Resume from this commit
via 'git checkout checkpoint/m1-migration-wip'.
2026-04-24 00:35:12 +00:00

285 lines
9.5 KiB
Go
Raw Blame History

package handler
import (
"context"
"encoding/json"
"errors"
"net/http"
"strconv"
"strings"
"github.com/shankar0123/certctl/internal/api/middleware"
"github.com/shankar0123/certctl/internal/domain"
"github.com/shankar0123/certctl/internal/service"
)
// AgentGroupService defines the service interface for agent group operations.
type AgentGroupService interface {
ListAgentGroups(ctx context.Context, page, perPage int) ([]domain.AgentGroup, int64, error)
GetAgentGroup(ctx context.Context, id string) (*domain.AgentGroup, error)
CreateAgentGroup(ctx context.Context, group domain.AgentGroup) (*domain.AgentGroup, error)
UpdateAgentGroup(ctx context.Context, id string, group domain.AgentGroup) (*domain.AgentGroup, error)
DeleteAgentGroup(ctx context.Context, id string) error
ListMembers(ctx context.Context, id string) ([]domain.Agent, int64, error)
}
// AgentGroupHandler handles HTTP requests for agent group operations.
//
// Error dispatch (post-M-1): every service error routes through the [errToStatus]
// choke point via `errors.Is` walking the wrap chain, with one explicit
// [service.ErrValidation] arm on the write paths (Create, Update) so the
// composed "validation: <field-specific reason>" message the service layer
// attaches via `fmt.Errorf("%w: ...", ErrValidation)` can be passed through to
// the 400 response body. Before M-1, the Create handler branched on
// `strings.Contains(err.Error(), "invalid"|"required")` — fragile because a
// single reword in [service.validateAgentGroup] would demote the 400 to 500
// with no compile-time signal — and the Update/Delete handlers branched on
// `strings.Contains(err.Error(), "not found")`, coupling HTTP classification
// to repository human-readable strings. Both now ride the typed
// [repository.ErrNotFound] wrap through errToStatus. Mirrors ProfileHandler.
type AgentGroupHandler struct {
svc AgentGroupService
}
// NewAgentGroupHandler creates a new AgentGroupHandler with a service dependency.
func NewAgentGroupHandler(svc AgentGroupService) AgentGroupHandler {
return AgentGroupHandler{svc: svc}
}
// ListAgentGroups lists all agent groups.
// GET /api/v1/agent-groups?page=1&per_page=50
func (h AgentGroupHandler) ListAgentGroups(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
Error(w, http.StatusMethodNotAllowed, "Method not allowed")
return
}
requestID := middleware.GetRequestID(r.Context())
page := 1
perPage := 50
query := r.URL.Query()
if p := query.Get("page"); p != "" {
if parsed, err := strconv.Atoi(p); err == nil && parsed > 0 {
page = parsed
}
}
if pp := query.Get("per_page"); pp != "" {
if parsed, err := strconv.Atoi(pp); err == nil && parsed > 0 && parsed <= 500 {
perPage = parsed
}
}
groups, total, err := h.svc.ListAgentGroups(r.Context(), page, perPage)
if err != nil {
ErrorWithRequestID(w, http.StatusInternalServerError, "Failed to list agent groups", requestID)
return
}
response := PagedResponse{
Data: groups,
Total: total,
Page: page,
PerPage: perPage,
}
JSON(w, http.StatusOK, response)
}
// GetAgentGroup retrieves a single agent group by ID.
// GET /api/v1/agent-groups/{id}
func (h AgentGroupHandler) GetAgentGroup(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
Error(w, http.StatusMethodNotAllowed, "Method not allowed")
return
}
requestID := middleware.GetRequestID(r.Context())
id := strings.TrimPrefix(r.URL.Path, "/api/v1/agent-groups/")
if id == "" || strings.Contains(id, "/") {
ErrorWithRequestID(w, http.StatusBadRequest, "Agent group ID is required", requestID)
return
}
group, err := h.svc.GetAgentGroup(r.Context(), id)
if err != nil {
// M-1: route through errToStatus so a repo-level `sql.ErrNoRows`
// (wrapped as repository.ErrNotFound) becomes 404, but a transient DB
// failure no longer masquerades as 404 — it correctly surfaces 500. The
// pre-M-1 "any error → 404" shortcut was plausible when Get's only
// expected failure was "not found", but the choke point now gives us
// correct dispatch for free. Mirrors GetProfile.
status := errToStatus(err)
msg := "Failed to get agent group"
if status == http.StatusNotFound {
msg = "Agent group not found"
}
ErrorWithRequestID(w, status, msg, requestID)
return
}
JSON(w, http.StatusOK, group)
}
// CreateAgentGroup creates a new agent group.
// POST /api/v1/agent-groups
func (h AgentGroupHandler) CreateAgentGroup(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
Error(w, http.StatusMethodNotAllowed, "Method not allowed")
return
}
requestID := middleware.GetRequestID(r.Context())
var group domain.AgentGroup
if err := json.NewDecoder(r.Body).Decode(&group); err != nil {
ErrorWithRequestID(w, http.StatusBadRequest, "Invalid request body", requestID)
return
}
if err := ValidateRequired("name", group.Name); err != nil {
ErrorWithRequestID(w, http.StatusBadRequest, err.Error(), requestID)
return
}
if err := ValidateStringLength("name", group.Name, 255); err != nil {
ErrorWithRequestID(w, http.StatusBadRequest, err.Error(), requestID)
return
}
created, err := h.svc.CreateAgentGroup(r.Context(), group)
if err != nil {
// M-1: replace the 2-term substring net (`"invalid"|"required"`) with a
// single `errors.Is(err, service.ErrValidation)` arm. validateAgentGroup
// wraps every field-specific failure via `fmt.Errorf("%w: <reason>",
// ErrValidation)`, so `err.Error()` still contains the human-readable
// reason (e.g., "agent group name is required") and can be safely passed
// to the 400 body — but the status decision no longer depends on the
// exact wording. Other errors redact to a generic 500. Mirrors
// CreateProfile.
if errors.Is(err, service.ErrValidation) {
ErrorWithRequestID(w, http.StatusBadRequest, err.Error(), requestID)
return
}
ErrorWithRequestID(w, http.StatusInternalServerError, "Failed to create agent group", requestID)
return
}
JSON(w, http.StatusCreated, created)
}
// UpdateAgentGroup updates an existing agent group.
// PUT /api/v1/agent-groups/{id}
func (h AgentGroupHandler) UpdateAgentGroup(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPut {
Error(w, http.StatusMethodNotAllowed, "Method not allowed")
return
}
requestID := middleware.GetRequestID(r.Context())
id := strings.TrimPrefix(r.URL.Path, "/api/v1/agent-groups/")
parts := strings.Split(id, "/")
if len(parts) == 0 || parts[0] == "" {
ErrorWithRequestID(w, http.StatusBadRequest, "Agent group ID is required", requestID)
return
}
id = parts[0]
var group domain.AgentGroup
if err := json.NewDecoder(r.Body).Decode(&group); err != nil {
ErrorWithRequestID(w, http.StatusBadRequest, "Invalid request body", requestID)
return
}
updated, err := h.svc.UpdateAgentGroup(r.Context(), id, group)
if err != nil {
// M-1: explicit ErrValidation arm preserves the user-facing reason in
// the 400 body (validateAgentGroup wraps every failure via
// `fmt.Errorf("%w: ...", ErrValidation)`); every other error — including
// repo-layer ErrNotFound on a missing row — routes through errToStatus
// so the 404/500 decision no longer depends on substring matching.
// Mirrors UpdateProfile.
if errors.Is(err, service.ErrValidation) {
ErrorWithRequestID(w, http.StatusBadRequest, err.Error(), requestID)
return
}
status := errToStatus(err)
msg := "Failed to update agent group"
if status == http.StatusNotFound {
msg = "Agent group not found"
}
ErrorWithRequestID(w, status, msg, requestID)
return
}
JSON(w, http.StatusOK, updated)
}
// DeleteAgentGroup deletes an agent group.
// DELETE /api/v1/agent-groups/{id}
func (h AgentGroupHandler) DeleteAgentGroup(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodDelete {
Error(w, http.StatusMethodNotAllowed, "Method not allowed")
return
}
requestID := middleware.GetRequestID(r.Context())
id := strings.TrimPrefix(r.URL.Path, "/api/v1/agent-groups/")
if id == "" || strings.Contains(id, "/") {
ErrorWithRequestID(w, http.StatusBadRequest, "Agent group ID is required", requestID)
return
}
if err := h.svc.DeleteAgentGroup(r.Context(), id); err != nil {
// M-1: sentinel dispatch replaces the substring 404 check — see the
// parallel comment block in UpdateAgentGroup for the rationale. Mirrors
// DeleteProfile.
status := errToStatus(err)
msg := "Failed to delete agent group"
if status == http.StatusNotFound {
msg = "Agent group not found"
}
ErrorWithRequestID(w, status, msg, requestID)
return
}
w.WriteHeader(http.StatusNoContent)
}
// ListAgentGroupMembers lists agents in a group.
// GET /api/v1/agent-groups/{id}/members
func (h AgentGroupHandler) ListAgentGroupMembers(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
Error(w, http.StatusMethodNotAllowed, "Method not allowed")
return
}
requestID := middleware.GetRequestID(r.Context())
// Parse ID from: /api/v1/agent-groups/{id}/members
path := strings.TrimPrefix(r.URL.Path, "/api/v1/agent-groups/")
parts := strings.Split(path, "/")
if len(parts) < 2 || parts[0] == "" {
ErrorWithRequestID(w, http.StatusBadRequest, "Agent group ID is required", requestID)
return
}
id := parts[0]
members, total, err := h.svc.ListMembers(r.Context(), id)
if err != nil {
ErrorWithRequestID(w, http.StatusInternalServerError, "Failed to list group members", requestID)
return
}
response := PagedResponse{
Data: members,
Total: total,
Page: 1,
PerPage: int(total),
}
JSON(w, http.StatusOK, response)
}
Reference in New Issue View Git Blame Copy Permalink