Rework api error handling

Signed-off-by: Florian Pritz <bluewind@xinu.at>

5 files changed, 77 insertions, 33 deletions

diff --git a/application/controllers/api.php b/application/controllers/api.php
index 7557c6c99..490f59c2c 100644
--- a/application/controllers/api.php
+++ b/application/controllers/api.php
@@ -18,35 +18,39 @@ class Api extends MY_Controller {
 	}
 
 	public function route() {
-		$requested_version = $this->uri->segment(2);
-		$controller = $this->uri->segment(3);
-		$function = $this->uri->segment(4);
-		$major = intval(explode(".", $requested_version)[0]);
-
-		if (!preg_match("/^[a-zA-Z-_]+$/", $controller)) {
-			return send_json_error_reply("api/invalid-controller-value", "Invalid controller requested");
-		}
-
-		if (!preg_match("/^[a-zA-Z-_]+$/", $function)) {
-			return send_json_error_reply("api/invalid-function-value", "Invalid function requested");
-		}
-
-		$namespace = "controllers\\api\\v".$major;
-		$class = $namespace."\\".$controller;
-		$class_info = $namespace."\\api_info";
-
-		if (!class_exists($class_info) || version_compare($class_info::get_version(), $requested_version, "<")) {
-			return send_json_error_reply("api/version-not-supported", "Requested API version is not supported");
-		}
-
-		if (!class_exists($class)) {
-			return send_json_error_reply("api/unknown-controller", "Unknown controller requested");
-		}
-
-		$c= new $class;
-		if (!method_exists($c, $function)) {
-			return send_json_error_reply("api/unknown-function", "Unknown function requested");
+		try {
+			$requested_version = $this->uri->segment(2);
+			$controller = $this->uri->segment(3);
+			$function = $this->uri->segment(4);
+			$major = intval(explode(".", $requested_version)[0]);
+
+			if (!preg_match("/^[a-zA-Z-_]+$/", $controller)) {
+				throw new \exceptions\PublicApiException("api/invalid-controller-value", "Invalid controller requested");
+			}
+
+			if (!preg_match("/^[a-zA-Z-_]+$/", $function)) {
+				throw new \exceptions\PublicApiException("api/invalid-function-value", "Invalid function requested");
+			}
+
+			$namespace = "controllers\\api\\v".$major;
+			$class = $namespace."\\".$controller;
+			$class_info = $namespace."\\api_info";
+
+			if (!class_exists($class_info) || version_compare($class_info::get_version(), $requested_version, "<")) {
+				throw new \exceptions\PublicApiException("api/version-not-supported", "Requested API version is not supported");
+			}
+
+			if (!class_exists($class)) {
+				throw new \exceptions\PublicApiException("api/unknown-controller", "Unknown controller requested");
+			}
+
+			$c= new $class;
+			if (!method_exists($c, $function)) {
+				throw new \exceptions\PublicApiException("api/unknown-function", "Unknown function requested");
+			}
+			return $c->$function();
+		} catch (\exceptions\PublicApiException $e) {
+			return send_json_error_reply($e->get_error_id(), $e->getMessage(), $e->get_data());
 		}
-		return $c->$function();
 	}
 }
diff --git a/application/controllers/api/v1/file.php b/application/controllers/api/v1/file.php
index 56455c01e..c291ae879 100644
--- a/application/controllers/api/v1/file.php
+++ b/application/controllers/api/v1/file.php
@@ -24,12 +24,12 @@ class file extends \controllers\api\api_controller {
 		$files = getNormalizedFILES();
 
 		if (empty($files)) {
-			show_error("No file was uploaded or unknown error occured.");
+			throw new \exceptions\PublicApiException("file/no-file", "No file was uploaded or unknown error occured.");
 		}
 
 		$errors = \service\files::verify_uploaded_files($files);
 		if (!empty($errors)) {
-			return send_json_error_reply("file/upload-verify-failed", "Failed to verify uploaded file", $errors);
+			throw new \exceptions\PublicApiException("file/upload-verify-failed", "Failed to verify uploaded file", $errors);
 		}
 
 		$limits = $this->muser->get_upload_id_limits();
diff --git a/application/exceptions/ApiException.php b/application/exceptions/ApiException.php
new file mode 100644
index 000000000..b288bbaa2
--- /dev/null
+++ b/application/exceptions/ApiException.php
@@ -0,0 +1,30 @@
+<?php
+/*
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+namespace exceptions;
+
+class ApiException extends \Exception {
+	private $error_id;
+	private $data;
+
+	public function __construct($error_id, $message, $data = null)
+	{
+		parent::__construct($message);
+
+		$this->error_id = $error_id;
+		$this->data = $data;
+	}
+
+	public function get_error_id()
+	{
+		return $this->error_id;
+	}
+
+	public function get_data()
+	{
+		return $this->data;
+	}
+}
diff --git a/application/exceptions/PublicApiException.php b/application/exceptions/PublicApiException.php
new file mode 100644
index 000000000..e7aa4360a
--- /dev/null
+++ b/application/exceptions/PublicApiException.php
@@ -0,0 +1,10 @@
+<?php
+/*
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+namespace exceptions;
+
+class PublicApiException extends ApiException {
+}
diff --git a/application/service/user.php b/application/service/user.php
index d06f78855..97f2531f9 100644
--- a/application/service/user.php
+++ b/application/service/user.php
@@ -26,11 +26,11 @@ class user {
 
 		$valid_levels = $CI->muser->get_access_levels();
 		if (array_search($access_level, $valid_levels) === false) {
-			show_error("Invalid access levels requested.");
+			throw new \exceptions\UserInputException("user/validation/access_level/invalid", "Invalid access levels requested.");
 		}
 
 		if (strlen($comment) > 255) {
-			show_error("Comment may only be 255 chars long.");
+			throw new \exceptions\UserInputException("user/validation/comment/too-long", "Comment may only be 255 chars long.");
 		}
 
 		$key = random_alphanum(32);