Add better error messages formatting

esl · Dec 15, 2021 · 866f878 · 866f878
1 parent d35b68b
commit 866f878
Show file tree

Hide file tree

Showing 5 changed files with 58 additions and 19 deletions.
diff --git a/src/mongoose_graphql.erl b/src/mongoose_graphql.erl
@@ -95,8 +95,8 @@ graphql_parse(Doc) ->
     case graphql:parse(Doc) of
         {ok, _} = Ok ->
             Ok;
-        {error, _} = Err ->
-            throw(Err)
+        {error, Err} ->
+            graphql_err:abort([], parse, Err)
     end.
 
 admin_mapping_rules() ->

diff --git a/src/mongoose_graphql/mongoose_graphql_cowboy_handler.erl b/src/mongoose_graphql/mongoose_graphql_cowboy_handler.erl
@@ -58,9 +58,15 @@ charsets_provided(Req, State) ->
     {[<<"utf-8">>], Req, State}.
 
 is_authorized(Req, State) ->
-    Auth = cowboy_req:parse_header(<<"authorization">>, Req),
-    State2 = check_auth(Auth, State),
-    {true, Req, State2}.
+    try cowboy_req:parse_header(<<"authorization">>, Req) of
+        Auth ->
+            State2 = check_auth(Auth, State),
+            {true, Req, State2}
+    catch
+        exit:Err ->
+            Msg = #{phase => authorize, error_term => Err},
+            reply_error(400, Msg, Req, State)
+    end.
 
 resource_exists(#{method := <<"GET">>} = Req, State) ->
     {true, Req, State};
@@ -179,15 +185,7 @@ operation_name([]) ->
     undefined.
 
 reply_error(Code, Msg, Req, State) ->
-    Errors =
-        case Msg of
-            {error, E} ->
-                graphql_err:format_errors(#{}, [E]);
-            _ ->
-                Formatted = iolist_to_binary(io_lib:format("~p", [Msg])),
-                [#{type => error, message => Formatted}]
-            end,
-
+    Errors = mongoose_graphql_errors:format_error(Msg),
     Body = jiffy:encode(#{errors => Errors}),
     Req2 = cowboy_req:set_resp_body(Body, Req),
     Reply = cowboy_req:reply(Code, Req2),

diff --git a/src/mongoose_graphql/mongoose_graphql_errors.erl b/src/mongoose_graphql/mongoose_graphql_errors.erl
@@ -1,9 +1,9 @@
 %% @doc Implements callbacks that format custom errors returned from resolvers or crashes. 
 -module(mongoose_graphql_errors).
 
--export([err/2, crash/2]).
+-export([format_error/1, format_errors/1, err/2, crash/2]).
 
--ignore_xref([err/2, crash/2]).
+-ignore_xref([format_error/1, format_errors/1, err/2, crash/2]).
 
 % callback invoked when resolver returns error tuple
 err(_Ctx, domain_not_found) ->
@@ -16,3 +16,39 @@ err(_Ctx, ErrorTerm) ->
 crash(_Ctx, #{type := Type}) ->
     #{message => <<"Unexpected ", Type/binary, " resolver crash">>,
       extensions => #{code => resolver_crash}}.
+
+format_errors(Errors) ->
+    [format_error(E) || E <- Errors].
+
+format_error(#{phase := Phase, error_term := Term}) when Phase =:= authorize;
+                                                         Phase =:= parse ->
+    #{extensions => #{code => err_code(Phase, Term)},
+      message => iolist_to_binary(err_msg(Phase, Term))};
+format_error(#{error_term := _} = Err) ->
+    graphql:format_errors(#{}, [Err]);
+format_error(Err) ->
+    #{extensions => #{code => uncathegorized_error},
+      message => iolist_to_binary(io_lib:format("~p", Err))}.
+
+%% Internal
+
+err_code(authorize, _Term) ->
+    authorization_error;
+err_code(parse, Term) ->
+    element(1, Term).
+
+err_msg(parse, Result) ->
+    parse_err_msg(Result);
+err_msg(authorize, Result) ->
+    authorize_err_msg(Result).
+
+authorize_err_msg({request_error, {header, <<"authorization">>}, _}) ->
+    "Malformed authorization header.Please consult the relevant specification.";
+authorize_err_msg({no_permissions, Op}) ->
+    io_lib:format("Cannot execute query ~s without permissions", [Op]).
+
+parse_err_msg({parser_error, {Line, graphql_parser, Msg}}) ->
+    io_lib:format("Cannot parse line ~B because of ~s", [Line, Msg]);
+parse_err_msg({scanner_error, {Line, graphql_scanner, Msg}}) ->
+    Formatted = lists:flatten(graphql_scanner:format_error(Msg)),
+    io_lib:format("Cannot scan line ~B because of ~s", [Line, Formatted]).
diff --git a/src/mongoose_graphql/mongoose_graphql_permissions.erl b/src/mongoose_graphql/mongoose_graphql_permissions.erl
@@ -45,7 +45,7 @@ check_permissions(OpName, false, #document{definitions = Definitions}) ->
                         true ->
                             ok;
                         false ->
-                            throw({error, no_permissions})
+                            graphql_err:abort([], authorize, {no_permissions, op_name(OpName)})
                     end;
                 false ->
                     ok
@@ -58,6 +58,11 @@ check_permissions(_, true, _) ->
 
 % Internal
 
+op_name(undefined) ->
+    <<"ROOT">>;
+op_name(Name) ->
+    Name.
+
 is_req_operation(#op{id = 'ROOT'}, undefined) ->
     true;
 is_req_operation(#op{id = {name, _, Name}}, Name) ->

diff --git a/test/mongoose_graphql_SUITE.erl b/test/mongoose_graphql_SUITE.erl
@@ -99,13 +99,13 @@ unauth_cannot_execute_protected_query(Config) ->
     Ep = ?config(endpoint, Config),
     Doc = <<"{ field }">>,
     Res = mongoose_graphql:execute(Ep, request(Doc, false)),
-    ?assertEqual({error, no_permissions}, Res).
+    ?assertMatch({error, #{error_term := {no_permissions, <<"ROOT">>}}}, Res).
 
 unauth_cannot_execute_protected_mutation(Config) ->
     Ep = ?config(endpoint, Config),
     Doc = <<"mutation { field }">>,
     Res = mongoose_graphql:execute(Ep, request(Doc, false)),
-    ?assertEqual({error, no_permissions}, Res).
+    ?assertMatch({error, #{error_term := {no_permissions, <<"ROOT">>}}}, Res).
 
 unauth_can_access_introspection(Config) ->
     Ep = ?config(endpoint, Config),