refactor(server/api): writeErr accepts error; migrate admin handlers (1/3)

Rewrite writeErr(w, err) to wrap *apierror.Error via apierror.From,
preserving the existing {"error": {"code", "message"}} wire envelope.
Add writeErrWithLog helper for 500-class errors that need an operator
log line. Migrate all 13 admin_*.go handler files (~76 call sites) to
the new signature; T3 will sweep the remaining api package.

The old 4-arg writeErr is removed, so non-admin call sites in
internal/api will not compile until T3 lands. This is by design — T2
and T3 are paired.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-05-07 19:48:25 -04:00
parent c919650606
commit 1cc7eb6cad
12 changed files with 229 additions and 139 deletions
+10 -14
View File
@@ -12,6 +12,7 @@ import (
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgtype"
"git.fabledsword.com/bvandeusen/minstrel/internal/apierror"
"git.fabledsword.com/bvandeusen/minstrel/internal/audit"
"git.fabledsword.com/bvandeusen/minstrel/internal/auth"
"git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq"
@@ -41,8 +42,7 @@ func (h *handlers) handleListInvites(w http.ResponseWriter, r *http.Request) {
q := dbq.New(h.pool)
rows, err := q.ListInvitesActive(r.Context())
if err != nil {
h.logger.Error("admin: list invites failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErrWithLog(w, h.logger, "admin: list invites failed", apierror.Internal(err))
return
}
out := make([]inviteResp, 0, len(rows))
@@ -59,7 +59,7 @@ type createInviteReq struct {
func (h *handlers) handleCreateInvite(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "auth_required", "")
writeErr(w, apierror.Unauthorized("auth_required", ""))
return
}
var req createInviteReq
@@ -70,8 +70,7 @@ func (h *handlers) handleCreateInvite(w http.ResponseWriter, r *http.Request) {
tokenBytes := make([]byte, 16)
if _, err := rand.Read(tokenBytes); err != nil {
h.logger.Error("admin: invite token gen failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErrWithLog(w, h.logger, "admin: invite token gen failed", apierror.Internal(err))
return
}
token := hex.EncodeToString(tokenBytes)
@@ -90,8 +89,7 @@ func (h *handlers) handleCreateInvite(w http.ResponseWriter, r *http.Request) {
ExpiresAt: pgtype.Timestamptz{Time: expiresAt, Valid: true},
})
if err != nil {
h.logger.Error("admin: create invite failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErrWithLog(w, h.logger, "admin: create invite failed", apierror.Internal(err))
return
}
@@ -106,12 +104,12 @@ func (h *handlers) handleCreateInvite(w http.ResponseWriter, r *http.Request) {
func (h *handlers) handleDeleteInvite(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "auth_required", "")
writeErr(w, apierror.Unauthorized("auth_required", ""))
return
}
token := chi.URLParam(r, "token")
if token == "" {
writeErr(w, http.StatusBadRequest, "invalid_token", "")
writeErr(w, apierror.BadRequest("invalid_token", ""))
return
}
q := dbq.New(h.pool)
@@ -119,16 +117,14 @@ func (h *handlers) handleDeleteInvite(w http.ResponseWriter, r *http.Request) {
// return a useful 404 vs 200.
if _, err := q.GetInviteByToken(r.Context(), token); err != nil {
if errors.Is(err, pgx.ErrNoRows) {
writeErr(w, http.StatusNotFound, "not_found", "")
writeErr(w, &apierror.Error{Status: http.StatusNotFound, Code: "not_found", Message: ""})
return
}
h.logger.Error("admin: get invite failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErrWithLog(w, h.logger, "admin: get invite failed", apierror.Internal(err))
return
}
if err := q.DeleteInvite(r.Context(), token); err != nil {
h.logger.Error("admin: delete invite failed", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "")
writeErrWithLog(w, h.logger, "admin: delete invite failed", apierror.Internal(err))
return
}
if err := audit.Write(r.Context(), h.pool, user.ID, pgtype.UUID{}, audit.ActionInviteRevoke,