Skip to content

Commit

Permalink
Refactor do_handle_client_cert_auth_settings_post...
Browse files Browse the repository at this point in the history 
... in menelaus_web_cert

(unification of error handling)

Change-Id: Icee077a6af195a799362f25a0815058001785ca7
Reviewed-on: https://review.couchbase.org/c/ns_server/+/173305
Well-Formed: Build Bot <build@couchbase.com>
Reviewed-by: Artem Stemkovski <artem@couchbase.com>
Tested-by: Timofey Barmin <timofey.barmin@couchbase.com>
  • Loading branch information
@timofey-barmin
timofey-barmin committed Apr 7, 2022
1 parent 06dd89a commit 19f1d6d
Showing 1 changed file with 26 additions and 22 deletions.
48 changes: 26 additions & 22 deletions src/menelaus_web_cert.erl
View file
Expand Up @@ -745,31 +745,35 @@ do_handle_client_cert_auth_settings_post(Req, JSON) ->
end
end,

State = binary_to_list(StateRaw),
case length(PrefixesRaw) > ?MAX_CLIENT_CERT_PREFIXES of
true ->
Err = io_lib:format("Maximum number of prefixes supported is ~p",
[?MAX_CLIENT_CERT_PREFIXES]),
menelaus_util:reply_json(Req, list_to_binary(Err), 400);
throw({error, list_to_binary(Err)});
false ->
Prefixes = [[{binary_to_list(K), binary_to_list(V)} || {K, V} <- Triple]
|| {Triple} <- PrefixesRaw],

{Cfg0, Errors0} = validate_client_cert_auth_state(State, Prefixes, [], []),
{Cfg, Errors} = validate_client_cert_auth_prefixes(Prefixes, Cfg0, Errors0),

case Errors of
[] ->
case ns_ssl_services_setup:client_cert_auth() of
Cfg ->
menelaus_util:reply(Req, 200);
_ ->
ns_config:set(client_cert_auth, Cfg),
ns_audit:client_cert_auth(Req, Cfg),
menelaus_util:reply(Req, 202)
end;
_ ->
Out = [list_to_binary(Msg) || {error, Msg} <- Errors],
menelaus_util:reply_json(Req, Out, 400)
end
ok
end,

State = binary_to_list(StateRaw),

Prefixes = [[{binary_to_list(K), binary_to_list(V)} || {K, V} <- Triple]
|| {Triple} <- PrefixesRaw],

{Cfg0, Errors0} = validate_client_cert_auth_state(State, Prefixes, [], []),
{Cfg, Errors} = validate_client_cert_auth_prefixes(Prefixes, Cfg0, Errors0),

case Errors of
[] -> ok;
_ ->
Out = [list_to_binary(Msg) || {error, Msg} <- Errors],
throw({error, Out})
end,

case ns_ssl_services_setup:client_cert_auth() of
Cfg ->
menelaus_util:reply(Req, 200);
_ ->
ns_config:set(client_cert_auth, Cfg),
ns_audit:client_cert_auth(Req, Cfg),
menelaus_util:reply(Req, 202)
end.

0 comments on commit 19f1d6d

Please sign in to comment.