feat: resource groups and domain endpoints #469
Conversation
| azureClient, err := azure.NewClient( | ||
| domainListRequest.AzureAuth.ClientID, | ||
| domainListRequest.AzureAuth.ClientSecret, | ||
| domainListRequest.AzureAuth.SubscriptionID, | ||
| domainListRequest.AzureAuth.TenantID, | ||
| ) | ||
| if err != nil { | ||
| c.JSON(http.StatusBadRequest, types.JSONFailureResponse{ | ||
| Message: err.Error(), | ||
| }) | ||
| return | ||
| } |
There was a problem hiding this comment.
No need to fix it right now but food for thought for the future...
The code that validates parameters makes sense it would return a HTTP Bad Request response whenever an error there occurs.
This code though makes no sense returning http.StatusBadRequest. This is an error that after you validated the parameters were there, that you simply couldn't create an Azure client. The error code would probably be some sort of authentication failure or, to avoid disclosing credential details, an Internal Server Error would probably be best!
| domains, err := azureClient.GetDNSDomains(context.Background(), domainListRequest.ResourceGroup) | ||
| if err != nil { | ||
| c.JSON(http.StatusBadRequest, types.JSONFailureResponse{ | ||
| Message: err.Error(), | ||
| }) | ||
| return | ||
| } |
There was a problem hiding this comment.
Same here, if you think about it, the data the client sent you was already "validated" at the top. Reaching here post validation to be told that you couldn't load DNS domains seems wrong to, at the same time, return http.StatusBadRequest.
The whole idea of having a REST API is that the API should have a "representational state transfer" (or REST xD) and it's a bad representation that every single error is attributed to the user in the sense that they made a bad request. Talk about gaslighting! 😆
Description