use send_error and redirect from Dancer

2013-06-03 19:59:04 +01:00
parent 3d1185261a
commit b0e804e558
18 changed files with 67 additions and 78 deletions
--- a/Netdisco/lib/App/Netdisco/Web/AdminTask.pm
+++ b/Netdisco/lib/App/Netdisco/Web/AdminTask.pm
@@ -11,8 +11,8 @@ sub add_job {
    if ($device) {
        $device = NetAddr::IP::Lite->new($device);
-        return unless $device
+        return send_error('Bad device', 400)
-          and $device->addr ne '0.0.0.0';
+          if ! $device or $device->addr eq '0.0.0.0';
    }
    try {
@@ -24,7 +24,7 @@ sub add_job {
          username => session('user'),
          userip => request->remote_address,
        });
-    }
+    };
 }
 # we have a separate list for jobs needing a device to avoid queueing
@@ -42,18 +42,22 @@ my %jobs_all = map {$_ => 1} qw/
 foreach my $jobtype (keys %jobs_all, keys %jobs) {
    ajax "/ajax/control/admin/$jobtype" => sub {
-        return unless var('user') and var('user')->admin;
+        send_error('Forbidden', 403)
-        return if exists $jobs{$jobtype} and not param('device');
+          unless var('user')->admin;
        send_error('Missing device', 400)
          if exists $jobs{$jobtype} and not param('device');
        add_job($jobtype, param('device'));
    };
    post "/admin/$jobtype" => sub {
-        return unless var('user') and var('user')->admin;
+        send_error('Forbidden', 403)
-        return if exists $jobs{$jobtype} and not param('device');
+          unless var('user')->admin;
-        add_job($jobtype, param('device'));
+        send_error('Missing device', 400)
          if exists $jobs{$jobtype} and not param('device');
-        status(302);
+        add_job($jobtype, param('device'));
-        header(Location => uri_for('/admin/jobqueue')->path_query());
+        redirect uri_for('/admin/jobqueue')->path_query;
    };
 }
@@ -61,9 +65,7 @@ get '/admin/*' => sub {
    my ($tag) = splat;
    if (! eval { var('user')->admin }) {
-        status(302);
+        return redirect uri_for('/')->path_query;
        header(Location => uri_for('/')->path_query());
        return;
    }
    # trick the ajax into working as if this were a tabbed page
--- a/Netdisco/lib/App/Netdisco/Web/AuthN.pm
+++ b/Netdisco/lib/App/Netdisco/Web/AuthN.pm
@@ -18,32 +18,31 @@ hook 'before' => sub {
    if (session('user') && session->id) {
        var(user => schema('netdisco')->resultset('User')
                                      ->find(session('user')));
-        var('user')->port_control(0)
+
-          if setting('no_port_control');
+        # really just for dev work, to quieten the logs
        var('user')->port_control(0) if setting('no_port_control');
    }
 };
 post '/login' => sub {
    status(302);
    if (param('username') and param('password')) {
        my $user = schema('netdisco')->resultset('User')->find(param('username'));
        if ($user) {
            my $sum = Digest::MD5::md5_hex(param('password'));
            if (($sum and $user->password) and ($sum eq $user->password)) {
                session(user => $user->username);
-                header(Location => uri_for('/inventory')->path_query());
+                return redirect uri_for('/inventory')->path_query;
                return;
            }
        }
    }
-    header(Location => uri_for('/', {failed => 1})->path_query());
+
    redirect uri_for('/', {failed => 1})->path_query;
 };
 get '/logout' => sub {
    session->destroy;
-    status(302);
+    redirect uri_for('/', {logout => 1})->path_query;
    header(Location => uri_for('/', {logout => 1})->path_query());
 };
 true;
--- a/Netdisco/lib/App/Netdisco/Web/Device.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Device.pm
@@ -116,9 +116,7 @@ get '/device' => sub {
    });
    if (!defined $dev) {
-        status(302);
+        return redirect uri_for('/', {nosuchdevice => 1})->path_query;
        header(Location => uri_for('/', {nosuchdevice => 1})->path_query());
        return;
    }
    params->{'tab'} ||= 'details';
--- a/Netdisco/lib/App/Netdisco/Web/Plugin.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin.pm
@@ -23,8 +23,7 @@ register 'register_template_path' => sub {
  my ($self, $path) = plugin_args(@_);
  if (!length $path) {
-      error "bad template path to register_template_paths";
+      return error "bad template path to register_template_paths";
      return;
  }
  unshift
@@ -36,13 +35,11 @@ sub _register_include {
  my ($type, $plugin) = @_;
  if (!length $type) {
-      error "bad type to _register_include";
+      return error "bad type to _register_include";
      return;
  }
  if (!length $plugin) {
-      error "bad plugin name to register_$type";
+      return error "bad plugin name to register_$type";
      return;
  }
  push @{ setting("_additional_$type") }, $plugin;
@@ -64,8 +61,7 @@ register 'register_device_port_column' => sub {
  $config->{position} ||= 'right';
  if (!length $config->{name} or !length $config->{label}) {
-      error "bad config to register_device_port_column";
+      return error "bad config to register_device_port_column";
      return;
  }
  foreach my $item (@{ setting('_extra_device_port_cols') }) {
@@ -85,8 +81,7 @@ register 'register_navbar_item' => sub {
      or !length $config->{path}
      or !length $config->{label}) {
-      error "bad config to register_navbar_item";
+      return error "bad config to register_navbar_item";
      return;
  }
  foreach my $item (@{ setting('_navbar_items') }) {
@@ -105,8 +100,7 @@ register 'register_admin_task' => sub {
  if (!length $config->{tag}
      or !length $config->{label}) {
-      error "bad config to register_admin_task";
+      return error "bad config to register_admin_task";
      return;
  }
  setting('_admin_tasks')->{ $config->{tag} } = $config;
@@ -119,8 +113,7 @@ sub _register_tab {
  if (!length $config->{tag}
      or !length $config->{label}) {
-      error "bad config to register_${nav}_item";
+      return error "bad config to register_${nav}_item";
      return;
  }
  foreach my $item (@{ $stash }) {
@@ -152,8 +145,7 @@ register 'register_report' => sub {
      or !length $config->{label}
      or 0 == scalar grep {$config->{category} eq $_} @categories) {
-      error "bad config to register_report";
+      return error "bad config to register_report";
      return;
  }
  foreach my $item (@{setting('_reports_menu')->{ $config->{category} }}) {
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/AdminTask/JobQueue.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/AdminTask/JobQueue.pm
@@ -12,8 +12,8 @@ register_admin_task({
 });
 ajax '/ajax/control/admin/jobqueue/del' => sub {
-    return unless var('user') and var('user')->admin;
+    send_error('Forbidden', 403) unless var('user')->admin;
-    return unless length param('job');
+    send_error('Missing job', 400) unless length param('job');
    schema('netdisco')->txn_do(sub {
      my $device = schema('netdisco')->resultset('Admin')
@@ -22,7 +22,7 @@ ajax '/ajax/control/admin/jobqueue/del' => sub {
 };
 ajax '/ajax/content/admin/jobqueue' => sub {
-    return unless var('user') and var('user')->admin;
+    send_error('Forbidden', 403) unless var('user')->admin;
    my $set = schema('netdisco')->resultset('Admin')
      ->with_times
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/AdminTask/PseudoDevice.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/AdminTask/PseudoDevice.pm
@@ -29,7 +29,7 @@ sub _sanity_ok {
 }
 ajax '/ajax/control/admin/pseudodevice/add' => sub {
-    return unless _sanity_ok();
+    send_error('Bad Request', 400) unless _sanity_ok();
    schema('netdisco')->txn_do(sub {
      my $device = schema('netdisco')->resultset('Device')
@@ -49,7 +49,7 @@ ajax '/ajax/control/admin/pseudodevice/add' => sub {
 };
 ajax '/ajax/control/admin/pseudodevice/del' => sub {
-    return unless _sanity_ok();
+    send_error('Bad Request', 400) unless _sanity_ok();
    schema('netdisco')->txn_do(sub {
      my $device = schema('netdisco')->resultset('Device')
@@ -61,7 +61,7 @@ ajax '/ajax/control/admin/pseudodevice/del' => sub {
 };
 ajax '/ajax/control/admin/pseudodevice/update' => sub {
-    return unless _sanity_ok();
+    send_error('Bad Request', 400) unless _sanity_ok();
    schema('netdisco')->txn_do(sub {
      my $device = schema('netdisco')->resultset('Device')
@@ -86,7 +86,7 @@ ajax '/ajax/control/admin/pseudodevice/update' => sub {
 };
 ajax '/ajax/content/admin/pseudodevice' => sub {
-    return unless var('user') and var('user')->admin;
+    send_error('Forbidden', 403) unless var('user')->admin;
    my $set = schema('netdisco')->resultset('Device')
      ->search(
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/AdminTask/Topology.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/AdminTask/Topology.pm
@@ -28,7 +28,7 @@ sub _sanity_ok {
 }
 ajax '/ajax/control/admin/topology/add' => sub {
-    return unless _sanity_ok();
+    send_error('Bad Request', 400) unless _sanity_ok();
    my $device = schema('netdisco')->resultset('Topology')
      ->create({
@@ -75,7 +75,7 @@ ajax '/ajax/control/admin/topology/add' => sub {
 };
 ajax '/ajax/control/admin/topology/del' => sub {
-    return unless _sanity_ok();
+    send_error('Bad Request', 400) unless _sanity_ok();
    schema('netdisco')->txn_do(sub {
      my $device = schema('netdisco')->resultset('Topology')
@@ -89,7 +89,7 @@ ajax '/ajax/control/admin/topology/del' => sub {
 };
 ajax '/ajax/content/admin/topology' => sub {
-    return unless var('user') and var('user')->admin;
+    send_error('Forbidden', 403) unless var('user')->admin;
    my $set = schema('netdisco')->resultset('Topology')
      ->search({},{order_by => [qw/dev1 dev2 port1/]});
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/Device/Addresses.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/Device/Addresses.pm
@@ -13,7 +13,7 @@ ajax '/ajax/content/device/addresses' => sub {
    my $q = param('q');
    my $device = schema('netdisco')->resultset('Device')
-      ->search_for_device($q) or return;
+      ->search_for_device($q) or send_error('Bad device', 400);
    my $set = $device->device_ips->search({}, {order_by => 'alias'});
    return unless $set->count;
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/Device/Details.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/Device/Details.pm
@@ -12,7 +12,7 @@ register_device_tab({ tag => 'details', label => 'Details' });
 ajax '/ajax/content/device/details' => sub {
    my $q = param('q');
    my $device = schema('netdisco')->resultset('Device')
-      ->with_times()->search_for_device($q) or return;
+      ->with_times()->search_for_device($q) or send_error('Bad device', 400);
    content_type('text/html');
    template 'ajax/device/details.tt', {
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/Device/Neighbors.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/Device/Neighbors.pm
@@ -43,7 +43,7 @@ get '/ajax/data/device/netmap' => sub {
    my $q = param('q');
    my $device = schema('netdisco')->resultset('Device')
-      ->search_for_device($q) or return;
+      ->search_for_device($q) or send_error('Bad device', 400);
    my $start = $device->ip;
    my @devices = schema('netdisco')->resultset('Device')->search({}, {
@@ -72,7 +72,7 @@ get '/ajax/data/device/netmap' => sub {
    _add_children($tree{children}, var('links')->{$start});
    content_type('application/json');
-    return to_json(\%tree);
+    to_json(\%tree);
 };
 ajax '/ajax/data/device/alldevicelinks' => sub {
@@ -93,7 +93,7 @@ ajax '/ajax/data/device/alldevicelinks' => sub {
    }
    content_type('application/json');
-    return to_json(\%tree);
+    to_json(\%tree);
 };
 true;
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/Device/Ports.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/Device/Ports.pm
@@ -14,7 +14,7 @@ ajax '/ajax/content/device/ports' => sub {
    my $q = param('q');
    my $device = schema('netdisco')->resultset('Device')
-      ->search_for_device($q) or return;
+      ->search_for_device($q) or send_error('Bad device', 400);
    my $set = $device->ports;
    # refine by ports if requested
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/Search/Device.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/Search/Device.pm
@@ -21,7 +21,7 @@ ajax '/ajax/content/search/device' => sub {
    }
    else {
        my $q = param('q');
-        return unless $q;
+        send_error('Missing query', 400) unless $q;
        $set = schema('netdisco')->resultset('Device')->search_fuzzy($q);
    }
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/Search/Node.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/Search/Node.pm
@@ -14,7 +14,7 @@ register_search_tab({ tag => 'node', label => 'Node' });
 # nodes matching the param as an IP or DNS hostname or MAC
 ajax '/ajax/content/search/node' => sub {
    my $node = param('q');
-    return unless $node;
+    send_error('Missing node', 400) unless $node;
    content_type('text/html');
    my $mac = Net::MAC->new(mac => $node, 'die' => 0, verbose => 0);
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/Search/Port.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/Search/Port.pm
@@ -11,7 +11,7 @@ register_search_tab({ tag => 'port', label => 'Port' });
 # device ports with a description (er, name) matching
 ajax '/ajax/content/search/port' => sub {
    my $q = param('q');
-    return unless $q;
+    send_error('Missing query', 400) unless $q;
    my $set;
    if ($q =~ m/^\d+$/) {
--- a/Netdisco/lib/App/Netdisco/Web/Plugin/Search/VLAN.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Plugin/Search/VLAN.pm
@@ -11,7 +11,7 @@ register_search_tab({ tag => 'vlan', label => 'VLAN' });
 # devices carrying vlan xxx
 ajax '/ajax/content/search/vlan' => sub {
    my $q = param('q');
-    return unless $q;
+    send_error('Missing query', 400) unless $q;
    my $set;
    if ($q =~ m/^\d+$/) {
--- a/Netdisco/lib/App/Netdisco/Web/PortControl.pm
+++ b/Netdisco/lib/App/Netdisco/Web/PortControl.pm
@@ -5,8 +5,10 @@ use Dancer::Plugin::Ajax;
 use Dancer::Plugin::DBIC;
 ajax '/ajax/portcontrol' => sub {
-    return unless var('user')->port_control;
+    send_error('Forbidden', 403)
-    return unless param('device') and param('port') and param('field');
+      unless var('user')->port_control;
    send_error('No device/port/field', 400)
      unless param('device') and param('port') and param('field');
    my $log = sprintf 'd:[%s] p:[%s] f:[%s]. a:[%s] v[%s]',
      param('device'), (param('port') || ''), param('field'),
@@ -21,7 +23,8 @@ ajax '/ajax/portcontrol' => sub {
      'c_power'  => 'power',
    );
-    return unless (param('action') or param('value'));
+    send_error('No action/value', 400)
      unless (param('action') or param('value'));
    my $action = $action_map{ param('field') };
    my $subaction = ($action =~ m/^(?:power|portcontrol)/
@@ -45,7 +48,7 @@ ajax '/ajax/portcontrol' => sub {
 ajax '/ajax/userlog' => sub {
    my $user = session('user');
-    send_error('No username') unless $user;
+    send_error('No username', 400) unless $user;
    my $rs = schema('netdisco')->resultset('Admin')->search({
      username => $user,
--- a/Netdisco/lib/App/Netdisco/Web/Search.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Search.pm
@@ -65,9 +65,7 @@ get '/search' => sub {
    if (not param('tab')) {
        if (not $q) {
-            status(302);
+            return redirect uri_for('/')->path_query;
            header(Location => uri_for('/')->path_query());
            return;
        }
        # pick most likely tab for initial results
@@ -80,13 +78,11 @@ get '/search' => sub {
            if ($nd and $nd->count) {
                if ($nd->count == 1) {
                    # redirect to device details for the one device
-                    status(302);
+                    return redirect uri_for('/device', {
                    header(Location => uri_for('/device', {
                      tab => 'details',
                      q => ($nd->first->dns || $nd->first->ip),
                      f => '',
-                    })->path_query());
+                    })->path_query;
                    return;
                }
                # multiple devices
--- a/Netdisco/lib/App/Netdisco/Web/TypeAhead.pm
+++ b/Netdisco/lib/App/Netdisco/Web/TypeAhead.pm
@@ -11,7 +11,7 @@ ajax '/ajax/data/devicename/typeahead' => sub {
    my $set = schema('netdisco')->resultset('Device')->search_fuzzy($q);
    content_type 'application/json';
-    return to_json [map {$_->dns || $_->name || $_->ip} $set->all];
+    to_json [map {$_->dns || $_->name || $_->ip} $set->all];
 };
 ajax '/ajax/data/deviceip/typeahead' => sub {
@@ -29,27 +29,26 @@ ajax '/ajax/data/deviceip/typeahead' => sub {
    }
    content_type 'application/json';
-    return to_json \@data;
+    to_json \@data;
 };
 ajax '/ajax/data/port/typeahead' => sub {
    my $dev  = param('dev1')  || param('dev2');
    my $port = param('port1') || param('port2');
-    return unless length $dev;
+    send_error('Missing device', 400) unless length $dev;
    my $device = schema('netdisco')->resultset('Device')
      ->find({ip => $dev});
-    return unless $device;
+    send_error('Bad device', 400) unless $device;
    my $set = $device->ports({},{order_by => 'port'});
    $set = $set->search({port => { -ilike => "\%$port\%" }})
      if length $port;
    my $results = [ sort { &App::Netdisco::Util::Web::sort_port($a->port, $b->port) } $set->all ];
    return unless scalar @$results;
    content_type 'application/json';
-    return to_json [map {$_->port} @$results];
+    to_json [map {$_->port} @$results];
 };
 true;