Harden local runtime safety and error handling

2026-03-15 16:28:32 +03:00
parent f0e6bba7e9
commit c964d66e64
25 changed files with 726 additions and 245 deletions
--- a/internal/handlers/setup.go
+++ b/internal/handlers/setup.go
@@ -1,6 +1,7 @@
 package handlers

 import (
+	"errors"
 	"fmt"
 	"html/template"
 	"log/slog"
@@ -12,8 +13,8 @@ import (
 	qfassets "git.mchus.pro/mchus/quoteforge"
 	"git.mchus.pro/mchus/quoteforge/internal/db"
 	"git.mchus.pro/mchus/quoteforge/internal/localdb"
-	mysqlDriver "github.com/go-sql-driver/mysql"
 	"github.com/gin-gonic/gin"
+	mysqlDriver "github.com/go-sql-driver/mysql"
 	gormmysql "gorm.io/driver/mysql"
 	"gorm.io/gorm"
 	"gorm.io/gorm/logger"
@@ -26,6 +27,8 @@ type SetupHandler struct {
 	restartSig chan struct{}
 }

+var errPermissionProbeRollback = errors.New("permission probe rollback")
+
 func NewSetupHandler(localDB *localdb.LocalDB, connMgr *db.ConnectionManager, _ string, restartSig chan struct{}) (*SetupHandler, error) {
 	funcMap := template.FuncMap{
 		"sub": func(a, b int) int { return a - b },
@@ -64,7 +67,8 @@ func (h *SetupHandler) ShowSetup(c *gin.Context) {

 	tmpl := h.templates["setup.html"]
 	if err := tmpl.ExecuteTemplate(c.Writer, "setup.html", data); err != nil {
-		c.String(http.StatusInternalServerError, "Template error: %v", err)
+		_ = c.Error(err)
+		c.String(http.StatusInternalServerError, "Template error")
 	}
 }

@@ -89,49 +93,16 @@ func (h *SetupHandler) TestConnection(c *gin.Context) {
 	}

 	dsn := buildMySQLDSN(host, port, database, user, password, 5*time.Second)
-
-	db, err := gorm.Open(gormmysql.Open(dsn), &gorm.Config{
-		Logger: logger.Default.LogMode(logger.Silent),
-	})
+	lotCount, canWrite, err := validateMariaDBConnection(dsn)
 	if err != nil {
+		_ = c.Error(err)
 		c.JSON(http.StatusOK, gin.H{
 			"success": false,
-			"error":   fmt.Sprintf("Connection failed: %v", err),
+			"error":   "Connection check failed",
 		})
 		return
 	}

-	sqlDB, err := db.DB()
-	if err != nil {
-		c.JSON(http.StatusOK, gin.H{
-			"success": false,
-			"error":   fmt.Sprintf("Failed to get database handle: %v", err),
-		})
-		return
-	}
-	defer sqlDB.Close()
-
-	if err := sqlDB.Ping(); err != nil {
-		c.JSON(http.StatusOK, gin.H{
-			"success": false,
-			"error":   fmt.Sprintf("Ping failed: %v", err),
-		})
-		return
-	}
-
-	// Check for required tables
-	var lotCount int64
-	if err := db.Table("lot").Count(&lotCount).Error; err != nil {
-		c.JSON(http.StatusOK, gin.H{
-			"success": false,
-			"error":   fmt.Sprintf("Table 'lot' not found or inaccessible: %v", err),
-		})
-		return
-	}
-
-	// Check write permission
-	canWrite := testWritePermission(db)
-
 	c.JSON(http.StatusOK, gin.H{
 		"success":   true,
 		"lot_count": lotCount,
@@ -164,26 +135,21 @@ func (h *SetupHandler) SaveConnection(c *gin.Context) {

 	// Test connection first
 	dsn := buildMySQLDSN(host, port, database, user, password, 5*time.Second)
-
-	db, err := gorm.Open(gormmysql.Open(dsn), &gorm.Config{
-		Logger: logger.Default.LogMode(logger.Silent),
-	})
-	if err != nil {
+	if _, _, err := validateMariaDBConnection(dsn); err != nil {
+		_ = c.Error(err)
 		c.JSON(http.StatusBadRequest, gin.H{
 			"success": false,
-			"error":   fmt.Sprintf("Connection failed: %v", err),
+			"error":   "Connection check failed",
 		})
 		return
 	}

-	sqlDB, _ := db.DB()
-	sqlDB.Close()
-
 	// Save settings
 	if err := h.localDB.SaveSettings(host, port, database, user, password); err != nil {
+		_ = c.Error(err)
 		c.JSON(http.StatusInternalServerError, gin.H{
 			"success": false,
-			"error":   fmt.Sprintf("Failed to save settings: %v", err),
+			"error":   "Failed to save settings",
 		})
 		return
 	}
@@ -232,22 +198,6 @@ func (h *SetupHandler) GetStatus(c *gin.Context) {
 	})
 }

-func testWritePermission(db *gorm.DB) bool {
-	// Simple check: try to create a temporary table and drop it
-	testTable := fmt.Sprintf("qt_write_test_%d", time.Now().UnixNano())
-
-	// Try to create a test table
-	err := db.Exec(fmt.Sprintf("CREATE TABLE %s (id INT)", testTable)).Error
-	if err != nil {
-		return false
-	}
-
-	// Drop it immediately
-	db.Exec(fmt.Sprintf("DROP TABLE %s", testTable))
-
-	return true
-}
-
 func buildMySQLDSN(host string, port int, database, user, password string, timeout time.Duration) string {
 	cfg := mysqlDriver.NewConfig()
 	cfg.User = user
@@ -263,3 +213,47 @@ func buildMySQLDSN(host string, port int, database, user, password string, timeo
 	}
 	return cfg.FormatDSN()
 }
+
+func validateMariaDBConnection(dsn string) (int64, bool, error) {
+	db, err := gorm.Open(gormmysql.Open(dsn), &gorm.Config{
+		Logger: logger.Default.LogMode(logger.Silent),
+	})
+	if err != nil {
+		return 0, false, fmt.Errorf("open MariaDB connection: %w", err)
+	}
+
+	sqlDB, err := db.DB()
+	if err != nil {
+		return 0, false, fmt.Errorf("get database handle: %w", err)
+	}
+	defer sqlDB.Close()
+
+	if err := sqlDB.Ping(); err != nil {
+		return 0, false, fmt.Errorf("ping MariaDB: %w", err)
+	}
+
+	var lotCount int64
+	if err := db.Table("lot").Count(&lotCount).Error; err != nil {
+		return 0, false, fmt.Errorf("check required table lot: %w", err)
+	}
+
+	return lotCount, testSyncWritePermission(db), nil
+}
+
+func testSyncWritePermission(db *gorm.DB) bool {
+	sentinel := fmt.Sprintf("quoteforge-permission-check-%d", time.Now().UnixNano())
+	err := db.Transaction(func(tx *gorm.DB) error {
+		if err := tx.Exec(`
+			INSERT INTO qt_client_schema_state (username, hostname, last_checked_at, updated_at)
+			VALUES (?, ?, NOW(), NOW())
+			ON DUPLICATE KEY UPDATE
+				last_checked_at = VALUES(last_checked_at),
+				updated_at = VALUES(updated_at)
+		`, sentinel, "setup-check").Error; err != nil {
+			return err
+		}
+		return errPermissionProbeRollback
+	})
+
+	return errors.Is(err, errPermissionProbeRollback)
+}