refactor: rename package errors to zerrors (#7039)

* chore: rename package errors to zerrors * rename package errors to gerrors * fix error related linting issues * fix zitadel error assertion * fix gosimple linting issues * fix deprecated linting issues * resolve gci linting issues * fix import structure --------- Co-authored-by: Elio Bischof <elio@zitadel.com>
2025-08-11 21:37:32 +00:00 · 2023-12-08 16:30:55 +02:00
parent ddbea119f1
commit f680dd934d
798 changed files with 5809 additions and 5813 deletions
--- a/internal/api/authz/access_token_test.go
+++ b/internal/api/authz/access_token_test.go
@@ -4,7 +4,7 @@ import (
 	"context"
 	"testing"

-	"github.com/zitadel/zitadel/internal/errors"
+	"github.com/zitadel/zitadel/internal/zerrors"
 )

 func Test_extractBearerToken(t *testing.T) {
@@ -58,7 +58,7 @@ func Test_extractBearerToken(t *testing.T) {
 				t.Errorf("got wrong result, should not get err: actual: %v ", err)
 			}

-			if tt.wantErr && !errors.IsUnauthenticated(err) {
+			if tt.wantErr && !zerrors.IsUnauthenticated(err) {
 				t.Errorf("got wrong err: %v ", err)
 			}
 		})
--- a/internal/api/authz/authorization.go
+++ b/internal/api/authz/authorization.go
@@ -6,8 +6,8 @@ import (
 	"reflect"
 	"strings"

-	"github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/telemetry/tracing"
+	"github.com/zitadel/zitadel/internal/zerrors"
 )

 const (
@@ -56,7 +56,7 @@ func CheckUserAuthorization(ctx context.Context, req interface{}, token, orgID,

 func checkUserPermissions(req interface{}, userPerms []string, authOpt Option) error {
 	if len(userPerms) == 0 {
-		return errors.ThrowPermissionDenied(nil, "AUTH-5mWD2", "No matching permissions found")
+		return zerrors.ThrowPermissionDenied(nil, "AUTH-5mWD2", "No matching permissions found")
 	}

 	if authOpt.CheckParam == "" {
@@ -71,7 +71,7 @@ func checkUserPermissions(req interface{}, userPerms []string, authOpt Option) e
 		return nil
 	}

-	return errors.ThrowPermissionDenied(nil, "AUTH-3jknH", "No matching permissions found")
+	return zerrors.ThrowPermissionDenied(nil, "AUTH-3jknH", "No matching permissions found")
 }

 func SplitPermission(perm string) (string, string) {
--- a/internal/api/authz/authorization_test.go
+++ b/internal/api/authz/authorization_test.go
@@ -3,7 +3,7 @@ package authz
 import (
 	"testing"

-	"github.com/zitadel/zitadel/internal/errors"
+	"github.com/zitadel/zitadel/internal/zerrors"
 )

 type TestRequest struct {
@@ -77,7 +77,7 @@ func Test_CheckUserPermissions(t *testing.T) {
 				t.Errorf("shouldn't get err: %v ", err)
 			}

-			if tt.wantErr && !errors.IsPermissionDenied(err) {
+			if tt.wantErr && !zerrors.IsPermissionDenied(err) {
 				t.Errorf("got wrong err: %v ", err)
 			}
 		})
--- a/internal/api/authz/context.go
+++ b/internal/api/authz/context.go
@@ -11,8 +11,8 @@ import (

 	"github.com/zitadel/zitadel/internal/api/grpc"
 	http_util "github.com/zitadel/zitadel/internal/api/http"
-	zitadel_errors "github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/telemetry/tracing"
+	"github.com/zitadel/zitadel/internal/zerrors"
 )

 type key int
@@ -105,7 +105,7 @@ func VerifyTokenAndCreateCtxData(ctx context.Context, token, orgID, orgDomain st
 	}
 	userID, clientID, agentID, prefLang, resourceOwner, err := t.VerifyAccessToken(ctx, tokenWOBearer)
 	var sysMemberships Memberships
-	if err != nil && !zitadel_errors.IsUnauthenticated(err) {
+	if err != nil && !zerrors.IsUnauthenticated(err) {
 		return CtxData{}, err
 	}
 	if err != nil {
@@ -113,7 +113,7 @@ func VerifyTokenAndCreateCtxData(ctx context.Context, token, orgID, orgDomain st
 		var sysTokenErr error
 		sysMemberships, userID, sysTokenErr = t.VerifySystemToken(ctx, tokenWOBearer, orgID)
 		if sysTokenErr != nil || sysMemberships == nil {
-			return CtxData{}, zitadel_errors.ThrowUnauthenticated(errors.Join(err, sysTokenErr), "AUTH-7fs1e", "Errors.Token.Invalid")
+			return CtxData{}, zerrors.ThrowUnauthenticated(errors.Join(err, sysTokenErr), "AUTH-7fs1e", "Errors.Token.Invalid")
 		}
 	}
 	var projectID string
@@ -121,7 +121,7 @@ func VerifyTokenAndCreateCtxData(ctx context.Context, token, orgID, orgDomain st
 	if clientID != "" {
 		projectID, origins, err = t.ProjectIDAndOriginsByClientID(ctx, clientID)
 		if err != nil {
-			return CtxData{}, zitadel_errors.ThrowPermissionDenied(err, "AUTH-GHpw2", "could not read projectid by clientid")
+			return CtxData{}, zerrors.ThrowPermissionDenied(err, "AUTH-GHpw2", "could not read projectid by clientid")
 		}
 		// We used to check origins for every token, but service users shouldn't be used publicly (native app / SPA).
 		// Therefore, mostly won't send an origin and aren't able to configure them anyway.
@@ -137,7 +137,7 @@ func VerifyTokenAndCreateCtxData(ctx context.Context, token, orgID, orgDomain st
 	if orgID != "" {
 		orgID, err = t.ExistsOrg(ctx, orgID, orgDomain)
 		if err != nil {
-			return CtxData{}, zitadel_errors.ThrowPermissionDenied(nil, "AUTH-Bs7Ds", "Organisation doesn't exist")
+			return CtxData{}, zerrors.ThrowPermissionDenied(nil, "AUTH-Bs7Ds", "Organisation doesn't exist")
 		}
 	}
 	return CtxData{
@@ -176,13 +176,13 @@ func checkOrigin(ctx context.Context, origins []string) error {
 	if http_util.IsOriginAllowed(origins, origin) {
 		return nil
 	}
-	return zitadel_errors.ThrowPermissionDenied(nil, "AUTH-DZG21", "Errors.OriginNotAllowed")
+	return zerrors.ThrowPermissionDenied(nil, "AUTH-DZG21", "Errors.OriginNotAllowed")
 }

 func extractBearerToken(token string) (part string, err error) {
 	parts := strings.Split(token, BearerPrefix)
 	if len(parts) != 2 {
-		return "", zitadel_errors.ThrowUnauthenticated(nil, "AUTH-7fs1e", "invalid auth header")
+		return "", zerrors.ThrowUnauthenticated(nil, "AUTH-7fs1e", "invalid auth header")
 	}
 	return parts[1], nil
 }
--- a/internal/api/authz/permissions.go
+++ b/internal/api/authz/permissions.go
@@ -3,8 +3,8 @@ package authz
 import (
 	"context"

-	"github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/telemetry/tracing"
+	"github.com/zitadel/zitadel/internal/zerrors"
 )

 func CheckPermission(ctx context.Context, resolver MembershipsResolver, roleMappings []RoleMapping, permission, orgID, resourceID string) (err error) {
@@ -27,7 +27,7 @@ func getUserPermissions(ctx context.Context, resolver MembershipsResolver, requi
 	defer func() { span.EndWithError(err) }()

 	if ctxData.IsZero() {
-		return nil, nil, errors.ThrowUnauthenticated(nil, "AUTH-rKLWEH", "context missing")
+		return nil, nil, zerrors.ThrowUnauthenticated(nil, "AUTH-rKLWEH", "context missing")
 	}

 	if ctxData.SystemMemberships != nil {
@@ -43,7 +43,7 @@ func getUserPermissions(ctx context.Context, resolver MembershipsResolver, requi
 	if len(memberships) == 0 {
 		memberships, err = resolver.SearchMyMemberships(ctx, orgID, true)
 		if len(memberships) == 0 {
-			return nil, nil, errors.ThrowNotFound(nil, "AUTHZ-cdgFk", "membership not found")
+			return nil, nil, zerrors.ThrowNotFound(nil, "AUTHZ-cdgFk", "membership not found")
 		}
 		if err != nil {
 			return nil, nil, err
@@ -57,7 +57,7 @@ func getUserPermissions(ctx context.Context, resolver MembershipsResolver, requi
 // or the specific resource (project.write:123)
 func checkUserResourcePermissions(userPerms []string, resourceID string) error {
 	if len(userPerms) == 0 {
-		return errors.ThrowPermissionDenied(nil, "AUTH-AWfge", "No matching permissions found")
+		return zerrors.ThrowPermissionDenied(nil, "AUTH-AWfge", "No matching permissions found")
 	}

 	if resourceID == "" {
@@ -72,7 +72,7 @@ func checkUserResourcePermissions(userPerms []string, resourceID string) error {
 		return nil
 	}

-	return errors.ThrowPermissionDenied(nil, "AUTH-Swrgg2", "No matching permissions found")
+	return zerrors.ThrowPermissionDenied(nil, "AUTH-Swrgg2", "No matching permissions found")
 }

 func hasContextResourcePermission(permissions []string, resourceID string) bool {
--- a/internal/api/authz/permissions_test.go
+++ b/internal/api/authz/permissions_test.go
@@ -4,7 +4,7 @@ import (
 	"context"
 	"testing"

-	caos_errs "github.com/zitadel/zitadel/internal/errors"
+	"github.com/zitadel/zitadel/internal/zerrors"
 )

 func equalStringArray(a, b []string) bool {
@@ -61,7 +61,7 @@ func Test_GetUserPermissions(t *testing.T) {
 				},
 			},
 			wantErr: true,
-			errFunc: caos_errs.IsUnauthenticated,
+			errFunc: zerrors.IsUnauthenticated,
 			result:  []string{"project.read"},
 		},
 		{
@@ -563,7 +563,7 @@ func Test_CheckUserResourcePermissions(t *testing.T) {
 				t.Errorf("shouldn't get err: %v ", err)
 			}

-			if tt.wantErr && !caos_errs.IsPermissionDenied(err) {
+			if tt.wantErr && !zerrors.IsPermissionDenied(err) {
 				t.Errorf("got wrong err: %v ", err)
 			}
 		})
--- a/internal/api/authz/session_token.go
+++ b/internal/api/authz/session_token.go
@@ -6,8 +6,8 @@ import (
 	"fmt"

 	"github.com/zitadel/zitadel/internal/crypto"
-	zitadel_errors "github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/telemetry/tracing"
+	"github.com/zitadel/zitadel/internal/zerrors"
 )

 const (
@@ -25,7 +25,7 @@ func SessionTokenVerifier(algorithm crypto.EncryptionAlgorithm) func(ctx context
 		token, err := algorithm.DecryptString(decodedToken, algorithm.EncryptionKeyID())
 		spanPasswordComparison.EndWithError(err)
 		if err != nil || token != fmt.Sprintf(SessionTokenFormat, sessionID, tokenID) {
-			return zitadel_errors.ThrowPermissionDenied(err, "COMMAND-sGr42", "Errors.Session.Token.Invalid")
+			return zerrors.ThrowPermissionDenied(err, "COMMAND-sGr42", "Errors.Session.Token.Invalid")
 		}
 		return nil
 	}
--- a/internal/api/authz/system_token.go
+++ b/internal/api/authz/system_token.go
@@ -12,7 +12,7 @@ import (
 	"github.com/zitadel/oidc/v3/pkg/op"

 	"github.com/zitadel/zitadel/internal/crypto"
-	zitadel_errors "github.com/zitadel/zitadel/internal/errors"
+	"github.com/zitadel/zitadel/internal/zerrors"
 )

 var _ SystemTokenVerifier = (*SystemTokenVerifierFromConfig)(nil)
@@ -61,7 +61,7 @@ func (s *SystemTokenVerifierFromConfig) VerifySystemToken(ctx context.Context, t
 	}
 	systemUserMemberships, ok := s.systemUsers[jwtReq.Subject]
 	if !ok {
-		return nil, "", zitadel_errors.ThrowPermissionDenied(nil, "AUTH-Bohd2", "Errors.User.UserIDWrong")
+		return nil, "", zerrors.ThrowPermissionDenied(nil, "AUTH-Bohd2", "Errors.User.UserIDWrong")
 	}
 	matchingMemberships = make(Memberships, 0, len(systemUserMemberships))
 	for _, membership := range systemUserMemberships {
@@ -91,7 +91,7 @@ func (s *SystemAPIUser) readKey() (*rsa.PublicKey, error) {
 		var err error
 		s.KeyData, err = os.ReadFile(s.Path)
 		if err != nil {
-			return nil, zitadel_errors.ThrowInternal(err, "AUTHZ-JK31F", "Errors.NotFound")
+			return nil, zerrors.ThrowInternal(err, "AUTHZ-JK31F", "Errors.NotFound")
 		}
 	}
 	return crypto.BytesToPublicKey(s.KeyData)
@@ -104,7 +104,7 @@ func (s *systemJWTStorage) GetKeyByIDAndClientID(_ context.Context, _, userID st
 	}
 	key, ok := s.keys[userID]
 	if !ok {
-		return nil, zitadel_errors.ThrowNotFound(nil, "AUTHZ-asfd3", "Errors.User.NotFound")
+		return nil, zerrors.ThrowNotFound(nil, "AUTHZ-asfd3", "Errors.User.NotFound")
 	}
 	s.mutex.Lock()
 	defer s.mutex.Unlock()
--- a/internal/api/authz/user.go
+++ b/internal/api/authz/user.go
@@ -3,14 +3,14 @@ package authz
 import (
 	"context"

-	"github.com/zitadel/zitadel/internal/errors"
+	"github.com/zitadel/zitadel/internal/zerrors"
 )

 // UserIDInCTX checks if the userID
 // equals the authenticated user in the context.
 func UserIDInCTX(ctx context.Context, userID string) error {
 	if GetCtxData(ctx).UserID != userID {
-		return errors.ThrowPermissionDenied(nil, "AUTH-Bohd2", "Errors.User.UserIDWrong")
+		return zerrors.ThrowPermissionDenied(nil, "AUTH-Bohd2", "Errors.User.UserIDWrong")
 	}
 	return nil
 }