From 383f677ad6fe3192725162e0419c61fb76d76c90 Mon Sep 17 00:00:00 2001
From: Peter Nemere <peter.nemere@qut.edu.au>
Date: Wed, 20 Mar 2024 10:08:01 +1000
Subject: [PATCH 1/2] Moved auth0 dummy data to new file to allow go tests to
 still compile but also not check in user data, so it's now only on local
 machine. If it's lost we can regenerate from auth0 anyway

---
 .gitignore | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index e8eebc92..e91cc351 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,7 +7,7 @@ __debug_bin.exe
 #generated-protos/
 api/ws/wsMessage.go
 /OLDCODE
-auth0dummy.go
+auth0dummy-LOCAL-ONLY.go
 /local-mongo/dbseed/from-prod-Jan2024/
 /local-mongo/dbseed/migrated/
 /local-mongo/dbseed/migration-source/

From 310feaa2c24ae8ab377de23aeb5e9c88cef34bbe Mon Sep 17 00:00:00 2001
From: Peter Nemere <peter.nemere@qut.edu.au>
Date: Thu, 21 Mar 2024 15:37:38 +1000
Subject: [PATCH 2/2] Clarifying error msgs for view access (now specifies
 object type), fixed a naked mongo no document error going out (saw this in
 sentry then locally), tests updated

---
 .gitignore                                    |  2 +-
 api/ws/wsHelpers/db.go                        |  4 +++
 api/ws/wsHelpers/ownership.go                 |  2 +-
 .../testExpressionRuntime.go                  |  5 ++++
 .../api-integration-test/testImageUploads.go  |  2 +-
 .../testQuantGetListDelete.go                 |  6 ++---
 .../api-integration-test/testQuantMulti.go    |  2 +-
 .../api-integration-test/testScanData.go      | 26 +++++++++----------
 .../api-integration-test/testUserContent.go   | 10 +++----
 9 files changed, 34 insertions(+), 25 deletions(-)

diff --git a/.gitignore b/.gitignore
index e91cc351..51be1fa0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,7 +7,7 @@ __debug_bin.exe
 #generated-protos/
 api/ws/wsMessage.go
 /OLDCODE
-auth0dummy-LOCAL-ONLY.go
+auth0dummy-LOCAL-ONLY.go-
 /local-mongo/dbseed/from-prod-Jan2024/
 /local-mongo/dbseed/migrated/
 /local-mongo/dbseed/migration-source/
diff --git a/api/ws/wsHelpers/db.go b/api/ws/wsHelpers/db.go
index 3da208da..f4d52bf1 100644
--- a/api/ws/wsHelpers/db.go
+++ b/api/ws/wsHelpers/db.go
@@ -74,6 +74,10 @@ func GetUserObjectById[T any](forEditing bool, objectId string, objectType proto
 
 	result := hctx.Svcs.MongoDB.Collection(collectionName).FindOne(context.TODO(), bson.M{"_id": objectId})
 	if result.Err() != nil {
+		if result.Err() == mongo.ErrNoDocuments {
+			return nil, nil, errorwithstatus.MakeNotFoundError(objectId)
+		}
+
 		return nil, nil, result.Err()
 	}
 
diff --git a/api/ws/wsHelpers/ownership.go b/api/ws/wsHelpers/ownership.go
index 356e9942..7f220c62 100644
--- a/api/ws/wsHelpers/ownership.go
+++ b/api/ws/wsHelpers/ownership.go
@@ -93,7 +93,7 @@ func CheckObjectAccessForUser(requireEdit bool, objectId string, objectType prot
 	}
 
 	// Access denied
-	return nil, errorwithstatus.MakeUnauthorisedError(fmt.Errorf("%v access denied for: %v", accessType, objectId))
+	return nil, errorwithstatus.MakeUnauthorisedError(fmt.Errorf("%v access denied for: %v (%v)", accessType, objectType.String(), objectId))
 }
 
 // Gets all object IDs which the user has access to - if requireEdit is true, it checks for edit access
diff --git a/internal/cmd-line-tools/api-integration-test/testExpressionRuntime.go b/internal/cmd-line-tools/api-integration-test/testExpressionRuntime.go
index b49fe885..ae178ee0 100644
--- a/internal/cmd-line-tools/api-integration-test/testExpressionRuntime.go
+++ b/internal/cmd-line-tools/api-integration-test/testExpressionRuntime.go
@@ -112,6 +112,11 @@ func testExpressionRuntimeMsgs(apiHost string) {
 		`{"msgId":5,"status":"WS_OK", "expressionDeleteResp":{}}`,
 	)
 
+	u1.AddSendReqAction("Read expression back expecting runtime stats",
+		`{"expressionGetReq":{ "id": "non-existant-id"}}`,
+		`{"msgId": 6, "status":"WS_NOT_FOUND", "errorText": "non-existant-id not found", "expressionGetResp":{}}`,
+	)
+
 	u1.CloseActionGroup([]string{}, 5000)
 	wstestlib.ExecQueuedActions(&u1)
 }
diff --git a/internal/cmd-line-tools/api-integration-test/testImageUploads.go b/internal/cmd-line-tools/api-integration-test/testImageUploads.go
index 785b8f72..ca8bcad6 100644
--- a/internal/cmd-line-tools/api-integration-test/testImageUploads.go
+++ b/internal/cmd-line-tools/api-integration-test/testImageUploads.go
@@ -139,7 +139,7 @@ func testImageUpload(apiHost string, userId1 string, userId2 string) {
 		`{
 			"msgId": 7,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"imageUploadResp": {}
 		}`,
 	)
diff --git a/internal/cmd-line-tools/api-integration-test/testQuantGetListDelete.go b/internal/cmd-line-tools/api-integration-test/testQuantGetListDelete.go
index c589e742..1708ed04 100644
--- a/internal/cmd-line-tools/api-integration-test/testQuantGetListDelete.go
+++ b/internal/cmd-line-tools/api-integration-test/testQuantGetListDelete.go
@@ -127,7 +127,7 @@ func testQuantGetListDelete(apiHost string) {
 		fmt.Sprintf(`{"quantGetReq":{"quantId": "%v"}}`, quantId),
 		fmt.Sprintf(`{
 			"msgId":4,"status":"WS_NO_PERMISSION",
-			"errorText": "View access denied for: %v", "quantGetResp":{}}`, quantId),
+			"errorText": "View access denied for: OT_QUANTIFICATION (%v)", "quantGetResp":{}}`, quantId),
 	)
 
 	u1.CloseActionGroup([]string{}, 5000)
@@ -551,7 +551,7 @@ func testQuantGetListDelete(apiHost string) {
 
 	u1.AddSendReqAction("Delete quant (should fail, we're viewers!)",
 		fmt.Sprintf(`{"quantDeleteReq":{"quantId": "%v" }}`, quantId),
-		fmt.Sprintf(`{"msgId":10,"status":"WS_NO_PERMISSION", "errorText": "Edit access denied for: %v", "quantDeleteResp":{}}`, quantId),
+		fmt.Sprintf(`{"msgId":10,"status":"WS_NO_PERMISSION", "errorText": "Edit access denied for: OT_QUANTIFICATION (%v)", "quantDeleteResp":{}}`, quantId),
 	)
 
 	u1.CloseActionGroup([]string{}, 5000)
@@ -574,7 +574,7 @@ func testQuantGetListDelete(apiHost string) {
 		fmt.Sprintf(`{"quantGetReq":{"quantId": "%v"}}`, quantId),
 		fmt.Sprintf(`{
 			"msgId":2,"status":"WS_NO_PERMISSION",
-			"errorText": "View access denied for: %v", "quantGetResp":{}}`, quantId),
+			"errorText": "View access denied for: OT_QUANTIFICATION (%v)", "quantGetResp":{}}`, quantId),
 	)
 
 	u2.CloseActionGroup([]string{}, 5000)
diff --git a/internal/cmd-line-tools/api-integration-test/testQuantMulti.go b/internal/cmd-line-tools/api-integration-test/testQuantMulti.go
index eced5cbc..ddf37406 100644
--- a/internal/cmd-line-tools/api-integration-test/testQuantMulti.go
+++ b/internal/cmd-line-tools/api-integration-test/testQuantMulti.go
@@ -141,7 +141,7 @@ func testMultiQuant(apiHost string) {
 				}
 			]
 		}}`, scanId),
-		fmt.Sprintf(`{"msgId":7,"status":"WS_NO_PERMISSION","errorText":"View access denied for: %s","quantCombineResp":{}}`, scanId),
+		fmt.Sprintf(`{"msgId":7,"status":"WS_NO_PERMISSION","errorText":"View access denied for: OT_SCAN (%s)","quantCombineResp":{}}`, scanId),
 	)
 
 	u1.CloseActionGroup([]string{}, 10000)
diff --git a/internal/cmd-line-tools/api-integration-test/testScanData.go b/internal/cmd-line-tools/api-integration-test/testScanData.go
index 200e135e..04eea278 100644
--- a/internal/cmd-line-tools/api-integration-test/testScanData.go
+++ b/internal/cmd-line-tools/api-integration-test/testScanData.go
@@ -415,7 +415,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{
 			"msgId": 1,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"pseudoIntensityResp": {}
 		}`,
 	)
@@ -425,7 +425,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{
 			"msgId": 2,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"spectrumResp": {}
 		}`,
 	)
@@ -435,7 +435,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{
 			"msgId": 3,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"spectrumResp": {}
 		}`,
 	)
@@ -444,7 +444,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{"scanMetaLabelsAndTypesReq":{"scanId": "048300551"}}`,
 		`{"msgId":4,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"scanMetaLabelsAndTypesResp":{}
 		}`,
 	)
@@ -453,7 +453,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{"scanEntryReq":{"scanId": "048300551", "entries": {"indexes": [128,-1,131]}}}`,
 		`{"msgId":5,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"scanEntryResp":{}
 		}`,
 	)
@@ -462,7 +462,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{"scanEntryMetadataReq":{"scanId": "048300551", "entries": {"indexes": [128,-1,131]}}}`,
 		`{"msgId":6,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"scanEntryMetadataResp":{}
 		}`,
 	)
@@ -471,7 +471,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{"scanBeamLocationsReq":{"scanId": "048300551", "entries": {"indexes": [128,-1,131]}}}`,
 		`{"msgId":7,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"scanBeamLocationsResp":{}
 		}`,
 	)
@@ -480,7 +480,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{"imageListReq":{"scanIds": ["048300551"]}}`,
 		`{"msgId":8,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"imageListResp":{}
 		}`,
 	)
@@ -489,7 +489,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{"imageGetReq":{"imageName": "048300551/PCW_0125_0678031992_000RCM_N00417120483005510091075J02.png"}}`,
 		`{"msgId":9,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "User cannot access scan 048300551 associated with image 048300551/PCW_0125_0678031992_000RCM_N00417120483005510091075J02.png. Error: View access denied for: 048300551",
+			"errorText": "User cannot access scan 048300551 associated with image 048300551/PCW_0125_0678031992_000RCM_N00417120483005510091075J02.png. Error: View access denied for: OT_SCAN (048300551)",
 			"imageGetResp":{}
 		}`,
 	)
@@ -498,7 +498,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{"detectedDiffractionPeaksReq":{"scanId": "048300551", "entries": {"indexes": [128,-1,131]}}}`,
 		`{"msgId":10,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "View access denied for: 048300551",
+			"errorText": "View access denied for: OT_SCAN (048300551)",
 			"detectedDiffractionPeaksResp":{}
 		}`,
 	)
@@ -507,7 +507,7 @@ func testScanDataNoPermission(apiHost string) {
 		`{"scanMetaWriteReq":{"scanId": "048300551", "title": "Something", "description": "The blah"}}`,
 		`{"msgId":11,
 			"status": "WS_NO_PERMISSION",
-			"errorText": "Edit access denied for: 048300551",
+			"errorText": "Edit access denied for: OT_SCAN (048300551)",
 			"scanMetaWriteResp": {}
 		}`,
 	)
@@ -517,7 +517,7 @@ func testScanDataNoPermission(apiHost string) {
 			`{"imageBeamLocationsReq":{"imageName": "PCW_0125_0678031992_000RCM_N00417120483005510091075J02.png"}}`,
 			`{"msgId":9,
 				"status": "WS_NO_PERMISSION",
-				"errorText": "View access denied for: 048300551",
+				"errorText": "View access denied for: OT_SCAN (048300551)",
 				"imageBeamLocationsResp":{}
 			}`,
 		)
@@ -1511,7 +1511,7 @@ func testScanDataHasPermission(apiHost string, actionMsg string, editAllowed boo
 			`{"scanMetaWriteReq":{"scanId": "048300551", "title": "Something", "description": "The blah"}}`,
 			`{"msgId":14,
 				"status": "WS_NO_PERMISSION",
-				"errorText": "Edit access denied for: 048300551",
+				"errorText": "Edit access denied for: OT_SCAN (048300551)",
 				"scanMetaWriteResp": {}
 			}`,
 		)
diff --git a/internal/cmd-line-tools/api-integration-test/testUserContent.go b/internal/cmd-line-tools/api-integration-test/testUserContent.go
index 25268691..0dfe8375 100644
--- a/internal/cmd-line-tools/api-integration-test/testUserContent.go
+++ b/internal/cmd-line-tools/api-integration-test/testUserContent.go
@@ -183,19 +183,19 @@ func testUserContent(apiHost string, contentMessaging map[string]contentMessagin
 
 		u2.AddSendReqAction(fmt.Sprintf("%v Get created item for user 2", msgName),
 			fmt.Sprintf(`{"%vGetReq": { "id": "${IDLOAD=%vCreated1}"}}`, msgName, msgName),
-			fmt.Sprintf(`{"msgId":%v, "status": "WS_NO_PERMISSION", "errorText": "View access denied for: %v", "%vGetResp":{}}`, u2ExpectedRespSeqNo, createdId, msgName),
+			fmt.Sprintf(`{"msgId":%v, "status": "WS_NO_PERMISSION", "errorText": "View access denied for: %v (%v)", "%vGetResp":{}}`, u2ExpectedRespSeqNo, msgContents.objectType, createdId, msgName),
 		)
 		u2ExpectedRespSeqNo++
 
 		u2.AddSendReqAction(fmt.Sprintf("%v Get permissions for user 1's created item", msgName),
 			fmt.Sprintf(`{"getOwnershipReq": { "objectId": "${IDLOAD=%vCreated1}", "objectType": "%v"}}`, msgName, msgContents.objectType),
-			fmt.Sprintf(`{"msgId":%v,"status":"WS_NO_PERMISSION","errorText": "View access denied for: %v","getOwnershipResp":{}}`, u2ExpectedRespSeqNo, createdId),
+			fmt.Sprintf(`{"msgId":%v,"status":"WS_NO_PERMISSION","errorText": "View access denied for: %v (%v)","getOwnershipResp":{}}`, u2ExpectedRespSeqNo, msgContents.objectType, createdId),
 		)
 		u2ExpectedRespSeqNo++
 
 		u2.AddSendReqAction(fmt.Sprintf("%v Share user 1s created item", msgName),
 			fmt.Sprintf(`{"objectEditAccessReq": { "objectId": "${IDLOAD=%vCreated1}", "objectType": "%v", "addViewers": { "userIds": [ "%v" ] }}}`, msgName, msgContents.objectType, u2.GetUserId()),
-			fmt.Sprintf(`{"msgId":%v,"status":"WS_NO_PERMISSION","errorText": "Edit access denied for: %v","objectEditAccessResp":{}}`, u2ExpectedRespSeqNo, createdId),
+			fmt.Sprintf(`{"msgId":%v,"status":"WS_NO_PERMISSION","errorText": "Edit access denied for: %v (%v)","objectEditAccessResp":{}}`, u2ExpectedRespSeqNo, msgContents.objectType, createdId),
 		)
 		u2ExpectedRespSeqNo++
 	}
@@ -492,8 +492,8 @@ func testUserContent(apiHost string, contentMessaging map[string]contentMessagin
 					"name": "User1 Item Edited by User2"
 				}
 			}}`, msgName, msgContents.itemName, msgName),
-			fmt.Sprintf(`{"msgId":%v, "status":"WS_NO_PERMISSION", "errorText": "Edit access denied for: %v", "%vWriteResp":{}}`,
-				u2ExpectedRespSeqNo, createdId, msgName),
+			fmt.Sprintf(`{"msgId":%v, "status":"WS_NO_PERMISSION", "errorText": "Edit access denied for: %v (%v)", "%vWriteResp":{}}`,
+				u2ExpectedRespSeqNo, msgContents.objectType, createdId, msgName),
 		)
 		u2ExpectedRespSeqNo++
 	}