raghavyuva
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎api/api/versions.json‎
Lines changed: 1 addition & 1 deletion b/‎api/api/versions.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎api/internal/features/auth/service/register.go‎
Lines changed: 5 additions & 0 deletions b/‎api/internal/features/auth/service/register.go‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎api/internal/features/auth/storage/user.go‎
Lines changed: 42 additions & 0 deletions b/‎api/internal/features/auth/storage/user.go‎
Lines changed: 42 additions & 0 deletions
diff --git a/‎api/internal/features/auth/types/auth.go‎
Lines changed: 1 addition & 0 deletions b/‎api/internal/features/auth/types/auth.go‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎api/internal/features/domain/controller/create_domain.go‎
Lines changed: 15 additions & 0 deletions b/‎api/internal/features/domain/controller/create_domain.go‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎api/internal/features/domain/controller/delete_domain.go‎
Lines changed: 15 additions & 0 deletions b/‎api/internal/features/domain/controller/delete_domain.go‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎api/internal/features/domain/controller/error_helpers.go‎
Lines changed: 27 additions & 0 deletions b/‎api/internal/features/domain/controller/error_helpers.go‎
Lines changed: 27 additions & 0 deletions
diff --git a/‎api/internal/features/domain/controller/get_domains.go‎
Lines changed: 64 additions & 10 deletions b/‎api/internal/features/domain/controller/get_domains.go‎
Lines changed: 64 additions & 10 deletions
diff --git a/‎api/internal/features/domain/controller/update_domain.go‎
Lines changed: 15 additions & 0 deletions b/‎api/internal/features/domain/controller/update_domain.go‎
Lines changed: 15 additions & 0 deletions
@@ -12,3 +12,4 @@ docs/.vitepress/cache
 .env.staging
 !api/.env.sample
 **.log
+.vscode
@@ -3,7 +3,7 @@
     {
       "version": "v1",
       "status": "active",
-      "release_date": "2025-06-30T20:48:43.246107+05:30",
+      "release_date": "2025-07-10T02:54:43.011943+05:30",
       "end_of_life": "0001-01-01T00:00:00Z",
       "changes": [
         "Initial API version"
 
@@ -29,6 +29,11 @@ func (c *AuthService) Register(registrationRequest types.RegisterRequest, userTy
 		return types.AuthResponse{}, types.ErrUserWithEmailAlreadyExists
 	}
 
+	if dbUser, err := c.storage.FindUserByUsername(registrationRequest.Username); err == nil && dbUser.ID != uuid.Nil {
+		c.logger.Log(logger.Error, types.ErrUserWithUsernameAlreadyExists.Error(), "")
+		return types.AuthResponse{}, types.ErrUserWithUsernameAlreadyExists
+	}
+
 	hashedPassword, err := utils.HashPassword(registrationRequest.Password)
 	if err != nil {
 		c.logger.Log(logger.Error, types.ErrFailedToHashPassword.Error(), err.Error())
 
@@ -22,6 +22,7 @@ type UserStorage struct {
 
 type AuthRepository interface {
 	FindUserByEmail(email string) (*types.User, error)
+	FindUserByUsername(username string) (*types.User, error)
 	FindUserByID(id string) (*types.User, error)
 	CreateUser(user *types.User) error
 	UpdateUser(user *types.User) error
@@ -94,6 +95,47 @@ func (u *UserStorage) FindUserByEmail(email string) (*types.User, error) {
 	return user, nil
 }
 
+// FindUserByUsername finds a user by username in the database.
+//
+// The function returns an error if the user does not exist or if the query
+// fails.
+func (u *UserStorage) FindUserByUsername(username string) (*types.User, error) {
+	user := &types.User{}
+	err := u.getDB().NewSelect().
+		Model(user).
+		Where("username = ?", username).
+		Relation("Organizations").
+		Scan(u.Ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	err = u.getDB().NewSelect().
+		Model(&user.OrganizationUsers).
+		Where("user_id = ?", user.ID).
+		Relation("Role").
+		Relation("Organization").
+		Scan(u.Ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	for i, orgUser := range user.OrganizationUsers {
+		if orgUser.Role != nil {
+			err = u.getDB().NewSelect().
+				Model(&user.OrganizationUsers[i].Role.Permissions).
+				Join("JOIN role_permissions AS rp ON rp.permission_id = p.id").
+				Where("rp.role_id = ?", orgUser.Role.ID).
+				Scan(u.Ctx)
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
+	return user, nil
+}
+
 // FindUserByID finds a user by id in the database.
 //
 // The function returns an error if the user does not exist or if the query
 
@@ -85,6 +85,7 @@ var (
 	ErrFailedToDecodeRequest                      = errors.New("failed to decode request body")
 	ErrMissingRequiredFields                      = errors.New("missing required fields")
 	ErrUserWithEmailAlreadyExists                 = errors.New("user with email already exists")
+	ErrUserWithUsernameAlreadyExists              = errors.New("user with username already exists")
 	ErrFailedToRegisterUser                       = errors.New("failed to register user")
 	ErrFailedToHashPassword                       = errors.New("failed to hash password")
 	ErrFailedToCreateToken                        = errors.New("failed to create token")
 
@@ -42,6 +42,21 @@ func (c *DomainsController) CreateDomain(f fuego.ContextWithBody[types.CreateDom
 
 	if err != nil {
 		c.logger.Log(logger.Error, err.Error(), "")
+
+		if isInvalidDomainError(err) {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusBadRequest,
+			}
+		}
+
+		if err == types.ErrDomainAlreadyExists {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusConflict,
+			}
+		}
+
 		return nil, fuego.HTTPError{
 			Err:    err,
 			Status: http.StatusInternalServerError,
 
@@ -31,6 +31,21 @@ func (c *DomainsController) DeleteDomain(f fuego.ContextWithBody[types.DeleteDom
 	err = c.service.DeleteDomain(domainRequest.ID)
 	if err != nil {
 		c.logger.Log(logger.Error, err.Error(), "")
+
+		if isInvalidDomainError(err) {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusBadRequest,
+			}
+		}
+
+		if err == types.ErrDomainNotFound {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusNotFound,
+			}
+		}
+
 		return nil, fuego.HTTPError{
 			Err:    err,
 			Status: http.StatusInternalServerError,
 
@@ -0,0 +1,27 @@
+package controller
+
+import "github.com/raghavyuva/nixopus-api/internal/features/domain/types"
+
+func isInvalidDomainError(err error) bool {
+	switch err {
+	case types.ErrInvalidDomainID,
+		types.ErrMissingDomainID,
+		types.ErrDomainNameInvalid,
+		types.ErrDomainNameTooLong,
+		types.ErrDomainNameTooShort,
+		types.ErrMissingDomainName:
+		return true
+	default:
+		return false
+	}
+}
+
+func isPermissionError(err error) bool {
+	switch err {
+	case types.ErrUserDoesNotBelongToOrganization,
+		types.ErrPermissionDenied:
+		return true
+	default:
+		return false
+	}
+}
@@ -7,6 +7,7 @@ import (
 	"time"
 
 	"github.com/go-fuego/fuego"
+	"github.com/google/uuid"
 	"github.com/raghavyuva/nixopus-api/internal/features/domain/types"
 	"github.com/raghavyuva/nixopus-api/internal/features/logger"
 	"github.com/raghavyuva/nixopus-api/internal/utils"
@@ -15,24 +16,46 @@ import (
 )
 
 func (c *DomainsController) GetDomains(f fuego.ContextNoBody) (*shared_types.Response, error) {
-	organization_id := f.QueryParam("id")
-
 	w, r := f.Response(), f.Request()
 
-	user := utils.GetUser(w, r)
+	organization_id := utils.GetOrganizationID(r)
+	if organization_id == uuid.Nil {
+		c.logger.Log(logger.Error, "invalid organization id", "")
+		return nil, fuego.HTTPError{
+			Err:    types.ErrMissingID,
+			Status: http.StatusBadRequest,
+		}
+	}
 
+	user := utils.GetUser(w, r)
 	if user == nil {
+		c.logger.Log(logger.Error, "unauthorized user", "")
 		return nil, fuego.HTTPError{
-			Err:    nil,
+			Err:    types.ErrAccessDenied,
 			Status: http.StatusUnauthorized,
 		}
 	}
 
 	c.logger.Log(logger.Info, "fetching domains", fmt.Sprintf("organization_id: %s", organization_id))
 
-	domains, err := c.service.GetDomains(organization_id, user.ID)
+	domains, err := c.service.GetDomains(organization_id.String(), user.ID)
 	if err != nil {
 		c.logger.Log(logger.Error, err.Error(), "")
+
+		if isPermissionError(err) {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusForbidden,
+			}
+		}
+
+		if err == types.ErrDomainNotFound {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusNotFound,
+			}
+		}
+
 		return nil, fuego.HTTPError{
 			Err:    err,
 			Status: http.StatusInternalServerError,
@@ -49,22 +72,53 @@ func (c *DomainsController) GetDomains(f fuego.ContextNoBody) (*shared_types.Res
 func (c *DomainsController) GenerateRandomSubDomain(f fuego.ContextNoBody) (*shared_types.Response, error) {
 	w, r := f.Response(), f.Request()
 
-	organization_id := f.QueryParam("id")
+	organization_id := utils.GetOrganizationID(r)
+	if organization_id == uuid.Nil {
+		c.logger.Log(logger.Error, "invalid organization id", "")
+		return nil, fuego.HTTPError{
+			Err:    types.ErrMissingID,
+			Status: http.StatusBadRequest,
+		}
+	}
+
+	user := utils.GetUser(w, r)
+	if user == nil {
+		c.logger.Log(logger.Error, "unauthorized user", "")
+		return nil, fuego.HTTPError{
+			Err:    types.ErrAccessDenied,
+			Status: http.StatusUnauthorized,
+		}
+	}
 
-	domains, err := c.service.GetDomains(organization_id, utils.GetUser(w, r).ID)
+	domains, err := c.service.GetDomains(organization_id.String(), user.ID)
 	if err != nil {
 		c.logger.Log(logger.Error, err.Error(), "")
+
+		if isPermissionError(err) {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusForbidden,
+			}
+		}
+
+		if err == types.ErrDomainNotFound {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusNotFound,
+			}
+		}
+
 		return nil, fuego.HTTPError{
 			Err:    err,
 			Status: http.StatusInternalServerError,
 		}
 	}
 
 	if len(domains) == 0 {
-		c.logger.Log(logger.Error, "no domains available", "")
+		c.logger.Log(logger.Error, "no domains available for subdomain generation", "")
 		return nil, fuego.HTTPError{
-			Err:    nil,
-			Status: http.StatusBadRequest,
+			Err:    types.ErrDomainNotFound,
+			Status: http.StatusNotFound,
 		}
 	}
 
 
@@ -41,6 +41,21 @@ func (c *DomainsController) UpdateDomain(f fuego.ContextWithBody[types.UpdateDom
 	updated, err := c.service.UpdateDomain(domainRequest.Name, user.ID.String(), domainRequest.ID)
 	if err != nil {
 		c.logger.Log(logger.Error, err.Error(), "")
+
+		if isInvalidDomainError(err) {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusBadRequest,
+			}
+		}
+
+		if err == types.ErrDomainNotFound {
+			return nil, fuego.HTTPError{
+				Err:    err,
+				Status: http.StatusNotFound,
+			}
+		}
+
 		return nil, fuego.HTTPError{
 			Err:    err,
 			Status: http.StatusInternalServerError,
Original file line number	Diff line number	Diff line change
`@@ -3,7 +3,7 @@`
`3`	`3`	`{`
`4`	`4`	`"version": "v1",`
`5`	`5`	`"status": "active",`
`6`		`- "release_date": "2025-06-30T20:48:43.246107+05:30",`
	`6`	`+ "release_date": "2025-07-10T02:54:43.011943+05:30",`
`7`	`7`	`"end_of_life": "0001-01-01T00:00:00Z",`
`8`	`8`	`"changes": [`
`9`	`9`	`"Initial API version"`