search

wordpress-mobile / WordPress-FluxC-Android

WordPress Network and Persistence layer based on the Flux architecture
GNU General Public License v2.0
57 stars 37 forks source link

Distinguish generic from specific XML-RPC errors #129

Open aforcier opened 8 years ago

aforcier commented 8 years ago

We're currently conflating two different cases of a 403 error. A 403 error by default means the user is not authenticated (invalid username/password), but it can also mean that an invalid term (category or tag) ID was specified in a wp.newPost or wp.editPost request (note: this wasn't relevant in WPAndroid because it uses the metaWeblog API, which doesn't have this error).

We're currently treating all 403s as "not authenticated" and dispatching an AUTHENTICATE_ERROR, but we should recognize specific cases (like invalid term ID), and:

  1. Report them correctly to the user
  2. Not trigger a global NOT_AUTHENTICATED-type AUTHENTICATE_ERROR

The tricky part is that the XML-RPC error response has the faultCode (403, 401, etc.) and a faultString, which is localized, so it's not straightforward to tell which error has been returned.

One idea would be to make a system.listMethods request after receiving an ambiguous error - if it does not return an error, we can assume the previous error was specific to that method.

(Another idea would be to pull all translations for ambiguous errors from GlotPress and match against all of them...)

aforcier commented 8 years ago

It's also worth noting here that a 401 error is returned when the user doesn't have permission for the action they're trying to take (delete a post, for example). I'm not sure there are any other cases where we'd encounter a 401 error, but we should make sure we're reporting lack of permissions correctly.

aforcier commented 8 years ago

404 errors have a similar problem. 'Real' 404 errors should be distinguishable from 404 faultCodes from XML-RPC, since a real 404 won't have an XML response with a faultCode and faultString.

The problem is, there's at least one case where this approach won't work: editing a post can give two 404 errors: 'Invalid post ID.' and 'Invalid attachment ID.'. We can't tell these apart, we would either need to have translations stored, or request the post and the attachment in new API requests and see which one 404s.

aforcier commented 7 years ago

Some discussion about media XML-RPC errors relevant to this issue: https://github.com/wordpress-mobile/WordPress-FluxC-Android/pull/325#issuecomment-281633096.