From fe594d27559a7c26e46790ebfbe870c9f2f0fba2 Mon Sep 17 00:00:00 2001
From: Stavros <steveiliop56@gmail.com>
Date: Sun, 2 Feb 2025 19:34:02 +0200
Subject: [PATCH] fix: do not crash when docker is not connected

---
 internal/api/api.go       | 37 ++++++++++++++++++++-----------------
 internal/auth/auth.go     |  7 +++++++
 internal/docker/docker.go |  5 +++++
 3 files changed, 32 insertions(+), 17 deletions(-)

diff --git a/internal/api/api.go b/internal/api/api.go
index 925ba40..dd16444 100644
--- a/internal/api/api.go
+++ b/internal/api/api.go
@@ -107,7 +107,10 @@ func (api *API) SetupRoutes() {
 			log.Debug().Msg("Authenticated")
 
 			appAllowed, appAllowedErr := api.Auth.ResourceAllowed(userContext, host)
-			if handleApiError(c, "Failed to check if resource is allowed", appAllowedErr) {
+
+			log.Debug().Bool("appAllowed", appAllowed).Msg("Checking if user is allowed")
+
+			if api.handleError(c, "Failed to check if resource is allowed", appAllowedErr) {
 				return
 			}
 
@@ -117,7 +120,7 @@ func (api *API) SetupRoutes() {
 					Username: userContext.Username,
 					Resource: strings.Split(host, ".")[0],
 				})
-				if handleApiError(c, "Failed to build query", queryErr) {
+				if api.handleError(c, "Failed to build query", queryErr) {
 					return
 				}
 				c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", api.Config.AppURL, queries.Encode()))
@@ -299,7 +302,7 @@ func (api *API) SetupRoutes() {
 			tailscaleQuery, tailscaleQueryErr := query.Values(types.TailscaleQuery{
 				Code: (1000 + rand.IntN(9000)), // doesn't need to be secure, just there to avoid caching
 			})
-			if handleApiError(c, "Failed to build query", tailscaleQueryErr) {
+			if api.handleError(c, "Failed to build query", tailscaleQueryErr) {
 				return
 			}
 			c.JSON(200, gin.H{
@@ -322,7 +325,7 @@ func (api *API) SetupRoutes() {
 
 		bindErr := c.BindUri(&providerName)
 
-		if handleApiError(c, "Failed to bind URI", bindErr) {
+		if api.handleError(c, "Failed to bind URI", bindErr) {
 			return
 		}
 
@@ -351,7 +354,7 @@ func (api *API) SetupRoutes() {
 
 		log.Debug().Msg("Got token")
 
-		if handleApiError(c, "Failed to exchange token", tokenErr) {
+		if api.handleError(c, "Failed to exchange token", tokenErr) {
 			return
 		}
 
@@ -359,7 +362,7 @@ func (api *API) SetupRoutes() {
 
 		log.Debug().Str("email", email).Msg("Got email")
 
-		if handleApiError(c, "Failed to get user", emailErr) {
+		if api.handleError(c, "Failed to get user", emailErr) {
 			return
 		}
 
@@ -368,7 +371,7 @@ func (api *API) SetupRoutes() {
 			unauthorizedQuery, unauthorizedQueryErr := query.Values(types.UnauthorizedQuery{
 				Username: email,
 			})
-			if handleApiError(c, "Failed to build query", unauthorizedQueryErr) {
+			if api.handleError(c, "Failed to build query", unauthorizedQueryErr) {
 				return
 			}
 			c.Redirect(http.StatusPermanentRedirect, fmt.Sprintf("%s/unauthorized?%s", api.Config.AppURL, unauthorizedQuery.Encode()))
@@ -400,7 +403,7 @@ func (api *API) SetupRoutes() {
 
 		log.Debug().Msg("Got redirect query")
 
-		if handleApiError(c, "Failed to build query", redirectQueryErr) {
+		if api.handleError(c, "Failed to build query", redirectQueryErr) {
 			return
 		}
 
@@ -413,6 +416,15 @@ func (api *API) Run() {
 	api.Router.Run(fmt.Sprintf("%s:%d", api.Config.Address, api.Config.Port))
 }
 
+func (api *API) handleError(c *gin.Context, msg string, err error) bool {
+	if err != nil {
+		log.Error().Err(err).Msg(msg)
+		c.Redirect(http.StatusPermanentRedirect, fmt.Sprintf("%s/error", api.Config.AppURL))
+		return true
+	}
+	return false
+}
+
 func zerolog() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		tStart := time.Now()
@@ -436,12 +448,3 @@ func zerolog() gin.HandlerFunc {
 		}
 	}
 }
-
-func handleApiError(c *gin.Context, msg string, err error) bool {
-	if err != nil {
-		log.Error().Err(err).Msg(msg)
-		c.Redirect(http.StatusPermanentRedirect, "/error")
-		return true
-	}
-	return false
-}
diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index 554cafa..dcedee7 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -97,6 +97,13 @@ func (auth *Auth) UserAuthConfigured() bool {
 }
 
 func (auth *Auth) ResourceAllowed(context types.UserContext, host string) (bool, error) {
+	isConnected := auth.Docker.DockerConnected()
+
+	if !isConnected {
+		log.Debug().Msg("Docker not connected, allowing access")
+		return true, nil
+	}
+
 	appId := strings.Split(host, ".")[0]
 	containers, containersErr := auth.Docker.GetContainers()
 
diff --git a/internal/docker/docker.go b/internal/docker/docker.go
index a8b1caf..c25bcf6 100644
--- a/internal/docker/docker.go
+++ b/internal/docker/docker.go
@@ -49,3 +49,8 @@ func (docker *Docker) InspectContainer(containerId string) (types.ContainerJSON,
 
 	return inspect, nil
 }
+
+func (docker *Docker) DockerConnected() bool {
+	_, err := docker.Client.Ping(docker.Context)
+	return err == nil
+}