feat: map DownloadCacheError via dunite ErrorClass in member-download handler (BUNYIP-48) #57

Merged

nrupard merged 1 commit from feat/bunyip-48-download-errorclass into main 2026-06-03 21:27:03 +02:00

Conversation 0 Commits 1 Files changed 2 +24 -38

nrupard commented 2026-06-03 21:23:13 +02:00

Owner

Copy link

What

Adopt dunite-download's DownloadCacheError::class() -> ErrorClass (PSA-38) in the member-download handler, replacing the hand-rolled match on DownloadCacheError variants.

Correction to the premise

BUNYIP-48 was filed assuming no member-download handler existed. It does: download_asset in bunyip-api/src/handlers/download.rs is fully implemented and wired (GET /v1/applications/{slug}/downloads/{asset_name}). It hand-rolled the error classification, with a comment already noting "PSA-38 tracks moving this classification into dunite-download." So this is the original small adoption, not a new feature.

Change

• Re-export ErrorClass from bunyip-domain's services (next to DownloadCacheError).
• In download_asset, classify the get_or_fetch error via e.class() instead of matching variants:
  • NotFound -> 404, no upstream-failure audit (permanent missing-asset path)
  • Upstream -> 502 + DownloadFailedUpstream audit + warn log
  • Local -> 500 + DownloadFailedUpstream audit + error log
• Drop the now-unused DownloadCacheError / ForgejoError imports.

Behaviour is unchanged - same statuses, same audit events, same per-class logging (the error's Display still names the underlying variant in logs/audit). The classification policy now lives next to the type in dunite and cannot drift across consumers.

Acceptance criteria

• bunyip-domain re-exports ErrorClass next to DownloadCacheError.
• The handler maps via err.class() (NotFound -> 404, Upstream -> 502, Local -> 500); no direct match on DownloadCacheError variants.
• The error's Display is logged/audited server-side; the client response carries no internal detail.

Verification

just check-container green: fmt + clippy -D warnings + cargo test --workspace --lib (205 lib tests).

#BUNYIP-48

## What Adopt dunite-download's `DownloadCacheError::class() -> ErrorClass` (PSA-38) in the member-download handler, replacing the hand-rolled match on `DownloadCacheError` variants. ## Correction to the premise BUNYIP-48 was filed assuming no member-download handler existed. It does: `download_asset` in `bunyip-api/src/handlers/download.rs` is fully implemented and wired (`GET /v1/applications/{slug}/downloads/{asset_name}`). It hand-rolled the error classification, with a comment already noting "PSA-38 tracks moving this classification into dunite-download." So this is the original small adoption, not a new feature. ## Change - Re-export `ErrorClass` from `bunyip-domain`'s services (next to `DownloadCacheError`). - In `download_asset`, classify the `get_or_fetch` error via `e.class()` instead of matching variants: - `NotFound` -> 404, no upstream-failure audit (permanent missing-asset path) - `Upstream` -> 502 + `DownloadFailedUpstream` audit + warn log - `Local` -> 500 + `DownloadFailedUpstream` audit + error log - Drop the now-unused `DownloadCacheError` / `ForgejoError` imports. Behaviour is unchanged - same statuses, same audit events, same per-class logging (the error's `Display` still names the underlying variant in logs/audit). The classification policy now lives next to the type in dunite and cannot drift across consumers. ## Acceptance criteria - [x] `bunyip-domain` re-exports `ErrorClass` next to `DownloadCacheError`. - [x] The handler maps via `err.class()` (NotFound -> 404, Upstream -> 502, Local -> 500); no direct match on `DownloadCacheError` variants. - [x] The error's `Display` is logged/audited server-side; the client response carries no internal detail. ## Verification `just check-container` green: fmt + clippy -D warnings + `cargo test --workspace --lib` (205 lib tests). #BUNYIP-48

nrupard added 1 commit 2026-06-03 21:23:13 +02:00

feat: map DownloadCacheError via dunite ErrorClass in the member-download handler (BUNYIP-48) ... db252a7b5c

The member-download handler (`download_asset`) already existed and was wired; it hand-rolled the upstream-vs-local classification by matching `DownloadCacheError` variants, exactly the per-consumer drift PSA-38 set out to remove (dunite-oci gets `OciError::from(&BlobCacheError)` for free; the download side should not reinvent it).

Replace the variant match with dunite-download's own `DownloadCacheError::class() -> ErrorClass` (PSA-38): NotFound -> 404 (no upstream-failure audit, a permanent missing-asset path), Upstream -> 502 + audit, Local -> 500 + audit. Re-export `ErrorClass` from bunyip-domain's services so the handler matches on `crate::services::ErrorClass`, and drop the now-unused `DownloadCacheError`/`ForgejoError` imports. Behaviour is unchanged (same statuses, same audit events, same per-class logging); the classification policy now lives next to the error type in dunite and cannot drift.

just check-container green: fmt + clippy -D warnings + cargo test --workspace --lib (205 lib tests).

#BUNYIP-48

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

nrupard merged commit bdca9480be into main 2026-06-03 21:27:03 +02:00

nrupard deleted branch feat/bunyip-48-download-errorclass 2026-06-03 21:27:03 +02:00

nrupard referenced this pull request from a commit 2026-06-03 21:27:05 +02:00

Merge pull request 'feat: map DownloadCacheError via dunite ErrorClass in member-download handler (BUNYIP-48)' (#57) from feat/bunyip-48-download-errorclass into main

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

psa-systems/bunyip!57

No description provided.