improvement: add an error_handler option

Author: zachdaniel

documentation/topics/errors.md

@@ -0,0 +1,176 @@
+<!--
+SPDX-FileCopyrightText: 2020 Zach Daniel
+
+SPDX-License-Identifier: MIT
+-->
+
+# Errors
+
+AshJsonApi converts Ash errors into [JSON:API error objects](https://jsonapi.org/format/#errors). This topic covers how that conversion works, how to customize it, and the available configuration options.
+
+## Error Format
+
+Every error response follows the JSON:API error object format:
+
+```json
+{
+  "errors": [
+    {
+      "id": "a1b2c3d4-...",
+      "status": "422",
+      "code": "invalid_attribute",
+      "title": "InvalidAttribute",
+      "detail": "must be present",
+      "source": {
+        "pointer": "/data/attributes/name"
+      }
+    }
+  ]
+}
+```
+
+## The `AshJsonApi.ToJsonApiError` Protocol
+
+AshJsonApi uses the `AshJsonApi.ToJsonApiError` protocol to convert Ash exceptions into `AshJsonApi.Error` structs. Built-in implementations are provided for common Ash errors such as `Ash.Error.Changes.InvalidChanges`, `Ash.Error.Query.NotFound`, `Ash.Error.Forbidden.Policy`, and others.
+
+If your application raises a custom Ash exception and you want it to produce a specific JSON:API error, implement the protocol:
+
+```elixir
+defimpl AshJsonApi.ToJsonApiError, for: MyApp.Errors.PaymentRequired do
+  def to_json_api_error(error) do
+    %AshJsonApi.Error{
+      id: Ash.UUID.generate(),
+      status_code: 402,
+      code: "payment_required",
+      title: "PaymentRequired",
+      detail: error.message,
+      meta: %{}
+    }
+  end
+end
+```
+
+The `AshJsonApi.Error` struct has the following fields:
+
+| Field | Description |
+|---|---|
+| `id` | Unique identifier for this error occurrence |
+| `status_code` | HTTP status code (integer) |
+| `code` | Machine-readable error code string |
+| `title` | Human-readable error title |
+| `detail` | Human-readable explanation specific to this occurrence |
+| `source_pointer` | JSON Pointer to the source of the error (e.g. `/data/attributes/name`) |
+| `source_parameter` | Query parameter that caused the error |
+| `meta` | Arbitrary metadata map |
+| `about` | Link to further information about this error |
+| `log_level` | Log level for this error (default: `:debug`) |
+| `internal_description` | Internal description used for logging, not sent to clients |
+
+## Transforming Errors with `error_handler`
+
+The `error_handler` domain option lets you intercept and transform any `AshJsonApi.Error` struct before it is sent to the client. This is useful for sanitizing error messages, adding metadata, translating error text, or applying any other cross-cutting transformation.
+
+Configure it in your domain as an MFA:
+
+```elixir
+defmodule MyApp.Domain do
+  use Ash.Domain, extensions: [AshJsonApi.Domain]
+
+  json_api do
+    error_handler {MyApp.JsonApiErrorHandler, :handle_error, []}
+  end
+end
+```
+
+The handler receives the `AshJsonApi.Error` struct and a context map, and must return a modified `AshJsonApi.Error` struct:
+
+```elixir
+defmodule MyApp.JsonApiErrorHandler do
+  def handle_error(error, _context) do
+    # Sanitize internal details from 500 errors
+    if error.status_code >= 500 do
+      %{error | detail: "An internal error occurred. Please try again later."}
+    else
+      error
+    end
+  end
+end
+```
+
+The context map contains:
+
+| Key | Description |
+|---|---|
+| `:domain` | The domain module handling the request |
+| `:resource` | The resource module associated with the request (may be `nil`) |
+
+### Example: Translating Error Messages
+
+```elixir
+defmodule MyApp.JsonApiErrorHandler do
+  def handle_error(error, _context) do
+    %{error | detail: MyApp.Gettext.translate_error(error.code, error.detail)}
+  end
+end
+```
+
+### Example: Adding Custom Metadata
+
+```elixir
+defmodule MyApp.JsonApiErrorHandler do
+  def handle_error(error, %{domain: domain}) do
+    %{error | meta: Map.put(error.meta || %{}, :api_version, "v2")}
+  end
+end
+```
+
+### Example: Context-Specific Handling
+
+```elixir
+defmodule MyApp.JsonApiErrorHandler do
+  def handle_error(error, %{resource: resource}) do
+    case resource do
+      MyApp.PaymentResource ->
+        %{error | detail: MyApp.Payments.format_error(error)}
+
+      _ ->
+        error
+    end
+  end
+end
+```
+
+## Configuration Options
+
+### `show_raised_errors?`
+
+By default, if an error is *raised* (i.e. an unexpected exception, not a structured Ash error), AshJsonApi returns a generic error message with only a UUID for reference. This prevents leaking internal implementation details.
+
+Set `show_raised_errors? true` to include the full exception in the response — useful during development:
+
+```elixir
+json_api do
+  show_raised_errors? true
+end
+```
+
+### `log_errors?`
+
+Controls whether errors are logged. Defaults to `true`.
+
+```elixir
+json_api do
+  log_errors? false
+end
+```
+
+### Policy Breakdown Details
+
+By default, authorization failures return a generic "forbidden" message. To include a breakdown of which policies failed (useful for debugging), set this in your application config:
+
+```elixir
+# config/dev.exs
+config :ash_json_api, :policies, show_policy_breakdowns?: true
+```
+
+> **Warning:** Do not enable this in production, as it may expose details about your authorization logic.

lib/ash_json_api/domain/domain.ex

@@ -161,6 +161,33 @@ defmodule AshJsonApi.Domain do
         type: :boolean,
         doc: "Whether or not to include properties for values that are nil in the JSON output",
         default: true
+      ],
+      error_handler: [
+        type: :mfa,
+        doc: """
+        Set an MFA to intercept/handle any errors that are generated.
+
+        The function will be called with a `AshJsonApi.Error` struct and a context map, and should
+        return a modified `AshJsonApi.Error` struct. The context map contains `:domain` and `:resource`.
+
+        For example:
+
+        ```elixir
+        defmodule MyApp.ErrorHandler do
+          def handle_error(error, _context) do
+            %{error | detail: "Something went wrong"}
+          end
+        end
+        ```
+
+        And in your domain:
+
+        ```elixir
+        json_api do
+          error_handler {MyApp.ErrorHandler, :handle_error, []}
+        end
+        ```
+        """
       ]
     ],
     sections: [@open_api, @routes]

lib/ash_json_api/domain/info.ex

@@ -46,4 +46,8 @@ defmodule AshJsonApi.Domain.Info do
   def include_nil_values?(domain) do
     Extension.get_opt(domain, [:json_api], :include_nil_values?, true, true)
   end
+
+  def error_handler(domain) do
+    Extension.get_opt(domain, [:json_api], :error_handler, nil, true)
+  end
 end

lib/ash_json_api/error/error.ex

@@ -31,8 +31,8 @@ defmodule AshJsonApi.Error do
     Enum.flat_map(errors, &to_json_api_errors(domain, resource, &1, type))
   end
 
-  def to_json_api_errors(_domain, _resource, %__MODULE__{} = error, _type) do
-    [error]
+  def to_json_api_errors(domain, resource, %__MODULE__{} = error, _type) do
+    apply_error_handler([error], domain, resource)
   end
 
   def to_json_api_errors(domain, resource, error, type) when is_binary(error) do
@@ -41,60 +41,77 @@ defmodule AshJsonApi.Error do
   end
 
   def to_json_api_errors(domain, resource, error, type) do
-    if AshJsonApi.ToJsonApiError.impl_for(error) do
-      error
-      |> AshJsonApi.ToJsonApiError.to_json_api_error()
-      |> List.wrap()
-      |> Enum.flat_map(&with_source_pointer(&1, error, resource, type))
-    else
-      uuid = Ash.UUID.generate()
+    errors =
+      if AshJsonApi.ToJsonApiError.impl_for(error) do
+        error
+        |> AshJsonApi.ToJsonApiError.to_json_api_error()
+        |> List.wrap()
+        |> Enum.flat_map(&with_source_pointer(&1, error, resource, type))
+      else
+        uuid = Ash.UUID.generate()
+
+        stacktrace =
+          case error do
+            %{stacktrace: %{stacktrace: v}} ->
+              v
+
+            _ ->
+              nil
+          end
+
+        Logger.warning(
+          "`#{uuid}`: AshJsonApi.Error not implemented for error:\n\n#{Exception.format(:error, error, stacktrace)}"
+        )
+
+        code = if error.class == :forbidden, do: "forbidden", else: "something_went_wrong"
+        title = if error.class == :forbidden, do: "Forbidden", else: "SomethingWentWrong"
+
+        detail =
+          if error.class == :forbidden,
+            do: "forbidden",
+            else: "Something went wrong. Error id: #{uuid}"
+
+        if AshJsonApi.Domain.Info.show_raised_errors?(domain) do
+          [
+            %__MODULE__{
+              id: uuid,
+              status_code: class_to_status(error.class),
+              code: code,
+              title: title,
+              detail: """
+              Raised error: #{uuid}
+
+              #{Exception.format(:error, error, stacktrace)}"
+              """
+            }
+          ]
+        else
+          [
+            %__MODULE__{
+              id: uuid,
+              status_code: class_to_status(error.class),
+              code: code,
+              title: title,
+              detail: detail
+            }
+          ]
+        end
+      end
 
-      stacktrace =
-        case error do
-          %{stacktrace: %{stacktrace: v}} ->
-            v
+    apply_error_handler(errors, domain, resource)
+  end
 
-          _ ->
-            nil
-        end
+  defp apply_error_handler(errors, nil, _resource), do: errors
 
-      Logger.warning(
-        "`#{uuid}`: AshJsonApi.Error not implemented for error:\n\n#{Exception.format(:error, error, stacktrace)}"
-      )
-
-      code = if error.class == :forbidden, do: "forbidden", else: "something_went_wrong"
-      title = if error.class == :forbidden, do: "Forbidden", else: "SomethingWentWrong"
-
-      detail =
-        if error.class == :forbidden,
-          do: "forbidden",
-          else: "Something went wrong. Error id: #{uuid}"
-
-      if AshJsonApi.Domain.Info.show_raised_errors?(domain) do
-        [
-          %__MODULE__{
-            id: uuid,
-            status_code: class_to_status(error.class),
-            code: code,
-            title: title,
-            detail: """
-            Raised error: #{uuid}
-
-            #{Exception.format(:error, error, stacktrace)}"
-            """
-          }
-        ]
-      else
-        [
-          %__MODULE__{
-            id: uuid,
-            status_code: class_to_status(error.class),
-            code: code,
-            title: title,
-            detail: detail
-          }
-        ]
-      end
+  defp apply_error_handler(errors, domain, resource) do
+    case AshJsonApi.Domain.Info.error_handler(domain) do
+      nil ->
+        errors
+
+      {m, f, a} ->
+        Enum.map(errors, fn error ->
+          apply(m, f, [error, %{domain: domain, resource: resource} | a])
+        end)
     end
   end
 

mix.exs

@@ -68,6 +68,7 @@ defmodule AshJsonApi.MixProject do
         "documentation/topics/upgrade.md",
         "documentation/topics/authorize-with-json-api.md",
         "documentation/topics/authenticate-with-json-api.md",
+        "documentation/topics/errors.md",
         "documentation/topics/paginated-relationships.md",
         {"documentation/dsls/DSL-AshJsonApi.Resource.md",
          search_data: Spark.Docs.search_data_for(AshJsonApi.Resource)},