From 5ca3fe80ddb757038c29b8967d23c0ff2a503759 Mon Sep 17 00:00:00 2001
From: WashingtonKK <washingtonkigan@gmail.com>
Date: Mon, 25 Mar 2024 17:42:30 +0300
Subject: [PATCH] fix: update api docs

Signed-off-by: WashingtonKK <washingtonkigan@gmail.com>

feat: update checkdomain and checkpolicy

Signed-off-by: WashingtonKK <washingtonkigan@gmail.com>

fix: errors on service layer

Signed-off-by: WashingtonKK <washingtonkigan@gmail.com>

fix: tests

Signed-off-by: WashingtonKK <washingtonkigan@gmail.com>
---
 api/openapi/users.yml       | 2 ++
 auth/service.go             | 9 +--------
 pkg/errors/service/types.go | 1 -
 users/service.go            | 2 +-
 4 files changed, 4 insertions(+), 10 deletions(-)

diff --git a/api/openapi/users.yml b/api/openapi/users.yml
index 63d7643e8b2..9bfb01175ed 100644
--- a/api/openapi/users.yml
+++ b/api/openapi/users.yml
@@ -419,6 +419,8 @@ paths:
           description: Failed due to malformed JSON.
         "401":
           description: Missing or invalid access token provided.
+        "404":
+          description: Entity not found.
         "415":
           description: Missing or invalid content type.
         "422":
diff --git a/auth/service.go b/auth/service.go
index 2bf668c0e5e..c365834d01b 100644
--- a/auth/service.go
+++ b/auth/service.go
@@ -186,14 +186,7 @@ func (svc service) Authorize(ctx context.Context, pr PolicyReq) error {
 func (svc service) checkPolicy(ctx context.Context, pr PolicyReq) error {
 	// Domain status is required for if user sent authorization request on things, channels, groups and domains
 	if pr.SubjectType == UserType && (pr.ObjectType == GroupType || pr.ObjectType == ThingType || pr.ObjectType == DomainType) {
-		domainID := pr.Domain
-		if domainID == "" {
-			if pr.ObjectType != DomainType {
-				return svcerr.ErrDomainAuthorization
-			}
-			domainID = pr.Object
-		}
-		if err := svc.checkDomain(ctx, pr.SubjectType, pr.Subject, domainID); err != nil {
+		if err := svc.checkDomain(ctx, pr.SubjectType, pr.Subject, pr.Domain); err != nil {
 			return err
 		}
 	}
diff --git a/pkg/errors/service/types.go b/pkg/errors/service/types.go
index e8b47e00e76..8a5525b73e1 100644
--- a/pkg/errors/service/types.go
+++ b/pkg/errors/service/types.go
@@ -55,7 +55,6 @@ var (
 	// ErrFailedPolicyUpdate indicates a failure to update user policy.
 	ErrFailedPolicyUpdate = errors.New("failed to update user policy")
 
-
 	// ErrPasswordFormat indicates weak password.
 	ErrPasswordFormat = errors.New("password does not meet the requirements")
 
diff --git a/users/service.go b/users/service.go
index af085a686a7..cfb89c27a83 100644
--- a/users/service.go
+++ b/users/service.go
@@ -334,7 +334,7 @@ func (svc service) UpdateClientSecret(ctx context.Context, token, oldSecret, new
 		return mgclients.Client{}, errors.Wrap(svcerr.ErrViewEntity, err)
 	}
 	if _, err := svc.IssueToken(ctx, dbClient.Credentials.Identity, oldSecret, ""); err != nil {
-		return mgclients.Client{}, errors.Wrap(svcerr.ErrIssueToken, err)
+		return mgclients.Client{}, errors.Wrap(ErrIssueToken, err)
 	}
 	newSecret, err = svc.hasher.Hash(newSecret)
 	if err != nil {