feat: return most backend API errors to frontend (#1836)

* feat: return most backend API errros to frontend

Signed-off-by: yehong <239859435@qq.com>

* refactor: reduce int type change

Signed-off-by: yehong <239859435@qq.com>

* feat: return err backend in token.go

Signed-off-by: yehong <239859435@qq.com>

---------

Signed-off-by: yehong <239859435@qq.com>

object/check.go

@@ -170,7 +170,11 @@ func CheckPassword(user *User, password string, lang string, options ...bool) st
 		}
 	}
 
-	organization := GetOrganizationByUser(user)
+	organization, err := GetOrganizationByUser(user)
+	if err != nil {
+		panic(err)
+	}
+
 	if organization == nil {
 		return i18n.Translate(lang, "check:Organization does not exist")
 	}
@@ -200,7 +204,11 @@ func CheckPassword(user *User, password string, lang string, options ...bool) st
 }
 
 func checkLdapUserPassword(user *User, password string, lang string) string {
-	ldaps := GetLdaps(user.Owner)
+	ldaps, err := GetLdaps(user.Owner)
+	if err != nil {
+		return err.Error()
+	}
+
 	ldapLoginSuccess := false
 	hit := false
 
@@ -247,7 +255,11 @@ func CheckUserPassword(organization string, username string, password string, la
 	if len(options) > 0 {
 		enableCaptcha = options[0]
 	}
-	user := GetUserByFields(organization, username)
+	user, err := GetUserByFields(organization, username)
+	if err != nil {
+		panic(err)
+	}
+
 	if user == nil || user.IsDeleted {
 		return nil, fmt.Sprintf(i18n.Translate(lang, "general:The user: %s doesn't exist"), util.GetId(organization, username))
 	}
@@ -284,7 +296,11 @@ func CheckUserPermission(requestUserId, userId string, strict bool, lang string)
 	userOwner := util.GetOwnerFromId(userId)
 
 	if userId != "" {
-		targetUser := GetUser(userId)
+		targetUser, err := GetUser(userId)
+		if err != nil {
+			panic(err)
+		}
+
 		if targetUser == nil {
 			if strings.HasPrefix(requestUserId, "built-in/") {
 				return true, nil
@@ -300,7 +316,11 @@ func CheckUserPermission(requestUserId, userId string, strict bool, lang string)
 	if strings.HasPrefix(requestUserId, "app/") {
 		hasPermission = true
 	} else {
-		requestUser := GetUser(requestUserId)
+		requestUser, err := GetUser(requestUserId)
+		if err != nil {
+			return false, err
+		}
+
 		if requestUser == nil {
 			return false, fmt.Errorf(i18n.Translate(lang, "check:Session outdated, please login again"))
 		}
@@ -321,13 +341,17 @@ func CheckUserPermission(requestUserId, userId string, strict bool, lang string)
 }
 
 func CheckAccessPermission(userId string, application *Application) (bool, error) {
+	var err error
 	if userId == "built-in/admin" {
 		return true, nil
 	}
 
-	permissions := GetPermissions(application.Organization)
+	permissions, err := GetPermissions(application.Organization)
+	if err != nil {
+		return false, err
+	}
+
 	allowed := true
-	var err error
 	for _, permission := range permissions {
 		if !permission.IsEnabled || len(permission.Users) == 0 {
 			continue
@@ -403,9 +427,9 @@ func CheckUpdateUser(oldUser, user *User, lang string) string {
 	return ""
 }
 
-func CheckToEnableCaptcha(application *Application, organization, username string) bool {
+func CheckToEnableCaptcha(application *Application, organization, username string) (bool, error) {
 	if len(application.Providers) == 0 {
-		return false
+		return false, nil
 	}
 
 	for _, providerItem := range application.Providers {
@@ -414,12 +438,15 @@ func CheckToEnableCaptcha(application *Application, organization, username strin
 		}
 		if providerItem.Provider.Category == "Captcha" {
 			if providerItem.Rule == "Dynamic" {
-				user := GetUserByFields(organization, username)
-				return user != nil && user.SigninWrongTimes >= SigninWrongTimesLimit
+				user, err := GetUserByFields(organization, username)
+				if err != nil {
+					return false, err
+				}
+				return user != nil && user.SigninWrongTimes >= SigninWrongTimesLimit, nil
 			}
-			return providerItem.Rule == "Always"
+			return providerItem.Rule == "Always", nil
 		}
 	}
 
-	return false
+	return false, nil
 }