From e319a7a5aeba9512869768dc003fb9f9a2b9dd2a Mon Sep 17 00:00:00 2001
From: andres-portainer <91705312+andres-portainer@users.noreply.github.com>
Date: Mon, 21 Apr 2025 19:27:14 -0300
Subject: [PATCH] fix(linter): enable ineffassign BE-10204 (#669)

---
 .golangci.yaml                                |  1 +
 api/datastore/migrator/migrate_dbversion20.go | 26 ++++++++++++-------
 .../handler/kubernetes/deprecated_routes.go   |  7 +++--
 api/http/security/bouncer_test.go             |  3 +++
 4 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/.golangci.yaml b/.golangci.yaml
index 648df24d1..b3d9bbfe3 100644
--- a/.golangci.yaml
+++ b/.golangci.yaml
@@ -12,6 +12,7 @@ linters:
     - copyloopvar
     - intrange
     - perfsprint
+    - ineffassign
 
 linters-settings:
   depguard:
diff --git a/api/datastore/migrator/migrate_dbversion20.go b/api/datastore/migrator/migrate_dbversion20.go
index 1f02b8885..bad999c26 100644
--- a/api/datastore/migrator/migrate_dbversion20.go
+++ b/api/datastore/migrator/migrate_dbversion20.go
@@ -18,8 +18,7 @@ func (m *Migrator) updateResourceControlsToDBVersion22() error {
 	for _, resourceControl := range legacyResourceControls {
 		resourceControl.AdministratorsOnly = false
 
-		err := m.resourceControlService.Update(resourceControl.ID, &resourceControl)
-		if err != nil {
+		if err := m.resourceControlService.Update(resourceControl.ID, &resourceControl); err != nil {
 			return err
 		}
 	}
@@ -42,8 +41,8 @@ func (m *Migrator) updateUsersAndRolesToDBVersion22() error {
 
 	for _, user := range legacyUsers {
 		user.PortainerAuthorizations = authorization.DefaultPortainerAuthorizations()
-		err = m.userService.Update(user.ID, &user)
-		if err != nil {
+
+		if err := m.userService.Update(user.ID, &user); err != nil {
 			return err
 		}
 	}
@@ -52,38 +51,47 @@ func (m *Migrator) updateUsersAndRolesToDBVersion22() error {
 	if err != nil {
 		return err
 	}
+
 	endpointAdministratorRole.Priority = 1
 	endpointAdministratorRole.Authorizations = authorization.DefaultEndpointAuthorizationsForEndpointAdministratorRole()
 
-	err = m.roleService.Update(endpointAdministratorRole.ID, endpointAdministratorRole)
+	if err := m.roleService.Update(endpointAdministratorRole.ID, endpointAdministratorRole); err != nil {
+		return err
+	}
 
 	helpDeskRole, err := m.roleService.Read(portainer.RoleID(2))
 	if err != nil {
 		return err
 	}
+
 	helpDeskRole.Priority = 2
 	helpDeskRole.Authorizations = authorization.DefaultEndpointAuthorizationsForHelpDeskRole(settings.AllowVolumeBrowserForRegularUsers)
 
-	err = m.roleService.Update(helpDeskRole.ID, helpDeskRole)
+	if err := m.roleService.Update(helpDeskRole.ID, helpDeskRole); err != nil {
+		return err
+	}
 
 	standardUserRole, err := m.roleService.Read(portainer.RoleID(3))
 	if err != nil {
 		return err
 	}
+
 	standardUserRole.Priority = 3
 	standardUserRole.Authorizations = authorization.DefaultEndpointAuthorizationsForStandardUserRole(settings.AllowVolumeBrowserForRegularUsers)
 
-	err = m.roleService.Update(standardUserRole.ID, standardUserRole)
+	if err := m.roleService.Update(standardUserRole.ID, standardUserRole); err != nil {
+		return err
+	}
 
 	readOnlyUserRole, err := m.roleService.Read(portainer.RoleID(4))
 	if err != nil {
 		return err
 	}
+
 	readOnlyUserRole.Priority = 4
 	readOnlyUserRole.Authorizations = authorization.DefaultEndpointAuthorizationsForReadOnlyUserRole(settings.AllowVolumeBrowserForRegularUsers)
 
-	err = m.roleService.Update(readOnlyUserRole.ID, readOnlyUserRole)
-	if err != nil {
+	if err := m.roleService.Update(readOnlyUserRole.ID, readOnlyUserRole); err != nil {
 		return err
 	}
 
diff --git a/api/http/handler/kubernetes/deprecated_routes.go b/api/http/handler/kubernetes/deprecated_routes.go
index cc44d10e5..e471c2ecb 100644
--- a/api/http/handler/kubernetes/deprecated_routes.go
+++ b/api/http/handler/kubernetes/deprecated_routes.go
@@ -36,11 +36,14 @@ func deprecatedNamespaceParser(w http.ResponseWriter, r *http.Request) (string,
 
 	// Restore the original body for further use
 	bodyBytes, err := io.ReadAll(r.Body)
+	if err != nil {
+		return "", httperror.InternalServerError("Unable to read request body", err)
+	}
+
 	r.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
 
 	payload := models.K8sNamespaceDetails{}
-	err = request.DecodeAndValidateJSONPayload(r, &payload)
-	if err != nil {
+	if err := request.DecodeAndValidateJSONPayload(r, &payload); err != nil {
 		return "", httperror.BadRequest("Invalid request. Unable to parse namespace payload", err)
 	}
 	namespaceName := payload.Name
diff --git a/api/http/security/bouncer_test.go b/api/http/security/bouncer_test.go
index 9553b90c5..4d84dcfee 100644
--- a/api/http/security/bouncer_test.go
+++ b/api/http/security/bouncer_test.go
@@ -344,6 +344,7 @@ func Test_apiKeyLookup(t *testing.T) {
 		req.Header.Add("x-api-key", rawAPIKey)
 
 		token, err := bouncer.apiKeyLookup(req)
+		require.NoError(t, err)
 
 		expectedToken := &portainer.TokenData{ID: user.ID, Username: user.Username, Role: portainer.StandardUserRole}
 		is.Equal(expectedToken, token)
@@ -358,6 +359,7 @@ func Test_apiKeyLookup(t *testing.T) {
 		req.Header.Add("x-api-key", rawAPIKey)
 
 		token, err := bouncer.apiKeyLookup(req)
+		require.NoError(t, err)
 
 		expectedToken := &portainer.TokenData{ID: user.ID, Username: user.Username, Role: portainer.StandardUserRole}
 		is.Equal(expectedToken, token)
@@ -372,6 +374,7 @@ func Test_apiKeyLookup(t *testing.T) {
 		req.Header.Add("x-api-key", rawAPIKey)
 
 		token, err := bouncer.apiKeyLookup(req)
+		require.NoError(t, err)
 
 		expectedToken := &portainer.TokenData{ID: user.ID, Username: user.Username, Role: portainer.StandardUserRole}
 		is.Equal(expectedToken, token)