add returns after rendering errors and simplify loop condition

services/graph/pkg/service/v0/users.go

@@ -159,6 +159,7 @@ func (g Graph) GetUser(w http.ResponseWriter, r *http.Request) {
 	userID, err := url.PathUnescape(userID)
 	if err != nil {
 		errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, "unescaping user id failed")
+		return
 	}
 
 	if userID == "" {
@@ -175,11 +176,20 @@ func (g Graph) GetUser(w http.ResponseWriter, r *http.Request) {
 		} else {
 			errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, err.Error())
 		}
+		return
 	}
 	sel := strings.Split(r.URL.Query().Get("$select"), ",")
 	exp := strings.Split(r.URL.Query().Get("$expand"), ",")
 	if slices.Contains(sel, "drive") || slices.Contains(sel, "drives") || slices.Contains(exp, "drive") || slices.Contains(exp, "drives") {
 		wdu, err := url.Parse(g.config.Spaces.WebDavBase + g.config.Spaces.WebDavPath)
+		if err != nil {
+			g.logger.Err(err).
+				Str("webdav_base", g.config.Spaces.WebDavBase).
+				Str("webdav_path", g.config.Spaces.WebDavPath).
+				Msg("error parsing webdav URL")
+			render.Status(r, http.StatusInternalServerError)
+			return
+		}
 		f := listStorageSpacesUserFilter(user.GetId())
 		// use the unrestricted flag to get all possible spaces
 		// users with the canListAllSpaces permission should see all spaces
@@ -231,6 +241,7 @@ func (g Graph) DeleteUser(w http.ResponseWriter, r *http.Request) {
 	userID, err := url.PathUnescape(userID)
 	if err != nil {
 		errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, "unescaping user id failed")
+		return
 	}
 
 	if userID == "" {
@@ -248,25 +259,26 @@ func (g Graph) DeleteUser(w http.ResponseWriter, r *http.Request) {
 	})
 	if err != nil {
 		errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, "could not read spaces")
+		return
 	}
 	for _, sp := range lspr.GetStorageSpaces() {
-		if sp.SpaceType == "personal" {
-			if sp.Owner.Id.OpaqueId == userID {
-				// TODO: check if request contains a homespace and if, check if requesting user has the privilege to
-				// delete it and make sure it is not deleting its own homespace
-				// needs modification of the cs3api
-				_, err := g.gatewayClient.DeleteStorageSpace(r.Context(), &storageprovider.DeleteStorageSpaceRequest{
-					Opaque: opaque,
-					Id: &storageprovider.StorageSpaceId{
-						OpaqueId: sp.Id.OpaqueId,
-					},
-				})
-				if err != nil {
-					errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, "could not delete homespace")
-				}
-				break
-			}
+		if !(sp.SpaceType == "personal" && sp.Owner.Id.OpaqueId == userID) {
+			continue
 		}
+		// TODO: check if request contains a homespace and if, check if requesting user has the privilege to
+		// delete it and make sure it is not deleting its own homespace
+		// needs modification of the cs3api
+		_, err := g.gatewayClient.DeleteStorageSpace(r.Context(), &storageprovider.DeleteStorageSpaceRequest{
+			Opaque: opaque,
+			Id: &storageprovider.StorageSpaceId{
+				OpaqueId: sp.Id.OpaqueId,
+			},
+		})
+		if err != nil {
+			errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, "could not delete homespace")
+			return
+		}
+		break
 	}
 
 	err = g.identityBackend.DeleteUser(r.Context(), userID)
@@ -277,6 +289,7 @@ func (g Graph) DeleteUser(w http.ResponseWriter, r *http.Request) {
 			errcode.Render(w, r)
 		} else {
 			errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, err.Error())
+			return
 		}
 	}
 
@@ -293,6 +306,7 @@ func (g Graph) PatchUser(w http.ResponseWriter, r *http.Request) {
 	nameOrID, err := url.PathUnescape(nameOrID)
 	if err != nil {
 		errorcode.InvalidRequest.Render(w, r, http.StatusBadRequest, "unescaping user id failed")
+		return
 	}
 
 	if nameOrID == "" {
@@ -328,6 +342,7 @@ func (g Graph) PatchUser(w http.ResponseWriter, r *http.Request) {
 		} else {
 			errorcode.GeneralException.Render(w, r, http.StatusInternalServerError, err.Error())
 		}
+		return
 	}
 
 	currentUser := ctxpkg.ContextMustGetUser(r.Context())