app/errors.py

from flask import (
    jsonify,
    current_app
)
from sqlalchemy.exc import SQLAlchemyError, DataError
from sqlalchemy.orm.exc import NoResultFound
from marshmallow import ValidationError
from app.authentication.auth import AuthError


class InvalidRequest(Exception):

    def __init__(self, message, status_code):
        super().__init__()
        self.message = message
        self.status_code = status_code

    def to_dict(self):
        return {'result': 'error', 'message': self.message}

    def __str__(self):
        return str(self.to_dict())


def register_errors(blueprint):

    @blueprint.app_errorhandler(AuthError)
    def authentication_error(error):
        return jsonify(result='error', message=error.message), error.code

    @blueprint.app_errorhandler(ValidationError)
    def validation_error(error):
        current_app.logger.error(error)
        return jsonify(result='error', message=error.messages), 400

    @blueprint.app_errorhandler(InvalidRequest)
    def invalid_data(error):
        response = jsonify(error.to_dict())
        response.status_code = error.status_code
        current_app.logger.error(error)
        return response

    @blueprint.app_errorhandler(400)
    def bad_request(e):
        msg = e.description or "Invalid request parameters"
        current_app.logger.exception(msg)
        return jsonify(result='error', message=str(msg)), 400

    @blueprint.app_errorhandler(401)
    def unauthorized(e):
        error_message = "Unauthorized, authentication token must be provided"
        return jsonify(result='error', message=error_message), 401, [('WWW-Authenticate', 'Bearer')]

    @blueprint.app_errorhandler(403)
    def forbidden(e):
        error_message = "Forbidden, invalid authentication token provided"
        return jsonify(result='error', message=error_message), 403

    @blueprint.app_errorhandler(404)
    def page_not_found(e):
        msg = e.description or "Not found"
        current_app.logger.exception(msg)
        return jsonify(result='error', message=msg), 404

    @blueprint.app_errorhandler(429)
    def limit_exceeded(e):
        current_app.logger.exception(e)
        return jsonify(result='error', message=str(e.description)), 429

    @blueprint.app_errorhandler(NoResultFound)
    @blueprint.app_errorhandler(DataError)
    def no_result_found(e):
        current_app.logger.exception(e)
        return jsonify(result='error', message="No result found"), 404

    @blueprint.app_errorhandler(SQLAlchemyError)
    def db_error(e):
        current_app.logger.exception(e)
        if e.orig.pgerror and \
            ('duplicate key value violates unique constraint "services_name_key"' in e.orig.pgerror or
                'duplicate key value violates unique constraint "services_email_from_key"' in e.orig.pgerror):
            return jsonify(
                result='error',
                message={'name': ["Duplicate service name '{}'".format(
                    e.params.get('name', e.params.get('email_from', ''))
                )]}
            ), 400
        return jsonify(result='error', message="Internal server error"), 500

    # this must be defined after all other error handlers since it catches the generic Exception object
    @blueprint.app_errorhandler(500)
    @blueprint.app_errorhandler(Exception)
    def internal_server_error(e):
        current_app.logger.exception(e)
        return jsonify(result='error', message="Internal server error"), 500
Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler. 2016-02-17 17:04:50 +00:00			`from flask import (`
			`jsonify,`
			`current_app`
			`)`
Refactor user/<user_id>/code into two endpoints. - Created new endpoint user/<user_id>/sms-code to send the sms verification code to the user. - Create new endpoirtn user/<user_id>/email-code to send the email verifcation code to the user. - Marked the old methods, schema, tests with a TODO to be deleted when the admin app is no longer sending messages to /user/<user_id>/code - Added error handlers for DataError and NoResultFound. Data error catches invalid input errors. - Added error handler for SqlAlchemyError which catches any other database errors. - Removed the need for the try catches around the db calls in the user endpoints with the addition of the db error handlers. - We may want to wrap db excpetions in the dao, if we want the No results found message to be more specific and say no result found for user. 2016-02-19 11:37:35 +00:00			`from sqlalchemy.exc import SQLAlchemyError, DataError`
			`from sqlalchemy.orm.exc import NoResultFound`
Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors. 2016-06-14 15:07:23 +01:00			`from marshmallow import ValidationError`
refactored the requires_auth handler to raise exceptions hopefully cleans up code flow and readability [a tiny bit]. raise an AuthException in auth.py, and catch it in errors.py to save on returning error_repsonse values throughout the function 2016-06-29 17:37:20 +01:00			`from app.authentication.auth import AuthError`
Implement a JWT header into base client - adds a base client - adds a notifications client These do not proxy onto genuine methods. This pull request is the basic implication of the API Client. Still needs a few things before is ready, notably proper logging and actual API endpoints to hook into. Basic premise is to deliver the JWT tokens required for Notify API authentication so we can discuss the implementation/premise. 2015-12-11 16:57:00 +00:00

Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors. 2016-06-14 15:07:23 +01:00			`class InvalidRequest(Exception):`
Rest methods that explicitly return errors by pass the error handlers as they do not raise exceptions. Introduced a simple exception that contains error messages and status code that can be used rather than return json + status code from rest methods directly. The handler in errors for this exception can then log the error before returning json. 2016-06-13 11:48:20 +01:00
			`def __init__(self, message, status_code):`
			`super().__init__()`
			`self.message = message`
			`self.status_code = status_code`

			`def to_dict(self):`
			`return {'result': 'error', 'message': self.message}`

			`def __str__(self):`
			`return str(self.to_dict())`


Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler. 2016-02-17 17:04:50 +00:00			`def register_errors(blueprint):`
Implement a JWT header into base client - adds a base client - adds a notifications client These do not proxy onto genuine methods. This pull request is the basic implication of the API Client. Still needs a few things before is ready, notably proper logging and actual API endpoints to hook into. Basic premise is to deliver the JWT tokens required for Notify API authentication so we can discuss the implementation/premise. 2015-12-11 16:57:00 +00:00
refactored the requires_auth handler to raise exceptions hopefully cleans up code flow and readability [a tiny bit]. raise an AuthException in auth.py, and catch it in errors.py to save on returning error_repsonse values throughout the function 2016-06-29 17:37:20 +01:00			`@blueprint.app_errorhandler(AuthError)`
			`def authentication_error(error):`
			`return jsonify(result='error', message=error.message), error.code`

Change endpoint responses where there are marshalling, unmarshalling or param errors to raise invalid data exception. That will cause those responses to be handled in by errors.py, which will log the errors. Set most of schemas to strict mode so that marshmallow will raise exception rather than checking for errors in return tuple from load. Added handler to errors.py for marshmallow validation errors. 2016-06-14 15:07:23 +01:00			`@blueprint.app_errorhandler(ValidationError)`
			`def validation_error(error):`
			`current_app.logger.error(error)`
			`return jsonify(result='error', message=error.messages), 400`

			`@blueprint.app_errorhandler(InvalidRequest)`
Rest methods that explicitly return errors by pass the error handlers as they do not raise exceptions. Introduced a simple exception that contains error messages and status code that can be used rather than return json + status code from rest methods directly. The handler in errors for this exception can then log the error before returning json. 2016-06-13 11:48:20 +01:00			`def invalid_data(error):`
			`response = jsonify(error.to_dict())`
			`response.status_code = error.status_code`
			`current_app.logger.error(error)`
			`return response`

Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler. 2016-02-17 17:04:50 +00:00			`@blueprint.app_errorhandler(400)`
			`def bad_request(e):`
handle Exception and remove duplication in errors.py ensure that if unexpected Exceptions are thrown, we handle them correctly (log and then return JSON) also remove some branches that will never trip, and combine a couple of identical functions 2016-10-17 17:41:39 +01:00			`msg = e.description or "Invalid request parameters"`
Rest methods that explicitly return errors by pass the error handlers as they do not raise exceptions. Introduced a simple exception that contains error messages and status code that can be used rather than return json + status code from rest methods directly. The handler in errors for this exception can then log the error before returning json. 2016-06-13 11:48:20 +01:00			`current_app.logger.exception(msg)`
Working permissions and all tests passing. Remove print statements. Fix for review comments. 2016-02-26 12:00:16 +00:00			`return jsonify(result='error', message=str(msg)), 400`
Implement a JWT header into base client - adds a base client - adds a notifications client These do not proxy onto genuine methods. This pull request is the basic implication of the API Client. Still needs a few things before is ready, notably proper logging and actual API endpoints to hook into. Basic premise is to deliver the JWT tokens required for Notify API authentication so we can discuss the implementation/premise. 2015-12-11 16:57:00 +00:00
Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler. 2016-02-17 17:04:50 +00:00			`@blueprint.app_errorhandler(401)`
			`def unauthorized(e):`
			`error_message = "Unauthorized, authentication token must be provided"`
Fix get_users_by_service to return 404 if service does not exist. Refactored service/rest.py so that all methods are returning a properly formatted error message so that the error message can deal with the response. Refactoed errors.py to properly format the error message. 2016-02-25 12:11:51 +00:00			`return jsonify(result='error', message=error_message), 401, [('WWW-Authenticate', 'Bearer')]`
Implement a JWT header into base client - adds a base client - adds a notifications client These do not proxy onto genuine methods. This pull request is the basic implication of the API Client. Still needs a few things before is ready, notably proper logging and actual API endpoints to hook into. Basic premise is to deliver the JWT tokens required for Notify API authentication so we can discuss the implementation/premise. 2015-12-11 16:57:00 +00:00
Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler. 2016-02-17 17:04:50 +00:00			`@blueprint.app_errorhandler(403)`
			`def forbidden(e):`
			`error_message = "Forbidden, invalid authentication token provided"`
Fix get_users_by_service to return 404 if service does not exist. Refactored service/rest.py so that all methods are returning a properly formatted error message so that the error message can deal with the response. Refactoed errors.py to properly format the error message. 2016-02-25 12:11:51 +00:00			`return jsonify(result='error', message=error_message), 403`
Implement a JWT header into base client - adds a base client - adds a notifications client These do not proxy onto genuine methods. This pull request is the basic implication of the API Client. Still needs a few things before is ready, notably proper logging and actual API endpoints to hook into. Basic premise is to deliver the JWT tokens required for Notify API authentication so we can discuss the implementation/premise. 2015-12-11 16:57:00 +00:00
Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler. 2016-02-17 17:04:50 +00:00			`@blueprint.app_errorhandler(404)`
			`def page_not_found(e):`
handle Exception and remove duplication in errors.py ensure that if unexpected Exceptions are thrown, we handle them correctly (log and then return JSON) also remove some branches that will never trip, and combine a couple of identical functions 2016-10-17 17:41:39 +01:00			`msg = e.description or "Not found"`
Rest methods that explicitly return errors by pass the error handlers as they do not raise exceptions. Introduced a simple exception that contains error messages and status code that can be used rather than return json + status code from rest methods directly. The handler in errors for this exception can then log the error before returning json. 2016-06-13 11:48:20 +01:00			`current_app.logger.exception(msg)`
Working permissions and all tests passing. Remove print statements. Fix for review comments. 2016-02-26 12:00:16 +00:00			`return jsonify(result='error', message=msg), 404`
Implement a JWT header into base client - adds a base client - adds a notifications client These do not proxy onto genuine methods. This pull request is the basic implication of the API Client. Still needs a few things before is ready, notably proper logging and actual API endpoints to hook into. Basic premise is to deliver the JWT tokens required for Notify API authentication so we can discuss the implementation/premise. 2015-12-11 16:57:00 +00:00
Wire up error handlers. Replace some 400s with more appropriate 500s. DAO methods that cause unexpected exceptions get caught and logged by errors.py 500 error handler. 2016-02-17 17:04:50 +00:00			`@blueprint.app_errorhandler(429)`
			`def limit_exceeded(e):`
Rest methods that explicitly return errors by pass the error handlers as they do not raise exceptions. Introduced a simple exception that contains error messages and status code that can be used rather than return json + status code from rest methods directly. The handler in errors for this exception can then log the error before returning json. 2016-06-13 11:48:20 +01:00			`current_app.logger.exception(e)`
Fix get_users_by_service to return 404 if service does not exist. Refactored service/rest.py so that all methods are returning a properly formatted error message so that the error message can deal with the response. Refactoed errors.py to properly format the error message. 2016-02-25 12:11:51 +00:00			`return jsonify(result='error', message=str(e.description)), 429`
Implement a JWT header into base client - adds a base client - adds a notifications client These do not proxy onto genuine methods. This pull request is the basic implication of the API Client. Still needs a few things before is ready, notably proper logging and actual API endpoints to hook into. Basic premise is to deliver the JWT tokens required for Notify API authentication so we can discuss the implementation/premise. 2015-12-11 16:57:00 +00:00
Refactor user/<user_id>/code into two endpoints. - Created new endpoint user/<user_id>/sms-code to send the sms verification code to the user. - Create new endpoirtn user/<user_id>/email-code to send the email verifcation code to the user. - Marked the old methods, schema, tests with a TODO to be deleted when the admin app is no longer sending messages to /user/<user_id>/code - Added error handlers for DataError and NoResultFound. Data error catches invalid input errors. - Added error handler for SqlAlchemyError which catches any other database errors. - Removed the need for the try catches around the db calls in the user endpoints with the addition of the db error handlers. - We may want to wrap db excpetions in the dao, if we want the No results found message to be more specific and say no result found for user. 2016-02-19 11:37:35 +00:00			`@blueprint.app_errorhandler(NoResultFound)`
			`@blueprint.app_errorhandler(DataError)`
handle Exception and remove duplication in errors.py ensure that if unexpected Exceptions are thrown, we handle them correctly (log and then return JSON) also remove some branches that will never trip, and combine a couple of identical functions 2016-10-17 17:41:39 +01:00			`def no_result_found(e):`
Log exception 2016-03-11 15:52:28 +00:00			`current_app.logger.exception(e)`
Fix get_users_by_service to return 404 if service does not exist. Refactored service/rest.py so that all methods are returning a properly formatted error message so that the error message can deal with the response. Refactoed errors.py to properly format the error message. 2016-02-25 12:11:51 +00:00			`return jsonify(result='error', message="No result found"), 404`
Refactor user/<user_id>/code into two endpoints. - Created new endpoint user/<user_id>/sms-code to send the sms verification code to the user. - Create new endpoirtn user/<user_id>/email-code to send the email verifcation code to the user. - Marked the old methods, schema, tests with a TODO to be deleted when the admin app is no longer sending messages to /user/<user_id>/code - Added error handlers for DataError and NoResultFound. Data error catches invalid input errors. - Added error handler for SqlAlchemyError which catches any other database errors. - Removed the need for the try catches around the db calls in the user endpoints with the addition of the db error handlers. - We may want to wrap db excpetions in the dao, if we want the No results found message to be more specific and say no result found for user. 2016-02-19 11:37:35 +00:00
			`@blueprint.app_errorhandler(SQLAlchemyError)`
			`def db_error(e):`
Log exception 2016-03-11 15:52:28 +00:00			`current_app.logger.exception(e)`
Working tests and provider stats table. Fix for tests and import error. Added tests and updated for code review comments. 2016-04-25 10:38:37 +01:00			`if e.orig.pgerror and \`
			`('duplicate key value violates unique constraint "services_name_key"' in e.orig.pgerror or`
			`'duplicate key value violates unique constraint "services_email_from_key"' in e.orig.pgerror):`
			`return jsonify(`
			`result='error',`
Fix test for duplicate service name There is a uniqueness constraint on service `name` and `email_from`. When you try to insert a row which has _both_ constraints, there is no guarantee which one the operation will fail on. This means that, when handling the exception, service `name` is not reliably available, because sometimes the operation fails on the `email_from` constraint instead. This caused the tests to fail non-deterministically because they were looking for the service `name` in the error message. As a fix, this commit does two things: 1. Return either the service `name` or `email_from` in the error message, depending which is available. 2. Modify the test to pass on _either_ of the two possible error messages. This is not ideal, but I can’t think of a way to maintain the original behaviour, and have reliably passing tests. 2016-04-26 09:32:27 +01:00			`message={'name': ["Duplicate service name '{}'".format(`
			`e.params.get('name', e.params.get('email_from', ''))`
			`)]}`
Working tests and provider stats table. Fix for tests and import error. Added tests and updated for code review comments. 2016-04-25 10:38:37 +01:00			`), 400`
			`return jsonify(result='error', message="Internal server error"), 500`
handle Exception and remove duplication in errors.py ensure that if unexpected Exceptions are thrown, we handle them correctly (log and then return JSON) also remove some branches that will never trip, and combine a couple of identical functions 2016-10-17 17:41:39 +01:00
			`# this must be defined after all other error handlers since it catches the generic Exception object`
			`@blueprint.app_errorhandler(500)`
			`@blueprint.app_errorhandler(Exception)`
			`def internal_server_error(e):`
			`current_app.logger.exception(e)`
			`return jsonify(result='error', message="Internal server error"), 500`