PUT /api/collaborations_services/v1/connect_collaboration_service and no admin in CO gives internal Server Error

HendriHondorp commented 2 years ago

During test of https://sram.surf.nl/apidocs/#/default/put_api_collaborations_services_v1_connect_collaboration_service I found:

When there is no "admin" role inside a (new created) CO the request can not be confirmed/made. The error message is not very helpful:

500 Internal Server Error The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.

I think file server/api/collaborations_services.py is effected. Line 81-87. Can a better error message being send to the API caller?

baszoetekouw commented 2 years ago

Bijbehorende stack trace is:

SBS: 2022-08-16 11:52:12,683 base ERROR user: ext_api, <Response 73 bytes [500 INTERNAL SERVER ERROR]>
Traceback (most recent call last):
  File "/opt/sbs/sbs/server/api/base.py", line 130, in wrapper
    body, status = f(*args, **kwargs)
  File "/opt/sbs/sbs/server/api/collaborations_services.py", line 85, in connect_collaboration_service_api
    raise BadRequest(f"Collaboration {collaboration.short_name} has no administrator")
werkzeug.exceptions.BadRequest: 400 Bad Request: Collaboration researcher has no administrator
SBS: 2022-08-16 11:52:12,686 server.__main__ ERROR Exception on /api/collaborations_services/v1/connect_collaboration_service [PUT]
Traceback (most recent call last):
  File "/opt/sbs/sbs/server/api/base.py", line 130, in wrapper
    body, status = f(*args, **kwargs)
  File "/opt/sbs/sbs/server/api/collaborations_services.py", line 85, in connect_collaboration_service_api
    raise BadRequest(f"Collaboration {collaboration.short_name} has no administrator")
werkzeug.exceptions.BadRequest: 400 Bad Request: Collaboration researcher has no administrator

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/app.py", line 2077, in wsgi_app
    response = self.full_dispatch_request()
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/app.py", line 1525, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/app.py", line 1523, in full_dispatch_request
    rv = self.dispatch_request()
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/app.py", line 1509, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flasgger/utils.py", line 273, in wrapper
    return function(*args, **kwargs)
  File "/opt/sbs/sbs/server/api/base.py", line 151, in wrapper
    send_error_mail(tb=traceback.format_exc())
  File "/opt/sbs/sbs/server/api/base.py", line 116, in send_error_mail
    user = current_user() if session_exists else {}
  File "/opt/sbs/sbs/server/auth/security.py", line 54, in current_user
    return _get_impersonated_session()["user"]
  File "/opt/sbs/sbs/server/auth/security.py", line 22, in _get_impersonated_session
    if not session["user"]["admin"]:
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/sessions.py", line 79, in __getitem__
    return super().__getitem__(key)
KeyError: 'user'

De 500 ontstaat blijkbaar in de afhandeling van de 400 error (die wel descriptief is)

baszoetekouw commented 2 years ago

Een vergelijkbare error ontstaat als de gebruiker invalid json als input geeft:

SBS: 2022-08-16 12:00:01,396 server.__main__ ERROR Exception on /api/collaborations_services/v1/connect_collaboration_service [PUT]
Traceback (most recent call last):
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/werkzeug/wrappers/request.py", line 578, in get_json
    rv = self.json_module.loads(data)
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/json/__init__.py", line 180, in loads
    return _json.loads(s, **kwargs)
  File "/usr/lib/python3.9/json/__init__.py", line 346, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python3.9/json/decoder.py", line 337, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib/python3.9/json/decoder.py", line 353, in raw_decode
    obj, end = self.scan_once(s, idx)
json.decoder.JSONDecodeError: Invalid \escape: line 1 column 56 (char 55)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/wrappers.py", line 128, in on_json_loading_failed
    return super().on_json_loading_failed(e)
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/werkzeug/wrappers/request.py", line 609, in on_json_loading_failed
    raise BadRequest(f"Failed to decode JSON object: {e}")
werkzeug.exceptions.BadRequest: 400 Bad Request: Failed to decode JSON object: Invalid \escape: line 1 column 56 (char 55)

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/opt/sbs/sbs/server/api/base.py", line 130, in wrapper
    body, status = f(*args, **kwargs)
  File "/opt/sbs/sbs/server/api/collaborations_services.py", line 65, in connect_collaboration_service_api
    data = current_request.get_json()
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/werkzeug/wrappers/request.py", line 587, in get_json
    rv = self.on_json_loading_failed(e)
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/wrappers.py", line 133, in on_json_loading_failed
    raise BadRequest() from e
werkzeug.exceptions.BadRequest: 400 Bad Request: The browser (or proxy) sent a request that this server could not understand.

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/app.py", line 2077, in wsgi_app
    response = self.full_dispatch_request()
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/app.py", line 1525, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/app.py", line 1523, in full_dispatch_request
    rv = self.dispatch_request()
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/app.py", line 1509, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flasgger/utils.py", line 273, in wrapper
    return function(*args, **kwargs)
  File "/opt/sbs/sbs/server/api/base.py", line 151, in wrapper
    send_error_mail(tb=traceback.format_exc())
  File "/opt/sbs/sbs/server/api/base.py", line 116, in send_error_mail
    user = current_user() if session_exists else {}
  File "/opt/sbs/sbs/server/auth/security.py", line 54, in current_user
    return _get_impersonated_session()["user"]
  File "/opt/sbs/sbs/server/auth/security.py", line 22, in _get_impersonated_session
    if not session["user"]["admin"]:
  File "/opt/sbs/sbs-env/lib/python3.9/site-packages/flask/sessions.py", line 79, in __getitem__
    return super().__getitem__(key)
KeyError: 'user'

Dit zou ook een 400 moeten worden (met descriptieve foutmelding)

SURFscz / SBS

PUT /api/collaborations_services/v1/connect_collaboration_service and no admin in CO gives internal Server Error #271