Incorrect error response for /users/register when tenantId doesn't exist - Githubissues

apache / trafficcontrol

Apache Traffic Control is an Open Source implementation of a Content Delivery Network

https://trafficcontrol.apache.org/

Apache License 2.0

1.08k stars 344 forks source link

Incorrect error response for /users/register when tenantId doesn't exist #4211

Open ericholguin opened 4 years ago

ericholguin commented 4 years ago

I'm submitting a ...

[ ] bug report
[ ] new feature / enhancement request
[x] improvement request (usability, performance, tech debt, etc.)
[ ] other

Traffic Control components affected ...

[ ] CDN in a Box
[ ] Documentation
[ ] Grove
[ ] Traffic Control Client
[ ] Traffic Monitor
[X] Traffic Ops
[ ] Traffic Ops ORT
[ ] Traffic Portal
[ ] Traffic Router
[ ] Traffic Stats
[ ] Traffic Vault
[ ] unknown

Current behavior:

When making a POST request to users/register with a tenantId value, that doesn't exist, in the body. The response returned is:

HTTP/1.1 400 Bad Request
{
    "alerts": [
        {
            "text": "not authorized on this tenant",
            "level": "error"
        }
    ]
}

Expected / new behavior:

Should Return:

HTTP/1.1 404 Not Found
{
    "alerts": [
        {
            "text": "No such tenant: 87129",
            "level": "error"
        }
    ]
}

Minimal reproduction of the problem with instructions:

Anything else:

ocket8888 commented 4 years ago

I wrestled a lot with how to label this. Since there's no authoritative source on what behavior should be exhibited in a specific error scenario, and the message portrayed isn't strictly wrong - since it's true that nobody really has permissions to modify a tenant that doesn't exist - I settled on "improvement".