Skip to content

Commit

Permalink
Merge pull request #120 from bcgov/dev
Browse files Browse the repository at this point in the history
Change error messages from namespace to gateway (#119)
  • Loading branch information
rustyjux authored Aug 15, 2024
2 parents e40571d + eaa8ea6 commit 20eca47
Show file tree
Hide file tree
Showing 7 changed files with 21 additions and 21 deletions.
2 changes: 1 addition & 1 deletion microservices/gatewayApi/auth/authz.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ def enforce_authorization(namespace):
# It can be in two formats: '/ns/<namespace>' or '<namespace>'
ns = g.principal[the_ns_claim]
if ns != namespace and ns != ('/%s/%s' % (users_group_root(), namespace)):
abort(make_response(jsonify(error="Not authorized to use %s namespace." % namespace), 403))
abort(make_response(jsonify(error="Not authorized to use %s gateway." % namespace), 403))

def enforce_role_authorization(role):
return
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ def test_conflicting_qualifier(client):
}
response = client.put('/v2/namespaces/mytest/gateway', json=data)
assert response.status_code == 400
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nToo many different qualified namespaces ([\'ns.mytest.dev\', \'ns.mytest.prod\']). Rejecting request."}'
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nToo many different qualified gateways ([\'ns.mytest.dev\', \'ns.mytest.prod\']). Rejecting request."}'


def test_invalid_host(client):
Expand All @@ -73,7 +73,7 @@ def test_invalid_host(client):
}
response = client.put('/v2/namespaces/mytest/gateway', json=data)
assert response.status_code == 400
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nHost invalid: route-1 myapi.invalid.site. Route hosts must end with one of [.api.gov.bc.ca,.cluster.local] for this namespace."}'
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nHost invalid: route-1 myapi.invalid.site. Route hosts must end with one of [.api.gov.bc.ca,.cluster.local] for this gateway."}'


def test_conflicting_host(client):
Expand All @@ -97,7 +97,7 @@ def test_conflicting_host(client):
}
response = client.put('/v2/namespaces/mytest/gateway', json=data)
assert response.status_code == 400
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nservice.my-service.route.route-1 The host is already used in another namespace \'ns1-service.api.gov.bc.ca\'"}'
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nservice.my-service.route.route-1 The host is already used in another gateway \'ns1-service.api.gov.bc.ca\'"}'

def test_invalid_upstream(client):
configFile = '''
Expand Down
8 changes: 4 additions & 4 deletions microservices/gatewayApi/v1/routes/gateway.py
Original file line number Diff line number Diff line change
Expand Up @@ -418,11 +418,11 @@ def validate_tags(yaml, required_tag):

if traverse_has_ns_qualifier(yaml, required_tag) and traverse_has_ns_tag_only(yaml, required_tag):
errors.append(
"Tags for the namespace can not have a mix of 'ns.<namespace>' and 'ns.<namespace>.<qualifier>'. Rejecting request.")
"Tags for the gateway can not have a mix of 'ns.<gateway>' and 'ns.<gateway>.<qualifier>'. Rejecting request.")

traverse("", errors, yaml, required_tag, qualifiers)
if len(qualifiers) > 1:
errors.append("Too many different qualified namespaces (%s). Rejecting request." % qualifiers)
errors.append("Too many different qualified gateways (%s). Rejecting request." % qualifiers)

if len(errors) != 0:
raise Exception('\n'.join(errors))
Expand Down Expand Up @@ -553,12 +553,12 @@ def validate_hosts(yaml, reserved_hosts, ns_attributes):
if 'hosts' in route:
for host in route['hosts']:
if host in reserved_hosts:
errors.append("service.%s.route.%s The host is already used in another namespace '%s'" % (
errors.append("service.%s.route.%s The host is already used in another gateway '%s'" % (
service['name'], route['name'], host))
if host_valid(host) is False:
errors.append("Host not passing DNS-952 validation '%s'" % host)
if host_ends_with_one_of_list(host, allowed_domains) is False:
errors.append("Host invalid: %s. Route hosts must end with one of [%s] for this namespace." % (
errors.append("Host invalid: %s. Route hosts must end with one of [%s] for this gateway." % (
route['name'], ','.join(allowed_domains)))
else:
errors.append("service.%s.route.%s A host must be specified for routes." %
Expand Down
12 changes: 6 additions & 6 deletions microservices/gatewayApi/v1/routes/namespaces.py
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ def create_namespace() -> object:

if not namespace_valid(namespace):
log.error("Namespace validation failed %s", namespace)
abort(make_response(jsonify(error="Namespace name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400))
abort(make_response(jsonify(error="Gateway name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400))

try:
svc = NamespaceService()
Expand All @@ -50,11 +50,11 @@ def create_namespace() -> object:
if err.response_code == 409:
log.error("Namespace %s already created." % namespace)
log.error(err)
abort(make_response(jsonify(error="Namespace is already created."), 400))
abort(make_response(jsonify(error="Gateway is already created."), 400))
else:
log.error("Failed to create namespace %s" % namespace)
log.error(err)
abort(make_response(jsonify(error="Failed to add namespace"), 400))
abort(make_response(jsonify(error="Failed to add gateway"), 400))

return ('', 201)

Expand All @@ -69,7 +69,7 @@ def update_namespace(namespace: str) -> object:

if not namespace_valid(namespace):
log.error("Namespace validation failed %s", namespace)
abort(make_response(jsonify(error="Namespace name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400))
abort(make_response(jsonify(error="Gateway name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400))

log.info("Updating namespace %s" % namespace)

Expand All @@ -84,7 +84,7 @@ def update_namespace(namespace: str) -> object:
except KeycloakGetError as err:
log.error("Failed to update namespace %s", namespace)
log.error(err)
abort(make_response(jsonify(error="Failed to update namespace"), 400))
abort(make_response(jsonify(error="Failed to update gateway"), 400))

return make_response(jsonify())

Expand All @@ -105,7 +105,7 @@ def delete_namespace(namespace: str) -> object:

except KeycloakGetError as err:
log.error(err)
abort(make_response(jsonify(error="Failed to delete namespace"), 400))
abort(make_response(jsonify(error="Failed to delete gateway"), 400))

return ('', 204)

Expand Down
4 changes: 2 additions & 2 deletions microservices/gatewayApi/v1/routes/serviceaccounts.py
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ def create_service_account(namespace: str) -> object:
return ({'client_id': cid, 'client_secret': r['value']}, 201)
except KeycloakGetError as err:
if err.response_code == 409:
abort(make_response(jsonify(error="Service Account for this namespace is already created."), 400))
abort(make_response(jsonify(error="Service Account for this gateway is already created."), 400))
else:
log.error(err)
abort(make_response(jsonify(error="Failed to add service account"), 400))
Expand All @@ -97,7 +97,7 @@ def update_service_account_credentials(namespace: str, client_id: str) -> object
return ({'client_id': client_id, 'client_secret': r['value']}, 201)
except KeycloakGetError as err:
if err.response_code == 409:
abort(make_response(jsonify(error="Service Account for this namespace is already created."), 400))
abort(make_response(jsonify(error="Service Account for this gateway is already created."), 400))
else:
log.error(err)
abort(make_response(jsonify(error="Failed to add service account"), 400))
Expand Down
2 changes: 1 addition & 1 deletion microservices/gatewayApi/v2/routes/consumers.py
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ def validate_tags(data, required_tag):

if traverse_has_ns_qualifier(data, required_tag):
errors.append(
"Tags for the namespace can not have a mix of 'ns.<namespace>' and 'ns.<namespace>.<qualifier>'. Rejecting request.")
"Tags for the gateway can not have a mix of 'ns.<gateway>' and 'ns.<gateway>.<qualifier>'. Rejecting request.")
else:
errors.append("no tags found")

Expand Down
8 changes: 4 additions & 4 deletions microservices/gatewayApi/v2/routes/gateway.py
Original file line number Diff line number Diff line change
Expand Up @@ -417,11 +417,11 @@ def validate_tags(yaml, required_tag):

if traverse_has_ns_qualifier(yaml, required_tag) and traverse_has_ns_tag_only(yaml, required_tag):
errors.append(
"Tags for the namespace can not have a mix of 'ns.<namespace>' and 'ns.<namespace>.<qualifier>'. Rejecting request.")
"Tags for the gateway can not have a mix of 'ns.<gateway>' and 'ns.<gateway>.<qualifier>'. Rejecting request.")

traverse("", errors, yaml, required_tag, qualifiers)
if len(qualifiers) > 1:
errors.append("Too many different qualified namespaces (%s). Rejecting request." % qualifiers)
errors.append("Too many different qualified gateways (%s). Rejecting request." % qualifiers)

if len(errors) != 0:
raise Exception('\n'.join(errors))
Expand Down Expand Up @@ -574,14 +574,14 @@ def validate_hosts(yaml, reserved_hosts, ns_attributes):
if 'hosts' in route:
for host in route['hosts']:
if host in reserved_hosts:
errors.append("service.%s.route.%s The host is already used in another namespace '%s'" % (
errors.append("service.%s.route.%s The host is already used in another gateway '%s'" % (
service['name'], route['name'], host))
if host_valid(host) is False:
errors.append("Host not passing DNS-952 validation '%s'" % host)
if validate_local_host(host) is False:
errors.append("Host failed validation for data plane '%s'" % host)
if host_ends_with_one_of_list(host, allowed_domains) is False:
errors.append("Host invalid: %s %s. Route hosts must end with one of [%s] for this namespace." % (
errors.append("Host invalid: %s %s. Route hosts must end with one of [%s] for this gateway." % (
route['name'], host, ','.join(allowed_domains)))
else:
errors.append("service.%s.route.%s A host must be specified for routes." %
Expand Down

0 comments on commit 20eca47

Please sign in to comment.