Hack - CORS after exception has been thrown

portal/config.py

@@ -76,6 +76,7 @@ class TestConfig(Config):
     """
     SQLALCHEMY_TRACK_MODIFICATIONS = False
     TESTING = True
+    DEBUG=False
     SQLALCHEMY_DATABASE_URI = 'sqlite://'
     # SQLALCHEMY_ECHO = True
     PORTAL_ENV = 'dev'

portal/logger.py

@@ -54,6 +54,7 @@ LOGGERS = {
     'management': {'handlers': ['console'], 'level': 'INFO', 'propagate': True},
     'app': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': True},
     'flask': {'handlers': ['console', 'flask_file'], 'level': 'DEBUG', 'propagate': True},
+    'flask_cors': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': True},
     'werkzeug': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': True},
     'storage': {'handlers': ['console', 'storage_file'], 'level': 'INFO', 'propagate': True},
 }

portal/rest/error_handlers.py

@@ -2,7 +2,6 @@ import flask
 import storage
 from flask import Flask
 from flask_jwt_extended.exceptions import NoAuthorizationError
-from flask_restplus import abort
 from marshmallow.exceptions import ValidationError
 from sqlalchemy.exc import SQLAlchemyError
 
@@ -19,60 +18,66 @@ def load_errors(app: Flask):
         app.register_error_handler(ex, func)
 
 
+def send_response(body):
+    response: flask.Response = flask.jsonify(body)
+    response.headers['Access-Control-Allow-Origin'] = '*'
+    return response
+
+
 @rest_api.errorhandler
 def default_error_handler():
-    return flask.jsonify({'message': 'Default error handler has been triggered'}), 401
+    return send_response({'message': 'Default error handler has been triggered'}), 401
 
 
 @rest_api.errorhandler(UnauthorizedError)
 def handle_unauthorized_error(ex: UnauthorizedError):
     log.warning(f"[AUTH] {ex.message} ")
-    return flask.jsonify({'message': ex.message, 'error': f'{ex}'}), 401
+    return send_response({'message': ex.message, 'error': f'{ex}'}), 401
 
 
 @rest_api.errorhandler(NoAuthorizationError)
 def handle_missing_auth_header(ex: NoAuthorizationError):
     log.warning(f"[AUTH] Auth headers are missing: {ex} ")
-    return flask.jsonify({'message': 'Auth headers is missing', 'error': f'{ex}'}), 401
+    return send_response({'message': 'Auth headers is missing', 'error': f'{ex}'}), 401
 
 
 @rest_api.errorhandler(IncorrectCredentialsError)
 def handle_missing_auth_header(ex: IncorrectCredentialsError):
     log.warning(f"[AUTH] Credentials are incorrect: {ex} ")
-    return flask.jsonify({'message': 'Credentials are incorrect', 'error': f'{ex}'}), 401
+    return send_response({'message': 'Credentials are incorrect', 'error': f'{ex}'}), 401
 
 
 @rest_api.errorhandler(ValidationError)
 def handle_validation_error(ex: ValidationError):
     log.warning(f"[VALID] Validation failed: {ex}")
-    return flask.jsonify({'message': f"Validation failed on: {ex.messages}"}), 400
+    return send_response({'message': f"Validation failed on: {ex.messages}"}), 400
 
 
 @rest_api.errorhandler(SQLAlchemyError)
 def handle_db_error(ex: SQLAlchemyError):
     log.error(f"[DB] Error: {ex}", ex)
-    return flask.jsonify({'message': f'Database error: {ex}'}), 400
+    return send_response({'message': f'Database error: {ex}'}), 400
 
 
 @rest_api.errorhandler(NotImplementedError)
 def handle_not_implemented_error():
     log.warning(f"[WARN] Not implemented yet: {ex}")
-    return flask.jsonify({'message': f'Not implemented yet!'}), 404
+    return send_response({'message': f'Not implemented yet!'}), 404
 
 
 @rest_api.errorhandler(storage.errors.NotFoundError)
 def handle_storage_not_found_error(ex: storage.errors.NotFoundError):
     log.warning(f"[STORAGE] Storage not found warning: {ex}")
-    return flask.jsonify({'message': str(ex)}), 404
+    return send_response({'message': str(ex)}), 404
 
 
 @rest_api.errorhandler(storage.errors.KontrStorageError)
 def handle_storage_error(ex: storage.errors.KontrStorageError):
     log.warning(f"[STORAGE] Storage error: {ex}")
-    return flask.jsonify({'message': str(ex)}), 400
+    return send_response({'message': str(ex)}), 400
 
 
 @rest_api.errorhandler(PortalAPIError)
 def handle_portal_api_error(ex: PortalAPIError):
     log.error(f"[API] Api error: {ex} ")
-    abort(code=ex.code, message=ex.message)
+    return send_response({'message': ex.message}), ex.code

tests/rest/test_project.py

@@ -248,6 +248,8 @@ def test_create_submission_second_should_fail(client, ent_mocker, rest_service,
                                        credentials=user_credentials)
 
     assert_response(response, code=429)
+    assert response.json['message']
+    assert 'Access-Control-Allow-Origin' in response.headers
 
 
 @pytest.fixture()