Verified Commit e2ac8aae authored by Peter Stanko's avatar Peter Stanko
Browse files

Hack - CORS after exception has been thrown

parent 595166be
......@@ -76,6 +76,7 @@ class TestConfig(Config):
"""
SQLALCHEMY_TRACK_MODIFICATIONS = False
TESTING = True
DEBUG=False
SQLALCHEMY_DATABASE_URI = 'sqlite://'
# SQLALCHEMY_ECHO = True
PORTAL_ENV = 'dev'
......
......@@ -54,6 +54,7 @@ LOGGERS = {
'management': {'handlers': ['console'], 'level': 'INFO', 'propagate': True},
'app': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': True},
'flask': {'handlers': ['console', 'flask_file'], 'level': 'DEBUG', 'propagate': True},
'flask_cors': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': True},
'werkzeug': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': True},
'storage': {'handlers': ['console', 'storage_file'], 'level': 'INFO', 'propagate': True},
}
......
......@@ -2,7 +2,6 @@ import flask
import storage
from flask import Flask
from flask_jwt_extended.exceptions import NoAuthorizationError
from flask_restplus import abort
from marshmallow.exceptions import ValidationError
from sqlalchemy.exc import SQLAlchemyError
......@@ -19,60 +18,66 @@ def load_errors(app: Flask):
app.register_error_handler(ex, func)
def send_response(body):
response: flask.Response = flask.jsonify(body)
response.headers['Access-Control-Allow-Origin'] = '*'
return response
@rest_api.errorhandler
def default_error_handler():
return flask.jsonify({'message': 'Default error handler has been triggered'}), 401
return send_response({'message': 'Default error handler has been triggered'}), 401
@rest_api.errorhandler(UnauthorizedError)
def handle_unauthorized_error(ex: UnauthorizedError):
log.warning(f"[AUTH] {ex.message} ")
return flask.jsonify({'message': ex.message, 'error': f'{ex}'}), 401
return send_response({'message': ex.message, 'error': f'{ex}'}), 401
@rest_api.errorhandler(NoAuthorizationError)
def handle_missing_auth_header(ex: NoAuthorizationError):
log.warning(f"[AUTH] Auth headers are missing: {ex} ")
return flask.jsonify({'message': 'Auth headers is missing', 'error': f'{ex}'}), 401
return send_response({'message': 'Auth headers is missing', 'error': f'{ex}'}), 401
@rest_api.errorhandler(IncorrectCredentialsError)
def handle_missing_auth_header(ex: IncorrectCredentialsError):
log.warning(f"[AUTH] Credentials are incorrect: {ex} ")
return flask.jsonify({'message': 'Credentials are incorrect', 'error': f'{ex}'}), 401
return send_response({'message': 'Credentials are incorrect', 'error': f'{ex}'}), 401
@rest_api.errorhandler(ValidationError)
def handle_validation_error(ex: ValidationError):
log.warning(f"[VALID] Validation failed: {ex}")
return flask.jsonify({'message': f"Validation failed on: {ex.messages}"}), 400
return send_response({'message': f"Validation failed on: {ex.messages}"}), 400
@rest_api.errorhandler(SQLAlchemyError)
def handle_db_error(ex: SQLAlchemyError):
log.error(f"[DB] Error: {ex}", ex)
return flask.jsonify({'message': f'Database error: {ex}'}), 400
return send_response({'message': f'Database error: {ex}'}), 400
@rest_api.errorhandler(NotImplementedError)
def handle_not_implemented_error():
log.warning(f"[WARN] Not implemented yet: {ex}")
return flask.jsonify({'message': f'Not implemented yet!'}), 404
return send_response({'message': f'Not implemented yet!'}), 404
@rest_api.errorhandler(storage.errors.NotFoundError)
def handle_storage_not_found_error(ex: storage.errors.NotFoundError):
log.warning(f"[STORAGE] Storage not found warning: {ex}")
return flask.jsonify({'message': str(ex)}), 404
return send_response({'message': str(ex)}), 404
@rest_api.errorhandler(storage.errors.KontrStorageError)
def handle_storage_error(ex: storage.errors.KontrStorageError):
log.warning(f"[STORAGE] Storage error: {ex}")
return flask.jsonify({'message': str(ex)}), 400
return send_response({'message': str(ex)}), 400
@rest_api.errorhandler(PortalAPIError)
def handle_portal_api_error(ex: PortalAPIError):
log.error(f"[API] Api error: {ex} ")
abort(code=ex.code, message=ex.message)
return send_response({'message': ex.message}), ex.code
......@@ -248,6 +248,8 @@ def test_create_submission_second_should_fail(client, ent_mocker, rest_service,
credentials=user_credentials)
assert_response(response, code=429)
assert response.json['message']
assert 'Access-Control-Allow-Origin' in response.headers
@pytest.fixture()
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment