refactor(server): allow TinkerPop exceptions in Gremlin resp

[utafrali]

Purpose of the PR

• Fixes [Bug] Request Gremlin exception: MissingPropertyException #2986

Main Changes

The Gremlin query API was filtering out TinkerPop exceptions like MissingPropertyException instead of passing them back to clients. Added org.apache.tinkerpop. to the exception allowlist so these errors bubble up properly. Also added a test to verify the behavior.

Verifying these changes

• Trivial rework / code cleanup without any test coverage.
• Already covered by existing tests.
• Need tests and can be verified as follows:

Added unit test in GremlinQueryAPITest.java covering exception handling for TinkerPop packages.

Does this PR potentially affect the following parts?

• Dependencies
• Modify configurations
• The public API
• Other affects
• Nope

Documentation Status

• Doc - TODO
• Doc - Done
• Doc - No Need

[imbajin]

‼️ This package-wide allowlist is too broad. matchBadRequestException() would now classify classes such as org.apache.tinkerpop.gremlin.server.auth.AuthenticationException and org.apache.tinkerpop.gremlin.server.authz.AuthorizationException as 400, even though they carry 401/403 semantics.

That changes the API contract for auth failures and hides security/server-side errors behind a generic bad request. Please whitelist only the concrete exception class(es) reproduced by #2986 instead of the whole org.apache.tinkerpop. namespace.

[imbajin]

⚠️ EmptyProperty is not an exception type, so this test does not pin the reported bug. In TinkerPop 3.5.1, EmptyProperty.value() throws Property.Exceptions.propertyDoesNotExist() (IllegalStateException), which means this assertion can pass even if the real Exception-Class from Gremlin is still misclassified.

Please assert against the actual class observed in #2986, and add a negative case for auth/authorization exceptions so the allowlist boundary is covered.

[utafrali]

Done, pushed the fix.