Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change error messages from namespace to gateway (#119) #120

Merged
merged 1 commit into from
Aug 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion microservices/gatewayApi/auth/authz.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ def enforce_authorization(namespace):
# It can be in two formats: '/ns/<namespace>' or '<namespace>'
ns = g.principal[the_ns_claim]
if ns != namespace and ns != ('/%s/%s' % (users_group_root(), namespace)):
abort(make_response(jsonify(error="Not authorized to use %s namespace." % namespace), 403))
abort(make_response(jsonify(error="Not authorized to use %s gateway." % namespace), 403))

def enforce_role_authorization(role):
return
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ def test_conflicting_qualifier(client):
}
response = client.put('/v2/namespaces/mytest/gateway', json=data)
assert response.status_code == 400
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nToo many different qualified namespaces ([\'ns.mytest.dev\', \'ns.mytest.prod\']). Rejecting request."}'
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nToo many different qualified gateways ([\'ns.mytest.dev\', \'ns.mytest.prod\']). Rejecting request."}'


def test_invalid_host(client):
Expand All @@ -73,7 +73,7 @@ def test_invalid_host(client):
}
response = client.put('/v2/namespaces/mytest/gateway', json=data)
assert response.status_code == 400
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nHost invalid: route-1 myapi.invalid.site. Route hosts must end with one of [.api.gov.bc.ca,.cluster.local] for this namespace."}'
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nHost invalid: route-1 myapi.invalid.site. Route hosts must end with one of [.api.gov.bc.ca,.cluster.local] for this gateway."}'


def test_conflicting_host(client):
Expand All @@ -97,7 +97,7 @@ def test_conflicting_host(client):
}
response = client.put('/v2/namespaces/mytest/gateway', json=data)
assert response.status_code == 400
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nservice.my-service.route.route-1 The host is already used in another namespace \'ns1-service.api.gov.bc.ca\'"}'
assert json.dumps(response.json) == '{"error": "Validation Errors:\\nservice.my-service.route.route-1 The host is already used in another gateway \'ns1-service.api.gov.bc.ca\'"}'

def test_invalid_upstream(client):
configFile = '''
Expand Down
8 changes: 4 additions & 4 deletions microservices/gatewayApi/v1/routes/gateway.py
Original file line number Diff line number Diff line change
Expand Up @@ -418,11 +418,11 @@ def validate_tags(yaml, required_tag):

if traverse_has_ns_qualifier(yaml, required_tag) and traverse_has_ns_tag_only(yaml, required_tag):
errors.append(
"Tags for the namespace can not have a mix of 'ns.<namespace>' and 'ns.<namespace>.<qualifier>'. Rejecting request.")
"Tags for the gateway can not have a mix of 'ns.<gateway>' and 'ns.<gateway>.<qualifier>'. Rejecting request.")

traverse("", errors, yaml, required_tag, qualifiers)
if len(qualifiers) > 1:
errors.append("Too many different qualified namespaces (%s). Rejecting request." % qualifiers)
errors.append("Too many different qualified gateways (%s). Rejecting request." % qualifiers)

if len(errors) != 0:
raise Exception('\n'.join(errors))
Expand Down Expand Up @@ -553,12 +553,12 @@ def validate_hosts(yaml, reserved_hosts, ns_attributes):
if 'hosts' in route:
for host in route['hosts']:
if host in reserved_hosts:
errors.append("service.%s.route.%s The host is already used in another namespace '%s'" % (
errors.append("service.%s.route.%s The host is already used in another gateway '%s'" % (
service['name'], route['name'], host))
if host_valid(host) is False:
errors.append("Host not passing DNS-952 validation '%s'" % host)
if host_ends_with_one_of_list(host, allowed_domains) is False:
errors.append("Host invalid: %s. Route hosts must end with one of [%s] for this namespace." % (
errors.append("Host invalid: %s. Route hosts must end with one of [%s] for this gateway." % (
route['name'], ','.join(allowed_domains)))
else:
errors.append("service.%s.route.%s A host must be specified for routes." %
Expand Down
12 changes: 6 additions & 6 deletions microservices/gatewayApi/v1/routes/namespaces.py
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ def create_namespace() -> object:

if not namespace_valid(namespace):
log.error("Namespace validation failed %s", namespace)
abort(make_response(jsonify(error="Namespace name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400))
abort(make_response(jsonify(error="Gateway name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400))

try:
svc = NamespaceService()
Expand All @@ -50,11 +50,11 @@ def create_namespace() -> object:
if err.response_code == 409:
log.error("Namespace %s already created." % namespace)
log.error(err)
abort(make_response(jsonify(error="Namespace is already created."), 400))
abort(make_response(jsonify(error="Gateway is already created."), 400))
else:
log.error("Failed to create namespace %s" % namespace)
log.error(err)
abort(make_response(jsonify(error="Failed to add namespace"), 400))
abort(make_response(jsonify(error="Failed to add gateway"), 400))

return ('', 201)

Expand All @@ -69,7 +69,7 @@ def update_namespace(namespace: str) -> object:

if not namespace_valid(namespace):
log.error("Namespace validation failed %s", namespace)
abort(make_response(jsonify(error="Namespace name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400))
abort(make_response(jsonify(error="Gateway name validation failed. Reference regular expression '%s'." % namespace_validation_rule), 400))

log.info("Updating namespace %s" % namespace)

Expand All @@ -84,7 +84,7 @@ def update_namespace(namespace: str) -> object:
except KeycloakGetError as err:
log.error("Failed to update namespace %s", namespace)
log.error(err)
abort(make_response(jsonify(error="Failed to update namespace"), 400))
abort(make_response(jsonify(error="Failed to update gateway"), 400))

return make_response(jsonify())

Expand All @@ -105,7 +105,7 @@ def delete_namespace(namespace: str) -> object:

except KeycloakGetError as err:
log.error(err)
abort(make_response(jsonify(error="Failed to delete namespace"), 400))
abort(make_response(jsonify(error="Failed to delete gateway"), 400))

return ('', 204)

Expand Down
4 changes: 2 additions & 2 deletions microservices/gatewayApi/v1/routes/serviceaccounts.py
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ def create_service_account(namespace: str) -> object:
return ({'client_id': cid, 'client_secret': r['value']}, 201)
except KeycloakGetError as err:
if err.response_code == 409:
abort(make_response(jsonify(error="Service Account for this namespace is already created."), 400))
abort(make_response(jsonify(error="Service Account for this gateway is already created."), 400))
else:
log.error(err)
abort(make_response(jsonify(error="Failed to add service account"), 400))
Expand All @@ -97,7 +97,7 @@ def update_service_account_credentials(namespace: str, client_id: str) -> object
return ({'client_id': client_id, 'client_secret': r['value']}, 201)
except KeycloakGetError as err:
if err.response_code == 409:
abort(make_response(jsonify(error="Service Account for this namespace is already created."), 400))
abort(make_response(jsonify(error="Service Account for this gateway is already created."), 400))
else:
log.error(err)
abort(make_response(jsonify(error="Failed to add service account"), 400))
Expand Down
2 changes: 1 addition & 1 deletion microservices/gatewayApi/v2/routes/consumers.py
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ def validate_tags(data, required_tag):

if traverse_has_ns_qualifier(data, required_tag):
errors.append(
"Tags for the namespace can not have a mix of 'ns.<namespace>' and 'ns.<namespace>.<qualifier>'. Rejecting request.")
"Tags for the gateway can not have a mix of 'ns.<gateway>' and 'ns.<gateway>.<qualifier>'. Rejecting request.")
else:
errors.append("no tags found")

Expand Down
8 changes: 4 additions & 4 deletions microservices/gatewayApi/v2/routes/gateway.py
Original file line number Diff line number Diff line change
Expand Up @@ -417,11 +417,11 @@ def validate_tags(yaml, required_tag):

if traverse_has_ns_qualifier(yaml, required_tag) and traverse_has_ns_tag_only(yaml, required_tag):
errors.append(
"Tags for the namespace can not have a mix of 'ns.<namespace>' and 'ns.<namespace>.<qualifier>'. Rejecting request.")
"Tags for the gateway can not have a mix of 'ns.<gateway>' and 'ns.<gateway>.<qualifier>'. Rejecting request.")

traverse("", errors, yaml, required_tag, qualifiers)
if len(qualifiers) > 1:
errors.append("Too many different qualified namespaces (%s). Rejecting request." % qualifiers)
errors.append("Too many different qualified gateways (%s). Rejecting request." % qualifiers)

if len(errors) != 0:
raise Exception('\n'.join(errors))
Expand Down Expand Up @@ -574,14 +574,14 @@ def validate_hosts(yaml, reserved_hosts, ns_attributes):
if 'hosts' in route:
for host in route['hosts']:
if host in reserved_hosts:
errors.append("service.%s.route.%s The host is already used in another namespace '%s'" % (
errors.append("service.%s.route.%s The host is already used in another gateway '%s'" % (
service['name'], route['name'], host))
if host_valid(host) is False:
errors.append("Host not passing DNS-952 validation '%s'" % host)
if validate_local_host(host) is False:
errors.append("Host failed validation for data plane '%s'" % host)
if host_ends_with_one_of_list(host, allowed_domains) is False:
errors.append("Host invalid: %s %s. Route hosts must end with one of [%s] for this namespace." % (
errors.append("Host invalid: %s %s. Route hosts must end with one of [%s] for this gateway." % (
route['name'], host, ','.join(allowed_domains)))
else:
errors.append("service.%s.route.%s A host must be specified for routes." %
Expand Down
Loading