[FIX] manage error responses from login

2025-01-29 00:17:45 +02:00 · 2022-05-19 15:07:26 +01:00
parent 3bb163a995
commit 183f1b6d88
3 changed files with 96 additions and 3 deletions
--- a/pms_api_rest/http.py
+++ b/pms_api_rest/http.py
@@ -0,0 +1,87 @@
+from werkzeug.exceptions import InternalServerError, Unauthorized, NotFound, Forbidden, BadRequest, HTTPException
+
+import odoo
+from odoo.addons.base_rest.http import HttpRestRequest, wrapJsonException
+from odoo.addons.base_rest.http import _rest_services_routes
+from odoo.exceptions import MissingError, AccessError, AccessDenied, UserError, ValidationError
+from odoo.http import Root, SessionExpiredException, HttpRequest
+from odoo.loglevels import ustr
+
+
+class HttpRestRequestPms(HttpRestRequest):
+    def __init__(self, httprequest):
+        super(HttpRestRequestPms, self).__init__(httprequest)
+
+    def _handle_exception(self, exception):
+        """Called within an except block to allow converting exceptions
+                to abitrary responses. Anything returned (except None) will
+                be used as response."""
+        if isinstance(exception, SessionExpiredException):
+            # we don't want to return the login form as plain html page
+            # we want to raise a proper exception
+            print('session expired exception')
+            return wrapJsonException(Unauthorized(ustr(exception)))
+        try:
+            return super(HttpRequest, self)._handle_exception(exception)
+        except MissingError as e:
+            extra_info = getattr(e, "rest_json_info", None)
+            return wrapJsonException(
+                NotFound(ustr(e)),
+                include_description=True,
+                extra_info=extra_info
+            )
+        except (AccessError, AccessDenied) as e:
+            print('access error / access denied exception')
+            extra_info = getattr(e, "rest_json_info", None)
+            return wrapJsonException(
+                Forbidden(ustr(e)),
+                include_description=True,
+                extra_info=extra_info
+            )
+        except (UserError, ValidationError) as e:
+            extra_info = getattr(e, "rest_json_info", None)
+            return wrapJsonException(
+                BadRequest(e.args[0]),
+                include_description=True,
+                extra_info=extra_info
+            )
+        except HTTPException as e:
+            extra_info = getattr(e, "rest_json_info", None)
+            return wrapJsonException(
+                e,
+                include_description=True,
+                extra_info=extra_info
+            )
+        except Unauthorized as e:
+            print('Unauthorized exception')
+            extra_info = getattr(e, "rest_json_info", None)
+            return wrapJsonException(
+                e,
+                include_description=True,
+                extra_info=extra_info),
+
+        except Exception as e:  # flake8: noqa: E722
+            extra_info = getattr(e, "rest_json_info", None)
+            return wrapJsonException(
+                InternalServerError(e),
+                extra_info=extra_info
+            )
+
+ori_get_request = Root.get_request
+
+def get_request(self, httprequest):
+    db = httprequest.session.db
+    if db and odoo.service.db.exp_db_exist(db):
+        # on the very first request processed by a worker,
+        # registry is not loaded yet
+        # so we enforce its loading here to make sure that
+        # _rest_services_databases is not empty
+        odoo.registry(db)
+        rest_routes = _rest_services_routes.get(db, [])
+        for root_path in rest_routes:
+            if httprequest.path.startswith(root_path):
+                return HttpRestRequestPms(httprequest)
+    return ori_get_request(self, httprequest)
+
+
+Root.get_request = get_request