From 667649ebeec3c5593a8a16810f508b02f0e068d7 Mon Sep 17 00:00:00 2001 From: Keiran Price Date: Mon, 11 May 2026 11:29:01 +0100 Subject: [PATCH 1/2] Replace `HTTPException` with `JSONResponse` for consistent error handling --- plotting_service/plotting_api.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/plotting_service/plotting_api.py b/plotting_service/plotting_api.py index df4efdf..ea7f9ed 100644 --- a/plotting_service/plotting_api.py +++ b/plotting_service/plotting_api.py @@ -12,6 +12,7 @@ from starlette.middleware.cors import CORSMiddleware from starlette.middleware.gzip import GZipMiddleware from starlette.requests import Request +from starlette.responses import JSONResponse from plotting_service.auth import get_experiments_for_user, get_user_from_token from plotting_service.exceptions import AuthError @@ -143,7 +144,7 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[.. if token_query is not None: token_query = token_query.split(" ")[1] if token_query is None: - raise HTTPException(HTTPStatus.UNAUTHORIZED, "Unauthenticated") + return JSONResponse(status_code=HTTPStatus.UNAUTHORIZED, content={"detail":"Unauthenticated"}) token = token_query @@ -155,7 +156,7 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[.. try: user = get_user_from_token(token) except AuthError: - raise HTTPException(HTTPStatus.FORBIDDEN, detail="Forbidden") from None + return JSONResponse(status_code=HTTPStatus.FORBIDDEN, content={"detail":"Forbidden"}) if user.role == "staff": return await call_next(request) @@ -166,12 +167,12 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[.. if request.url.path == "/": # Root of sub-app return await call_next(request) - raise HTTPException(HTTPStatus.BAD_REQUEST, "Missing 'file' parameter for live check") + return JSONResponse(status_code=HTTPStatus.BAD_REQUEST, content={"detail":"Missing 'file' parameter for live check"}) # Assuming structure: INSTRUMENT/RBnumber/... parts = Path(file_param).parts if not parts or parts[0] == "/" or parts[0] == ".": - raise HTTPException(HTTPStatus.BAD_REQUEST, "Invalid file path format") + return JSONResponse(status_code=HTTPStatus.BAD_REQUEST, content={"detail":"Invalid file path format"}) instrument = parts[0] @@ -196,7 +197,7 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[.. return await call_next(request) logger.warning(f"User {user.user_number} denied access to live experiment {current_rb_int}") - raise HTTPException(HTTPStatus.FORBIDDEN, detail="Forbidden: You do not have access to the current live experiment") + return JSONResponse(status_code=HTTPStatus.FORBIDDEN, content={"detail":"Forbidden: You do not have access to the current live experiment"}) app.include_router(router) From 9469ab644faa4d55d5f0ee803571f2816c4dd975 Mon Sep 17 00:00:00 2001 From: github-actions Date: Mon, 11 May 2026 10:29:37 +0000 Subject: [PATCH 2/2] Formatting and linting commit --- plotting_service/plotting_api.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/plotting_service/plotting_api.py b/plotting_service/plotting_api.py index ea7f9ed..d8b11ef 100644 --- a/plotting_service/plotting_api.py +++ b/plotting_service/plotting_api.py @@ -144,7 +144,7 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[.. if token_query is not None: token_query = token_query.split(" ")[1] if token_query is None: - return JSONResponse(status_code=HTTPStatus.UNAUTHORIZED, content={"detail":"Unauthenticated"}) + return JSONResponse(status_code=HTTPStatus.UNAUTHORIZED, content={"detail": "Unauthenticated"}) token = token_query @@ -156,7 +156,7 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[.. try: user = get_user_from_token(token) except AuthError: - return JSONResponse(status_code=HTTPStatus.FORBIDDEN, content={"detail":"Forbidden"}) + return JSONResponse(status_code=HTTPStatus.FORBIDDEN, content={"detail": "Forbidden"}) if user.role == "staff": return await call_next(request) @@ -167,12 +167,14 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[.. if request.url.path == "/": # Root of sub-app return await call_next(request) - return JSONResponse(status_code=HTTPStatus.BAD_REQUEST, content={"detail":"Missing 'file' parameter for live check"}) + return JSONResponse( + status_code=HTTPStatus.BAD_REQUEST, content={"detail": "Missing 'file' parameter for live check"} + ) # Assuming structure: INSTRUMENT/RBnumber/... parts = Path(file_param).parts if not parts or parts[0] == "/" or parts[0] == ".": - return JSONResponse(status_code=HTTPStatus.BAD_REQUEST, content={"detail":"Invalid file path format"}) + return JSONResponse(status_code=HTTPStatus.BAD_REQUEST, content={"detail": "Invalid file path format"}) instrument = parts[0] @@ -197,7 +199,10 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[.. return await call_next(request) logger.warning(f"User {user.user_number} denied access to live experiment {current_rb_int}") - return JSONResponse(status_code=HTTPStatus.FORBIDDEN, content={"detail":"Forbidden: You do not have access to the current live experiment"}) + return JSONResponse( + status_code=HTTPStatus.FORBIDDEN, + content={"detail": "Forbidden: You do not have access to the current live experiment"}, + ) app.include_router(router)