Skip to content

Replace HTTPException with JSONResponse for consistent error hand… #364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
eva-1729 merged 2 commits into from
May 11, 2026
Merged

Replace HTTPException with JSONResponse for consistent error hand… #364

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
667649e
Replace `HTTPException` with `JSONResponse` for consistent error hand…
keiranjprice101 May 11, 2026
9469ab6
Formatting and linting commit
invalid-email-address May 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 11 additions & 5 deletions plotting_service/plotting_api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
from starlette.middleware.cors import CORSMiddleware
from starlette.middleware.gzip import GZipMiddleware
from starlette.requests import Request
from starlette.responses import JSONResponse

from plotting_service.auth import get_experiments_for_user, get_user_from_token
from plotting_service.exceptions import AuthError
Expand Down Expand Up @@ -143,7 +144,7 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[..
if token_query is not None:
token_query = token_query.split(" ")[1]
if token_query is None:
raise HTTPException(HTTPStatus.UNAUTHORIZED, "Unauthenticated")
return JSONResponse(status_code=HTTPStatus.UNAUTHORIZED, content={"detail": "Unauthenticated"})

token = token_query

Expand All @@ -155,7 +156,7 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[..
try:
user = get_user_from_token(token)
except AuthError:
raise HTTPException(HTTPStatus.FORBIDDEN, detail="Forbidden") from None
return JSONResponse(status_code=HTTPStatus.FORBIDDEN, content={"detail": "Forbidden"})

if user.role == "staff":
return await call_next(request)
Expand All @@ -166,12 +167,14 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[..

if request.url.path == "/": # Root of sub-app
return await call_next(request)
raise HTTPException(HTTPStatus.BAD_REQUEST, "Missing 'file' parameter for live check")
return JSONResponse(
status_code=HTTPStatus.BAD_REQUEST, content={"detail": "Missing 'file' parameter for live check"}
)

# Assuming structure: INSTRUMENT/RBnumber/...
parts = Path(file_param).parts
if not parts or parts[0] == "/" or parts[0] == ".":
raise HTTPException(HTTPStatus.BAD_REQUEST, "Invalid file path format")
return JSONResponse(status_code=HTTPStatus.BAD_REQUEST, content={"detail": "Invalid file path format"})

instrument = parts[0]

Expand All @@ -196,7 +199,10 @@ async def check_live_permissions(request: Request, call_next: typing.Callable[..
return await call_next(request)

logger.warning(f"User {user.user_number} denied access to live experiment {current_rb_int}")
raise HTTPException(HTTPStatus.FORBIDDEN, detail="Forbidden: You do not have access to the current live experiment")
return JSONResponse(
status_code=HTTPStatus.FORBIDDEN,
content={"detail": "Forbidden: You do not have access to the current live experiment"},
)


app.include_router(router)
Expand Down
Loading