From 6e1c91d5e66f8cd54fa22fc17a688f25839ca3ce Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Thu, 17 Sep 2020 20:00:51 -0700 Subject: web: route constraints on fcids and UUIDs Instead of accepting any string for these parameters and throwing a 400 error if not the correct type, implement better route matching at the framework level and return more 404s. This resolves several outstanding sentry exceptions. The "flask-uuid" was imported and seems to have been configured for this purpose previously, but I guess I never finished configuring it. --- python/tests/web_entity_views.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'python/tests') diff --git a/python/tests/web_entity_views.py b/python/tests/web_entity_views.py index 7b973ef2..4068a0c7 100644 --- a/python/tests/web_entity_views.py +++ b/python/tests/web_entity_views.py @@ -48,7 +48,7 @@ def test_entity_basics(app, mocker): rv = app.get('/{}/rev/{}'.format(entity_type, revision)) assert rv.status_code == 200 rv = app.get('/{}/rev/{}_something'.format(entity_type, revision)) - assert rv.status_code == 400 + assert rv.status_code == 404 rv = app.get('/{}/rev/{}/metadata'.format(entity_type, revision)) assert rv.status_code == 200 print('/editgroup/aaaaaaaaaaaabo53aaaaaaaaaq/{}/{}'.format(entity_type, ident)) @@ -59,11 +59,13 @@ def test_entity_basics(app, mocker): # bad requests rv = app.get('/{}/9999999999'.format(entity_type)) - assert rv.status_code == 400 + assert rv.status_code == 404 rv = app.get('/{}/9999999999/history'.format(entity_type)) - assert rv.status_code == 400 + assert rv.status_code == 404 rv = app.get('/{}/f1f046a3-45c9-ffff-ffff-ffffffffffff'.format(entity_type)) - assert rv.status_code == 400 + assert rv.status_code == 404 + rv = app.get('/{}/rev/f1f046a3-45c9-ffff-ffff-fffffffff'.format(entity_type)) + assert rv.status_code == 404 rv = app.get('/{}/ccccccccccccccccccccccccca'.format(entity_type)) assert rv.status_code == 404 -- cgit v1.2.3