Sandbox authentication errors in the Bitbucket WebHook support.

Review Request #10982 — Created March 30, 2020 and submitted

Information

Review Board
release-3.0.x

Reviewers

When handling an incoming Bitbucket WebHook in order to close review
requests, we sometimes have to perform API requests to Bitbucket. This
will be the case any time we have a "truncated" payload (the payload is
valid but marks its commit metadata as truncated, requiring additional
API calls).

If the credentials have changed for the Bitbucket account, but they
haven't been updated in Review Board, the WebHook handler will just
crash, which isn't helpful on either end of that WebHook.

This change sandboxes authentication errors, returning a HTTP 403
Forbidden error with details to Bitbucket. This should help provide
better information to the owners of the repository.

Note that 403 Forbidden was chosen because it conveys an inability to
handle the content without claiming that Bitbucket has provided
something invalid, unlike error codes like 500 Internal Server Error
(which typically indicates a crash or something that went unexpectedly
wrong), 400 Bad Request (which indicates bad information in the
request), or 401 Unauthorized (which indicates bad credentials in the
request).

Some tweaks to the Hosting Service unit testing support had to be made
to allow for intercepting requests using the Django HTTP Test Client.
These don't break any other unit tests.

Unit tests pass.

Summary ID
Sandbox authentication errors in the Bitbucket WebHook support.
When handling an incoming Bitbucket WebHook in order to close review requests, we sometimes have to perform API requests to Bitbucket. This will be the case any time we have a "truncated" payload (the payload is valid but marks its commit metadata as truncated, requiring additional API calls). If the credentials have changed for the Bitbucket account, but they haven't been updated in Review Board, the WebHook handler will just crash, which isn't helpful on either end of that WebHook. This change sandboxes authentication errors, returning a HTTP 403 Forbidden error with details to Bitbucket. This should help provide better information to the owners of the repository. Note that 403 Forbidden was chosen because it conveys an inability to handle the content without claiming that Bitbucket has provided something invalid, unlike error codes like 500 Internal Server Error (which typically indicates a crash or something that went unexpectedly wrong), 400 Bad Request (which indicates bad information in the request), or 401 Unauthorized (which indicates bad credentials in the request).
d61ea0728dfefd5309983f55e0af839e770bf68c
Description From Last Updated

F841 local variable 'ctx' is assigned to but never used

reviewbotreviewbot
Checks run (1 failed, 1 succeeded)
flake8 failed.
JSHint passed.

flake8

chipx86
david
  1. Ship It!
  2. 
      
chipx86
Review request changed
Status:
Completed
Change Summary:
Pushed to release-3.0.x (73fb346)