Sandbox authentication errors in the Bitbucket WebHook support.
Review Request #10982 — Created March 30, 2020 and submitted — Latest diff uploaded
When handling an incoming Bitbucket WebHook in order to close review
requests, we sometimes have to perform API requests to Bitbucket. This
will be the case any time we have a "truncated" payload (the payload is
valid but marks its commit metadata as truncated, requiring additional
API calls).If the credentials have changed for the Bitbucket account, but they
haven't been updated in Review Board, the WebHook handler will just
crash, which isn't helpful on either end of that WebHook.This change sandboxes authentication errors, returning a HTTP 403
Forbidden error with details to Bitbucket. This should help provide
better information to the owners of the repository.Note that 403 Forbidden was chosen because it conveys an inability to
handle the content without claiming that Bitbucket has provided
something invalid, unlike error codes like 500 Internal Server Error
(which typically indicates a crash or something that went unexpectedly
wrong), 400 Bad Request (which indicates bad information in the
request), or 401 Unauthorized (which indicates bad credentials in the
request).Some tweaks to the Hosting Service unit testing support had to be made
to allow for intercepting requests using the Django HTTP Test Client.
These don't break any other unit tests.
Unit tests pass.