Do not show stacktraces on some intentionally-thrown errors (#9056)

* Do not show stacktraces on some intentionally-thrown errors * Fix pylint error * Fix JavaScript looking for the wrong key in error response from connection check * format -> f-string * Run black because PyCharm missed it on the last save
2020-02-04 21:01:43 -08:00 · 2020-02-04 21:01:43 -08:00 · fc1c9428e3
parent 6cb4ce0e19
commit fc1c9428e3
4 changed files with 31 additions and 25 deletions
--- a/superset/templates/superset/models/database/macros.html
+++ b/superset/templates/superset/models/database/macros.html
@ -60,8 +60,8 @@
      }).fail(function(error) {
          var respJSON = error.responseJSON;
          var errorMsg = error.responseText;
-          if (respJSON && respJSON.message) {
-              errorMsg = respJSON.message;
+          if (respJSON && respJSON.error) {
+              errorMsg = respJSON.error;
          }
          alert("ERROR: " + errorMsg);
      });
--- a/superset/views/base.py
+++ b/superset/views/base.py
@ -63,12 +63,9 @@ def get_error_msg():
    return error_msg


-def json_error_response(msg=None, status=500, stacktrace=None, payload=None, link=None):
+def json_error_response(msg=None, status=500, payload=None, link=None):
    if not payload:
        payload = {"error": "{}".format(msg)}
-    if not stacktrace:
-        stacktrace = utils.get_stacktrace()
-    payload["stacktrace"] = stacktrace
    if link:
        payload["link"] = link

@ -124,30 +121,19 @@ def handle_api_exception(f):
        except SupersetSecurityException as e:
            logging.exception(e)
            return json_error_response(
-                utils.error_msg_from_exception(e),
-                status=e.status,
-                stacktrace=utils.get_stacktrace(),
-                link=e.link,
+                utils.error_msg_from_exception(e), status=e.status, link=e.link
            )
        except SupersetException as e:
            logging.exception(e)
            return json_error_response(
-                utils.error_msg_from_exception(e),
-                stacktrace=utils.get_stacktrace(),
-                status=e.status,
+                utils.error_msg_from_exception(e), status=e.status
            )
        except HTTPException as e:
            logging.exception(e)
-            return json_error_response(
-                utils.error_msg_from_exception(e),
-                stacktrace=traceback.format_exc(),
-                status=e.code,
-            )
+            return json_error_response(utils.error_msg_from_exception(e), status=e.code)
        except Exception as e:  # pylint: disable=broad-except
            logging.exception(e)
-            return json_error_response(
-                utils.error_msg_from_exception(e), stacktrace=utils.get_stacktrace()
-            )
+            return json_error_response(utils.error_msg_from_exception(e))

    return functools.update_wrapper(wraps, f)

--- a/superset/views/core.py
+++ b/superset/views/core.py
@ -1363,7 +1363,7 @@ class Superset(BaseSupersetView):
        except Exception as e:
            logging.exception(e)
            return json_error_response(
-                "Connection failed!\n\n" "The error message returned was:\n{}".format(e)
+                "Connection failed!\n\n" f"The error message returned was:\n{e}", 400
            )

    @api
@ -2711,11 +2711,11 @@ class Superset(BaseSupersetView):
                database, schemas_allowed, False
            )
            return self.json_response(schemas_allowed_processed)
-        except Exception:
+        except Exception as e:
+            self.logger.exception(e)
            return json_error_response(
                "Failed to fetch schemas allowed for csv upload in this database! "
-                "Please contact your Superset Admin!",
-                stacktrace=utils.get_stacktrace(),
+                "Please contact your Superset Admin!"
            )


--- a/tests/core_tests.py
+++ b/tests/core_tests.py
@ -418,6 +418,26 @@ class CoreTests(SupersetTestCase):
        assert response.status_code == 200
        assert response.headers["Content-Type"] == "application/json"

+    def test_testconn_failed_conn(self, username="admin"):
+        self.login(username=username)
+
+        data = json.dumps(
+            {"uri": "broken://url", "name": "examples", "impersonate_user": False}
+        )
+        response = self.client.post(
+            "/superset/testconn", data=data, content_type="application/json"
+        )
+        assert response.status_code == 400
+        assert response.headers["Content-Type"] == "application/json"
+        response_body = json.loads(response.data.decode("utf-8"))
+        expected_body = {
+            "error": "Connection failed!\n\nThe error message returned was:\nCan't load plugin: sqlalchemy.dialects:broken"
+        }
+        assert response_body == expected_body, "%s != %s" % (
+            response_body,
+            expected_body,
+        )
+
    def test_custom_password_store(self):
        database = utils.get_example_database()
        conn_pre = sqla.engine.url.make_url(database.sqlalchemy_uri_decrypted)