From 0a58a9af8e8d3145f10897884e886e792a0df4a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20Sch=C3=A4fer?= Date: Fri, 3 Oct 2025 12:42:41 +0200 Subject: [PATCH] user: catch 401 and 403 from Prosody API instead of 500ing Normal users aren't allowed to access the admin API used to obtain health metrics. We previously tried to catch these as werkzeug exceptions, but since they originate from the aiohttp client, that's not sufficient. --- snikket_web/translations/messages.pot | 42 +++++++++++++-------------- snikket_web/user.py | 9 ++++-- 2 files changed, 28 insertions(+), 23 deletions(-) diff --git a/snikket_web/translations/messages.pot b/snikket_web/translations/messages.pot index 2090c5e..b5c9ff2 100644 --- a/snikket_web/translations/messages.pot +++ b/snikket_web/translations/messages.pot @@ -55,7 +55,7 @@ msgid "Login name" msgstr "" #: snikket_web/admin.py:104 snikket_web/templates/admin_delete_user.html:12 -#: snikket_web/user.py:69 +#: snikket_web/user.py:71 msgid "Display name" msgstr "" @@ -368,7 +368,7 @@ msgid "" msgstr "" #: snikket_web/invite.py:309 snikket_web/templates/unauth.html:18 -#: snikket_web/user.py:192 +#: snikket_web/user.py:197 msgid "Error" msgstr "" @@ -388,81 +388,81 @@ msgstr "" msgid "Login successful!" msgstr "" -#: snikket_web/user.py:29 +#: snikket_web/user.py:31 msgid "Current password" msgstr "" -#: snikket_web/user.py:34 +#: snikket_web/user.py:36 msgid "New password" msgstr "" -#: snikket_web/user.py:42 +#: snikket_web/user.py:44 msgid "Confirm new password" msgstr "" -#: snikket_web/user.py:47 +#: snikket_web/user.py:49 msgid "The new passwords must match." msgstr "" -#: snikket_web/user.py:56 +#: snikket_web/user.py:58 msgid "Sign out" msgstr "" -#: snikket_web/user.py:61 +#: snikket_web/user.py:63 msgid "Nobody" msgstr "" -#: snikket_web/user.py:62 +#: snikket_web/user.py:64 msgid "Friends only" msgstr "" -#: snikket_web/user.py:63 +#: snikket_web/user.py:65 msgid "Everyone" msgstr "" -#: snikket_web/user.py:73 +#: snikket_web/user.py:75 msgid "Avatar" msgstr "" -#: snikket_web/user.py:77 +#: snikket_web/user.py:79 msgid "Profile visibility" msgstr "" -#: snikket_web/user.py:82 +#: snikket_web/user.py:84 msgid "Update profile" msgstr "" -#: snikket_web/user.py:88 +#: snikket_web/user.py:90 msgid "Account data" msgstr "" -#: snikket_web/user.py:92 +#: snikket_web/user.py:94 msgid "Upload" msgstr "" -#: snikket_web/user.py:125 +#: snikket_web/user.py:130 msgid "Incorrect password." msgstr "" -#: snikket_web/user.py:129 +#: snikket_web/user.py:134 msgid "Password changed" msgstr "" -#: snikket_web/user.py:138 +#: snikket_web/user.py:143 msgid "" "The chosen avatar is too big. To be able to upload larger avatars, please" " use the app." msgstr "" -#: snikket_web/user.py:184 +#: snikket_web/user.py:189 msgid "Profile updated" msgstr "" -#: snikket_web/user.py:198 +#: snikket_web/user.py:203 msgid "Export" msgstr "" -#: snikket_web/user.py:216 +#: snikket_web/user.py:221 msgid "You currently have no account data to export." msgstr "" diff --git a/snikket_web/user.py b/snikket_web/user.py index 56fc67c..f4d8d8a 100644 --- a/snikket_web/user.py +++ b/snikket_web/user.py @@ -15,6 +15,8 @@ from quart import ( ) import werkzeug.exceptions +import aiohttp.client_exceptions + import wtforms from flask_babel import lazy_gettext as _l, _ @@ -99,8 +101,11 @@ async def index() -> str: user_info = await client.get_user_info() try: metrics = await client.get_system_metrics() - except (werkzeug.exceptions.Unauthorized, werkzeug.exceptions.Forbidden): - metrics = {} + except aiohttp.client_exceptions.ClientResponseError as e: + if e.code == 403 or e.code == 401: + metrics = {} + else: + raise return await render_template( "user_home.html", user_info=user_info,