zope security wrappers generate obtuse and cryptic errors in the Launchpad web API

Bug #814605 reported by Jonathan Lange
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
Triaged
Low
Unassigned

Bug Description

If you try to set 'private' to True on a PPA and you do not have permission to do so, because you are not a so-called "commercial admin", launchpadlib raises this error:

Traceback (most recent call last):
  File "pkgme/upload.py", line 32, in create_ppa
    ppa.lp_save()
  File "/usr/lib/python2.7/dist-packages/lazr/restfulclient/resource.py", line 717, in lp_save
    URI(self.self_link), representation, headers)
  File "/usr/lib/python2.7/dist-packages/lazr/restfulclient/_browser.py", line 336, in patch
    'PATCH', extra_headers=extra_headers)
  File "/usr/lib/python2.7/dist-packages/lazr/restfulclient/_browser.py", line 281, in _request
    raise error
lazr.restfulclient.errors.Unauthorized: HTTP Error 401: Unauthorized
Response headers:
---
content-length: 59
content-type: text/plain
date: Fri, 22 Jul 2011 12:48:48 GMT
server: zope.server.http (HTTP)
status: 401
vary: Accept,Accept-Encoding
via: 1.1 wildcard.staging.launchpad.net
x-lazr-notifications: []
x-powered-by: Zope (www.zope.org), Python (www.python.org)
---
Response body:
---
(<Archive at 0xbda6510>, 'private', 'launchpad.Commercial')
---

Note that the content is the repr() of a Python tuple. If you try to access e.content in your code, it's just a string.

I can't display the string as-is to my users, because it's not human readable. There's no easy way of parsing the string, since I refuse to eval strings I receive over the wire. It's also not the only possible error: other attributes might have been set in the mean time, or, if bug 814567 is fixed, I might be trying to create a PPA on a team that I do not belong to.

Tags: api ppa trivial
Changed in launchpad:
status: New → Triaged
importance: Undecided → Low
tags: added: api ppa trivial
Revision history for this message
Robert Collins (lifeless) wrote :

This is the intersection of lazr.restful and zope security wrappers. We have thousands of call sites to fix were we to do it by hand :(.

summary: - Useless error content when setting private on archive
+ zope security wrappers generate obtuse and cryptic errors in the
+ Launchpad web API
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers