Patch to correct return payloads on failures

Failures.py

@@ -1,101 +1,131 @@
 import logging
+'''
+Failure messages
+
+These functions provide for a standard return message for all known
+and expected error conditions.
+
+The return payload is a JSON document and an HTTP error code. The JSON
+document includes these elements:
+
+    success - boolean
+    message - a short message that uniquely identifies the error
+    code    - a distrinct return code that allows the client to act on
+              then specic error condition encountered.
+    field   - optional data element that identified the name of the
+              data element involved in the error.
+    data    - optional data element that provides an id or key value
+              for the data set being processed when the error occurred.
+
+The HTTP error code indicates whether the request succeeded or failed. If
+the call is successful, the service will return a code 200 and a message
+of "OK".
+
+If the request is unsuccessful and the error is due to faulty client data,
+return an HTTP error code of 401 if the user is unknown or authentication fails.
+Return an HTTP 500 error if the failure is due to an issue within the server,
+such as unable to access the back-end database.
+
+'''
 
 
 def unknown_user_id(id_user):
     logging.debug('Failures: Unknown user id: %s', id_user)
     return {
-               'success': False,
-               'message': 'Unknown user',
-               'code': 400,
-               'data': id_user
-           }, 500
+        'success': False,
+        'message': 'Unknown user',
+        'code': 400,
+        'data': id_user
+        }, 400
 
 
 def unknown_user_email(email):
     logging.debug('Failures: Unknown user email: %s', email)
     return {
-               'success': False,
-               'message': 'Unknown user',
-               'code': 400,
-               'data': email
-           }, 500
+        'success': False,
+        'message': 'Unknown user',
+        'code': 400,
+        'data': email
+        }, 400
 
 
 def unknown_user_screen_name(screen_name):
     logging.debug('Failures: Unknown user by screen name: %s', screen_name)
     return {
-               'success': False,
-               'message': 'Unknown user screen name',
-               'code': 400,
-               'data': screen_name
-           }, 500
+        'success': False,
+        'message': 'Unknown user screen name',
+        'code': 400,
+        'data': screen_name
+        }, 400
 
 
 def email_already_in_use(email):
     logging.debug('Failures: Email already in use: %s', email)
     return {
-               'success': False,
-               'message': 'Email already in use',
-               'code': 450,
-               'data': email
-           }, 500
+        'success': False,
+        'message': 'Email already in use',
+        'code': 450,
+        'data': email
+        }, 400
 
 
 def email_not_confirmed(email):
     logging.debug('Failures: Email %s not confirmed', email)
     return {
-               'success': False,
-               'message': 'Email not confirmed',
-               'code': 430
-           }, 401
+        'success': False,
+        'message': 'Email not confirmed',
+        'code': 430,
+        'data': email
+        }, 401
 
 
 def user_blocked(email):
     logging.debug('Failures: User %s blocked', email)
     return {
-               'success': False,
-               'message': 'User is blocked',
-               'code': 420
-           }, 401
+        'success': False,
+        'message': 'User is blocked',
+        'code': 420,
+        'data': email
+        }, 403
 
 
 def not_a_number(field, value):
     logging.error('Failures: Not a valid number: %s -> %s', field, value)
     return {
-               'success': False,
-               'message': 'Not a valid number',
-               'code': 310,
-               'field': field,
-               'value': value
-           }, 400
+        'success': False,
+        'message': 'Not a valid number',
+        'code': 310,
+        'field': field,
+        'value': value
+        }, 400
 
 
 def passwords_do_not_match():
     logging.debug('Failures: Passwords do not match')
     return {
-               'success': False,
-               'message': "Password confirm doesn't match",
-               'code': 460
-           }, 500
+        'success': False,
+        'message': "Password confirm doesn't match",
+        'code': 460
+        }, 400
 
 
 def password_complexity():
     logging.debug('Failures: Password is not complex enough')
     return {
-               'success': False,
-               'message': "Password is not complex enough",
-               'code': 490
-           }, 500
+        'success': False,
+        'message': "Password is not complex enough",
+        'code': 490
+        }, 400
 
 
 def screen_name_already_in_use(screen_name):
     logging.debug('Failures: Screen name already in use: %s', screen_name)
     return {
-               'success': False,
-               'message': "Screenname already in use",
-               'data': screen_name,
-               'code': 500
-           }, 500
+        'success': False,
+        'message': "Screenname already in use",
+        'code': 500,
+        'data': screen_name
+        }, 400
 
 
 def rate_exceeded(time):
@@ -106,37 +136,38 @@ def rate_exceeded(time):
     """
     logging.debug('Failures: Rate exceeded')
     return {
-               'success': False,
-               'message': 'Insufficient bucket tokens',
-               'data': time,
-               'code': 470
-           }, 500
+        'success': False,
+        'message': 'Insufficient bucket tokens',
+        'code': 470,
+        'data': time
+        }, 400
 
 
 def wrong_password(email):
     logging.debug('Failures: Wrong password for %s', email)
     return {
-               'success': False,
-               'message': 'Wrong password',
-               'code': 410
+        'success': False,
+        'message': 'Wrong password',
+        'code': 410,
+        'data': email
            }, 401
 
 
 def unknown_bucket_type(bucket_type):
     logging.debug('Failures: Unknown bucket type: %s', bucket_type)
     return {
-               'success': False,
-               'message': 'Unknown bucket type',
-               'code': 180,
-               'data': bucket_type
-           }, 500
+        'success': False,
+        'message': 'Unknown bucket type',
+        'code': 180,
+        'data': bucket_type
+        }, 400
 
 
 def wrong_auth_source(auth_source):
     logging.debug('Failures: Wrong auth source: %s', auth_source)
     return {
-               'success': False,
-               'message': 'Wrong auth source',
-               'code': 480,
-               'data': auth_source
-           }, 500
+        'success': False,
+        'message': 'Wrong auth source',
+        'code': 480,
+        'data': auth_source
+        }, 500

app/AuthToken/controllers.py

@@ -39,7 +39,7 @@ def post(self):
         # Parse numbers
         try:
             id_user = int(id_user)
-        except:
+        except ValueError:
             return Failures.not_a_number('idUser', id_user)
 
         # Validate user exists, is validated and is not blocked

app/RateLimiting/controllers.py

@@ -76,12 +76,12 @@ def get(self, bucket_type, id_user, count):
         # Parse numbers
         try:
             id_user = int(id_user)
-        except:
+        except ValueError:
             return Failures.not_a_number('idUser', id_user)
 
         try:
             count = int(count)
-        except:
+        except ValueError:
             return Failures.not_a_number('count', count)
 
         # Validate user exists, is validated and is not blocked

app/__init__.py

@@ -24,11 +24,13 @@
 app = Flask(__name__)
 
 # Application version (major,minor,patch-level)
-version = "1.1.8"
+version = "1.1.9"
 
 """
 Change Log
 
+1.1.9       Update failure module to include missing return elements.
+
 1.1.8       Fail any attempt to reset an account password is the account
             email address has not yet been confirmed.