clean up sentry notification and avoid logger.exception when we do not want sentry

2023-02-03 11:06:40 -05:00 · 2023-02-03 11:06:40 -05:00 · b9783ae0ed
parent cf57be031f
commit b9783ae0ed
1 changed files with 28 additions and 10 deletions
--- a/spiffworkflow-backend/src/spiffworkflow_backend/exceptions/api_error.py
+++ b/spiffworkflow-backend/src/spiffworkflow_backend/exceptions/api_error.py
@ -171,18 +171,30 @@ def set_user_sentry_context() -> None:
    set_tag("username", username)


+def should_notify_sentry(exception: Exception) -> bool:
+    """Determine if we should notify sentry.
+
+    We want to capture_exception to log the exception to sentry, but we don't want to log:
+      1. ApiErrors that are just invalid tokens
+      2. NotAuthorizedError. we usually call check-permissions before calling an API to
+         make sure we'll have access, but there are some cases
+         where it's more convenient to just make the call from the frontend and handle the 403 appropriately.
+    """
+    if isinstance(exception, ApiError):
+        if exception.error_code == "invalid_token":
+            return False
+    if isinstance(exception, NotAuthorizedError):
+        return False
+    return True
+
+
@api_error_blueprint.app_errorhandler(Exception)  # type: ignore
 def handle_exception(exception: Exception) -> flask.wrappers.Response:
    """Handles unexpected exceptions."""
    set_user_sentry_context()

    sentry_link = None
-    # we want to capture_exception to log the exception to sentry, but we don't want to log:
-    #   1. ApiErrors that are just invalid tokens
-    #   2. NotAuthorizedError
-    if (
-        not isinstance(exception, ApiError) or exception.error_code != "invalid_token"
-    ) and not isinstance(exception, NotAuthorizedError):
+    if should_notify_sentry(exception):
        id = capture_exception(exception)

        if isinstance(exception, ApiError):
@ -198,10 +210,16 @@ def handle_exception(exception: Exception) -> flask.wrappers.Response:
                f"https://sentry.io/{organization_slug}/{project_slug}/events/{id}"
            )

-    # !!!NOTE!!!: do this after sentry stuff since calling logger.exception
-    # seems to break the sentry sdk context where we no longer get back
-    # an event id or send out tags like username
-    current_app.logger.exception(exception)
+        # !!!NOTE!!!: do this after sentry stuff since calling logger.exception
+        # seems to break the sentry sdk context where we no longer get back
+        # an event id or send out tags like username
+        current_app.logger.exception(exception)
+    else:
+        current_app.logger.error(
+            f"Received exception: {exception}. Since we do not want this particular"
+            " exception in sentry, we cannot use logger.exception, so there will be no"
+            " backtrace. see api_error.py"
+        )

    error_code = "internal_server_error"
    status_code = 500