Fix #971: raise if bug info cannot be fetched from Bugzilla (#988)

* Fix #971: raise if bug info cannot be fetched from Bugzilla

* Remove hardcoded value

---------

Co-authored-by: Alex Cottner <[email protected]>

Author: leplatrem

jbi/bugzilla/client.py

@@ -22,6 +22,10 @@ class BugzillaClientError(Exception):
     """Errors raised by `BugzillaClient`."""
 
 
+class BugNotAccessibleError(BugzillaClientError):
+    """Bug is private or not accessible."""
+
+
 instrumented_method = instrument(
     prefix="bugzilla",
     exceptions=(
@@ -72,7 +76,17 @@ def get_bug(self, bugid) -> Bug:
         """Retrieve details about the specified bug id."""
         # https://bugzilla.readthedocs.io/en/latest/api/core/v1/bug.html#rest-single-bug
         url = f"{self.base_url}/rest/bug/{bugid}"
-        bug_info = self._call("GET", url)
+
+        try:
+            bug_info = self._call("GET", url)
+        except requests.HTTPError as err:
+            if err.response is not None and err.response.status_code in (401, 403, 404):
+                if self.logged_in():
+                    # If bug returns 401 and credentials are valid.
+                    msg = err.response.json().get("message", "bug not accessible")
+                    raise BugNotAccessibleError(msg)
+            raise
+
         parsed = ApiResponse.model_validate(bug_info)
         if not parsed.bugs:
             raise BugzillaClientError(

jbi/runner.py

@@ -12,6 +12,7 @@
 
 from jbi import ActionResult, Operation, bugzilla, jira
 from jbi import steps as steps_module
+from jbi.bugzilla.client import BugNotAccessibleError
 from jbi.environment import get_settings
 from jbi.errors import ActionNotFoundError, IgnoreInvalidRequestError
 from jbi.models import (
@@ -219,13 +220,10 @@ def execute_action(
         )
         try:
             bug = bugzilla.get_service().refresh_bug_data(bug)
-        except Exception as err:
-            logger.exception(
-                "Failed to get bug: %s", err, extra=runner_context.model_dump()
-            )
-            raise IgnoreInvalidRequestError(
-                "bug not accessible or bugzilla down"
-            ) from err
+        except BugNotAccessibleError as err:
+            # This can happen if the bug is made private after the webhook
+            # is processed (eg. if it spent some time in the DL queue)
+            raise IgnoreInvalidRequestError(str(err)) from err
 
         runner_context = runner_context.update(bug=bug)
         try:

tests/unit/bugzilla/test_client.py

@@ -1,8 +1,13 @@
 import pytest
+import requests
 import responses
 from responses import matchers
 
-from jbi.bugzilla.client import BugzillaClient, BugzillaClientError
+from jbi.bugzilla.client import (
+    BugNotAccessibleError,
+    BugzillaClient,
+    BugzillaClientError,
+)
 
 
 @pytest.fixture
@@ -95,6 +100,65 @@ def test_bugzilla_raises_if_response_has_error(
     assert "not happy" in str(exc)
 
 
+@pytest.mark.no_mocked_bugzilla
+def test_bugzilla_get_bug_raises_if_response_is_401_and_credentials_invalid(
+    bugzilla_client, settings, mocked_responses
+):
+    url = f"{settings.bugzilla_base_url}/rest/bug/42"
+    mocked_responses.add(
+        responses.GET,
+        url,
+        status=401,
+        json={
+            "code": 102,
+            "documentation": "https://bmo.readthedocs.io/en/latest/api/",
+            "error": True,
+            "message": "You are not authorized to access bug 42.",
+        },
+    )
+    mocked_responses.add(
+        responses.GET,
+        f"{settings.bugzilla_base_url}/rest/whoami",
+        status=401,
+    )
+
+    with pytest.raises(requests.HTTPError) as exc:
+        bugzilla_client.get_bug(42)
+
+    assert (
+        f"401 Client Error: Unauthorized for url: {settings.bugzilla_base_url}/rest/bug/42"
+        in str(exc)
+    )
+
+
+@pytest.mark.no_mocked_bugzilla
+def test_bugzilla_get_bug_raises_if_response_is_401_and_credentials_valid(
+    bugzilla_client, settings, mocked_responses
+):
+    url = f"{settings.bugzilla_base_url}/rest/bug/42"
+    mocked_responses.add(
+        responses.GET,
+        url,
+        status=401,
+        json={
+            "code": 102,
+            "documentation": "https://bmo.readthedocs.io/en/latest/api/",
+            "error": True,
+            "message": "You are not authorized to access bug 42.",
+        },
+    )
+    mocked_responses.add(
+        responses.GET,
+        f"{settings.bugzilla_base_url}/rest/whoami",
+        json={"id": "you"},
+    )
+
+    with pytest.raises(BugNotAccessibleError) as exc:
+        bugzilla_client.get_bug(42)
+
+    assert "You are not authorized to access bug 42" in str(exc)
+
+
 @pytest.mark.no_mocked_bugzilla
 def test_bugzilla_get_bug_raises_if_response_has_no_bugs(
     bugzilla_client, settings, mocked_responses

tests/unit/test_runner.py

@@ -6,6 +6,7 @@
 import responses
 
 from jbi import Operation
+from jbi.bugzilla.client import BugNotAccessibleError
 from jbi.environment import get_settings
 from jbi.errors import ActionNotFoundError, IgnoreInvalidRequestError
 from jbi.models import ActionContext
@@ -54,6 +55,34 @@ def test_request_is_ignored_because_project_mismatch(
     assert str(exc_info.value) == "ignore linked project 'FXDROID' (!='JBI')"
 
 
+def test_request_is_ignored_because_bug_cannot_be_fetched(
+    webhook_request_factory,
+    actions,
+    mocked_bugzilla,
+):
+    webhook = webhook_request_factory()
+    mocked_bugzilla.get_bug.side_effect = BugNotAccessibleError(
+        "not authorized to access bug 12345"
+    )
+
+    with pytest.raises(IgnoreInvalidRequestError) as exc_info:
+        execute_action(request=webhook, actions=actions)
+
+    assert str(exc_info.value) == "not authorized to access bug 12345"
+
+
+def test_request_if_bugzilla_is_down_and_bug_cannot_be_fetched(
+    webhook_request_factory,
+    actions,
+    mocked_bugzilla,
+):
+    webhook = webhook_request_factory()
+    mocked_bugzilla.get_bug.side_effect = requests.ConnectTimeout()
+
+    with pytest.raises(requests.ConnectTimeout):
+        execute_action(request=webhook, actions=actions)
+
+
 def test_request_is_ignored_because_private(
     webhook_request_factory,
     actions,