refactor: Remove duplicate router-level exception helpers

All routers now let domain exceptions propagate to the global handlers in main.py instead of catching and converting them to HTTPException. This eliminates: - Duplicate exception-to-HTTP-status mappings across 8 routers - Duplicate helper functions (_bad_gateway, _not_found, _conflict, etc.) - Inconsistent error response formats Changes: - Removed all try/except blocks from routers that catch domain exceptions - Removed duplicate helper functions from all routers - Added missing exception handlers to main.py for: * ActionNameError * FilterNameError * JailNameError * JailNotFoundInConfigError * FilterInvalidRegexError - Removed unused imports from affected routers All domain exceptions now propagate to the single authoritative mapping in main.py, ensuring consistent error codes, messages, and logging across the API. Affected routers: - action_config.py: Removed _action_not_found, _bad_request, _not_found helpers - bans.py: Removed try/except in ban/unban endpoints - config_misc.py: Removed try/except blocks - file_config.py: Removed 6 try/except blocks and _service_unavailable helper - filter_config.py: Removed try/except blocks - geo.py: Removed try/except in lookup_ip endpoint - jail_config.py: Removed try/except blocks - jails.py: Removed try/except blocks - server.py: Removed try/except blocks Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-23 16:00:37 +02:00
parent b634ce876a
commit 5480dce221
12 changed files with 229 additions and 977 deletions
--- a/backend/app/routers/bans.py
+++ b/backend/app/routers/bans.py
@@ -28,21 +28,6 @@ from app.exceptions import Fail2BanConnectionError
 router: APIRouter = APIRouter(prefix="/api/bans", tags=["Bans"])


-def _bad_gateway(exc: Exception) -> HTTPException:
-    """Return a 502 response when fail2ban is unreachable.
-
-    Args:
-        exc: The underlying connection error.
-
-    Returns:
-        :class:`fastapi.HTTPException` with status 502.
-    """
-    return HTTPException(
-        status_code=status.HTTP_502_BAD_GATEWAY,
-        detail=f"Cannot reach fail2ban: {exc}",
-    )
-
-
@router.get(
    "/active",
    response_model=ActiveBanListResponse,
@@ -71,15 +56,12 @@ async def get_active_bans(
    Raises:
        HTTPException: 502 when fail2ban is unreachable.
    """
-    try:
-        return await ban_service.get_active_bans(
-            socket_path,
-            geo_batch_lookup=geo_batch_lookup,
-            http_session=http_session,
-            app_db=db,
-        )
-    except Fail2BanConnectionError as exc:
-        raise _bad_gateway(exc) from exc
+    return await ban_service.get_active_bans(
+        socket_path,
+        geo_batch_lookup=geo_batch_lookup,
+        http_session=http_session,
+        app_db=db,
+    )


@router.post(
@@ -113,29 +95,11 @@ async def ban_ip(
        HTTPException: 409 when fail2ban reports the ban failed.
        HTTPException: 502 when fail2ban is unreachable.
    """
-    try:
-        await ban_service.ban_ip(socket_path, body.jail, body.ip)
-        return JailCommandResponse(
-            message=f"IP {body.ip!r} banned in jail {body.jail!r}.",
-            jail=body.jail,
-        )
-    except ValueError as exc:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=str(exc),
-        ) from exc
-    except JailNotFoundError:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"Jail not found: {body.jail!r}",
-        ) from None
-    except JailOperationError as exc:
-        raise HTTPException(
-            status_code=status.HTTP_409_CONFLICT,
-            detail=str(exc),
-        ) from exc
-    except Fail2BanConnectionError as exc:
-        raise _bad_gateway(exc) from exc
+    await ban_service.ban_ip(socket_path, body.jail, body.ip)
+    return JailCommandResponse(
+        message=f"IP {body.ip!r} banned in jail {body.jail!r}.",
+        jail=body.jail,
+    )


@router.delete(
@@ -173,30 +137,12 @@ async def unban_ip(
    # Determine target jail (None means all jails).
    target_jail: str | None = None if (body.unban_all or body.jail is None) else body.jail

-    try:
-        await ban_service.unban_ip(socket_path, body.ip, jail=target_jail)
-        scope = f"jail {target_jail!r}" if target_jail else "all jails"
-        return JailCommandResponse(
-            message=f"IP {body.ip!r} unbanned from {scope}.",
-            jail=target_jail or "*",
-        )
-    except ValueError as exc:
-        raise HTTPException(
-            status_code=status.HTTP_400_BAD_REQUEST,
-            detail=str(exc),
-        ) from exc
-    except JailNotFoundError:
-        raise HTTPException(
-            status_code=status.HTTP_404_NOT_FOUND,
-            detail=f"Jail not found: {target_jail!r}",
-        ) from None
-    except JailOperationError as exc:
-        raise HTTPException(
-            status_code=status.HTTP_409_CONFLICT,
-            detail=str(exc),
-        ) from exc
-    except Fail2BanConnectionError as exc:
-        raise _bad_gateway(exc) from exc
+    await ban_service.unban_ip(socket_path, body.ip, jail=target_jail)
+    scope = f"jail {target_jail!r}" if target_jail else "all jails"
+    return JailCommandResponse(
+        message=f"IP {body.ip!r} unbanned from {scope}.",
+        jail=target_jail or "*",
+    )


@router.delete(
@@ -225,11 +171,8 @@ async def unban_all(
    Raises:
        HTTPException: 502 when fail2ban is unreachable.
    """
-    try:
-        count: int = await jail_service.unban_all_ips(socket_path)
-        return UnbanAllResponse(
-            message=f"All bans cleared. {count} IP address{'es' if count != 1 else ''} unbanned.",
-            count=count,
-        )
-    except Fail2BanConnectionError as exc:
-        raise _bad_gateway(exc) from exc
+    count: int = await jail_service.unban_all_ips(socket_path)
+    return UnbanAllResponse(
+        message=f"All bans cleared. {count} IP address{'es' if count != 1 else ''} unbanned.",
+        count=count,
+    )