refactor: complete Task 2/3 geo decouple + exceptions centralization; mark as done

2026-03-21 17:15:02 +01:00
parent 452901913f
commit 5a49106f4d
28 changed files with 803 additions and 571 deletions
--- a/backend/app/services/jail_service.py
+++ b/backend/app/services/jail_service.py
@@ -14,11 +14,11 @@ from __future__ import annotations
 import asyncio
 import contextlib
 import ipaddress
-from collections.abc import Awaitable, Callable
 from typing import TYPE_CHECKING, TypedDict, cast

 import structlog

+from app.exceptions import JailNotFoundError, JailOperationError
 from app.models.ban import ActiveBan, ActiveBanListResponse, JailBannedIpsResponse
 from app.models.config import BantimeEscalation
 from app.models.jail import (
@@ -28,7 +28,6 @@ from app.models.jail import (
    JailStatus,
    JailSummary,
 )
-from app.services.geo_service import GeoInfo
 from app.utils.fail2ban_client import (
    Fail2BanClient,
    Fail2BanCommand,
@@ -38,9 +37,13 @@ from app.utils.fail2ban_client import (
 )

 if TYPE_CHECKING:
+    from collections.abc import Awaitable
+
    import aiohttp
    import aiosqlite

+    from app.models.geo import GeoBatchLookup, GeoEnricher, GeoInfo
+
 log: structlog.stdlib.BoundLogger = structlog.get_logger()

 class IpLookupResult(TypedDict):
@@ -55,8 +58,6 @@ class IpLookupResult(TypedDict):
    geo: GeoInfo | None


-GeoEnricher = Callable[[str], Awaitable[GeoInfo | None]]
-
 # ---------------------------------------------------------------------------
 # Constants
 # ---------------------------------------------------------------------------
@@ -81,23 +82,6 @@ _backend_cmd_lock: asyncio.Lock = asyncio.Lock()
 # ---------------------------------------------------------------------------


-class JailNotFoundError(Exception):
-    """Raised when a requested jail name does not exist in fail2ban."""
-
-    def __init__(self, name: str) -> None:
-        """Initialise with the jail name that was not found.
-
-        Args:
-            name: The jail name that could not be located.
-        """
-        self.name: str = name
-        super().__init__(f"Jail not found: {name!r}")
-
-
-class JailOperationError(Exception):
-    """Raised when a jail control command fails for a non-auth reason."""
-
-
 # ---------------------------------------------------------------------------
 # Internal helpers
 # ---------------------------------------------------------------------------
@@ -820,6 +804,7 @@ async def unban_ip(

 async def get_active_bans(
    socket_path: str,
+    geo_batch_lookup: GeoBatchLookup | None = None,
    geo_enricher: GeoEnricher | None = None,
    http_session: aiohttp.ClientSession | None = None,
    app_db: aiosqlite.Connection | None = None,
@@ -857,7 +842,6 @@ async def get_active_bans(
        ~app.utils.fail2ban_client.Fail2BanConnectionError: If the socket
            cannot be reached.
    """
-    from app.services import geo_service  # noqa: PLC0415

    client = Fail2BanClient(socket_path=socket_path, timeout=_SOCKET_TIMEOUT)

@@ -905,10 +889,10 @@ async def get_active_bans(
                bans.append(ban)

    # Enrich with geo data — prefer batch lookup over per-IP enricher.
-    if http_session is not None and bans:
+    if http_session is not None and bans and geo_batch_lookup is not None:
        all_ips: list[str] = [ban.ip for ban in bans]
        try:
-            geo_map = await geo_service.lookup_batch(all_ips, http_session, db=app_db)
+            geo_map = await geo_batch_lookup(all_ips, http_session, db=app_db)
        except Exception:  # noqa: BLE001
            log.warning("active_bans_batch_geo_failed")
            geo_map = {}
@@ -1017,6 +1001,7 @@ async def get_jail_banned_ips(
    page: int = 1,
    page_size: int = 25,
    search: str | None = None,
+    geo_batch_lookup: GeoBatchLookup | None = None,
    http_session: aiohttp.ClientSession | None = None,
    app_db: aiosqlite.Connection | None = None,
 ) -> JailBannedIpsResponse:
@@ -1044,8 +1029,6 @@ async def get_jail_banned_ips(
        ~app.utils.fail2ban_client.Fail2BanConnectionError: If the socket is
            unreachable.
    """
-    from app.services import geo_service  # noqa: PLC0415
-
    # Clamp page_size to the allowed maximum.
    page_size = min(page_size, _MAX_PAGE_SIZE)

@@ -1086,10 +1069,10 @@ async def get_jail_banned_ips(
    page_bans = all_bans[start : start + page_size]

    # Geo-enrich only the page slice.
-    if http_session is not None and page_bans:
+    if http_session is not None and page_bans and geo_batch_lookup is not None:
        page_ips = [b.ip for b in page_bans]
        try:
-            geo_map = await geo_service.lookup_batch(page_ips, http_session, db=app_db)
+            geo_map = await geo_batch_lookup(page_ips, http_session, db=app_db)
        except Exception:  # noqa: BLE001
            log.warning("jail_banned_ips_geo_failed", jail=jail_name)
            geo_map = {}