fix(jira): fallback connected_as to auth email, improve 401 error detail

- jira-test: when myself() returns empty displayName/emailAddress/name, fall back to the configured Atlassian auth email so 'Connected as:' is never empty - jira-test: 401 error message now includes which email was used, making misconfigured Jira email easier to diagnose - jira-test: missing jira_url now returns HTTP 200 {status: error} instead of HTTP 400, consistent with Cloudflare-safe pattern Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-26 18:04:51 +02:00
parent a04d5308ab
commit 5f6a098e6b
1 changed files with 23 additions and 4 deletions
--- a/backend/app/routers/system.py
+++ b/backend/app/routers/system.py
@@ -286,12 +286,17 @@ def test_jira_connection(

    Requires the admin to have a personal Jira API token configured in their
    profile settings.
+
+    Always returns HTTP 200 with a ``status`` field so Cloudflare never
+    replaces the response with its own error page.
    """
-    from app.services.jira_service import get_user_jira_client, get_jira_url
+    from app.services.jira_service import get_user_jira_client, get_jira_url, _effective_jira_email

    jira_url = get_jira_url(db)
    if not jira_url:
-        raise HTTPException(status_code=400, detail="Jira URL not configured.")
+        return {"status": "error", "message": "Jira URL is not configured. Set it in System Settings → Jira Configuration.", "jira_url": ""}
+
+    auth_email = _effective_jira_email(current_user)

    try:
        jira = get_user_jira_client(current_user, db)
@@ -301,9 +306,18 @@ def test_jira_connection(
        except Exception:
            pass
        myself = jira.myself()
+        logger.info("Jira myself() response keys: %s", list(myself.keys()) if isinstance(myself, dict) else type(myself))
+        # Use displayName → emailAddress → name → the auth email as fallback
+        connected_as = (
+            (myself.get("displayName") if isinstance(myself, dict) else None)
+            or (myself.get("emailAddress") if isinstance(myself, dict) else None)
+            or (myself.get("name") if isinstance(myself, dict) else None)
+            or auth_email
+            or "authenticated"
+        )
        return {
            "status": "ok",
-            "connected_as": myself.get("displayName") or myself.get("emailAddress", "unknown"),
+            "connected_as": connected_as,
            "jira_url": jira_url,
        }
    except Exception as exc:
@@ -317,7 +331,12 @@ def test_jira_connection(
                "email and API token."
            )
        elif "401" in err or "Unauthorized" in err:
-            msg = "Authentication failed (401). Check your Atlassian email and API token."
+            msg = (
+                "Authentication failed (401). "
+                f"Check that the Atlassian email ({auth_email or 'not set'}) "
+                "and API token are correct. The token must be an Atlassian API token "
+                "(not your account password)."
+            )
        elif "403" in err or "Forbidden" in err:
            msg = "Access denied (403). The token may not have permission for this Jira project."
        elif "timed out" in err.lower() or "timeout" in err.lower():