kitos/Aegis
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(jira): fallback connected_as to auth email, improve 401 error detail
Some checks failed
Aegis CI / lint-and-test (push) Has been cancelled
Details

Browse Source 
- jira-test: when myself() returns empty displayName/emailAddress/name,
  fall back to the configured Atlassian auth email so 'Connected as:' is
  never empty
- jira-test: 401 error message now includes which email was used, making
  misconfigured Jira email easier to diagnose
- jira-test: missing jira_url now returns HTTP 200 {status: error} instead
  of HTTP 400, consistent with Cloudflare-safe pattern

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
kitos
2026-05-26 18:04:51 +02:00
parent a04d5308ab
commit 5f6a098e6b
1 changed files with 23 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
backend/app/routers/system.py
View File

@@ -286,12 +286,17 @@ def test_jira_connection(
Requires the admin to have a personal Jira API token configured in their Requires the admin to have a personal Jira API token configured in their
profile settings. profile settings.
Always returns HTTP 200 with a ``status`` field so Cloudflare never
replaces the response with its own error page.
""" """
from app.services.jira_service import get_user_jira_client, get_jira_url from app.services.jira_service import get_user_jira_client, get_jira_url, _effective_jira_email
jira_url = get_jira_url(db) jira_url = get_jira_url(db)
if not jira_url: if not jira_url:
raise HTTPException(status_code=400, detail="Jira URL not configured.") return {"status": "error", "message": "Jira URL is not configured. Set it in System Settings → Jira Configuration.", "jira_url": ""}
auth_email = _effective_jira_email(current_user)
try: try:
jira = get_user_jira_client(current_user, db) jira = get_user_jira_client(current_user, db)
@@ -301,9 +306,18 @@ def test_jira_connection(
except Exception: except Exception:
pass pass
myself = jira.myself() myself = jira.myself()
logger.info("Jira myself() response keys: %s", list(myself.keys()) if isinstance(myself, dict) else type(myself))
# Use displayName → emailAddress → name → the auth email as fallback
connected_as = (
(myself.get("displayName") if isinstance(myself, dict) else None)
or (myself.get("emailAddress") if isinstance(myself, dict) else None)
or (myself.get("name") if isinstance(myself, dict) else None)
or auth_email
or "authenticated"
)
return { return {
"status": "ok", "status": "ok",
"connected_as": myself.get("displayName") or myself.get("emailAddress", "unknown"), "connected_as": connected_as,
"jira_url": jira_url, "jira_url": jira_url,
} }
except Exception as exc: except Exception as exc:
@@ -317,7 +331,12 @@ def test_jira_connection(
"email and API token." "email and API token."
) )
elif "401" in err or "Unauthorized" in err: elif "401" in err or "Unauthorized" in err:
msg = "Authentication failed (401). Check your Atlassian email and API token." msg = (
"Authentication failed (401). "
f"Check that the Atlassian email ({auth_email or 'not set'}) "
"and API token are correct. The token must be an Atlassian API token "
"(not your account password)."
)
elif "403" in err or "Forbidden" in err: elif "403" in err or "Forbidden" in err:
msg = "Access denied (403). The token may not have permission for this Jira project." msg = "Access denied (403). The token may not have permission for this Jira project."
elif "timed out" in err.lower() or "timeout" in err.lower(): elif "timed out" in err.lower() or "timeout" in err.lower():