Refactor exception handling

[shaidar]

Description (What does it do?)

This fixes CodeQL's Information exposure through an exception issue.

[gemini-code-assist]

Summary of Changes

Hello @shaidar, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the application's security posture by refactoring how exceptions are handled in several API endpoints. It specifically addresses a CodeQL finding regarding information exposure by ensuring that internal exception details are no longer returned directly to clients in 500 error responses. Instead, clients receive a generic error message, while more detailed, contextual information is logged internally for debugging purposes.

Highlights

• Improved Exception Handling: Refactored except Exception blocks across several API endpoints to prevent sensitive information exposure in error responses, addressing a CodeQL finding.
• Enhanced Error Logging: Updated exception logging to include more contextual information, such as the username and specific request details, for better internal debugging.
• Standardized 500 Responses: Changed 500 Internal Server Error responses to return a generic, user-friendly message (e.g., 'Failed to publish website') instead of raw exception details to clients.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request effectively addresses the CodeQL finding about information exposure through exceptions. By replacing raw exception messages with generic error messages in the API responses, you've improved the application's security. The enhanced logging with user and request details is also a valuable addition for debugging.

However, the unit tests that cover these exception paths have not been updated and will now fail. I've left specific comments on each change pointing to the tests in websites/views_test.py that need to be adjusted to assert the new, generic error responses. Please update these tests to ensure our test suite remains green and accurately reflects the new behavior.

[gemini-code-assist]

This change correctly prevents leaking exception details in the response. However, the related tests in websites/views_test.py are now broken and need to be updated. Specifically, test_websites_endpoint_preview_error and test_websites_endpoint_publish_error check for the old response body. They should be updated to assert the new response: {'error': 'Failed to publish website'}.

[gemini-code-assist]

Good job on securing this endpoint. As with the other changes, the corresponding test needs to be updated. test_websites_endpoint_unpublish_error in websites/views_test.py will fail because it expects the old response format. Please update it to check for {'error': 'Failed to unpublish website'}.

[gemini-code-assist]

This is a great improvement for both security and logging. One last thing: the test test_website_starters_site_configs_exception in websites/views_test.py needs to be updated to assert the new generic error response {'error': 'Failed to sync site configuration files'}.