Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/api/error_tracking/collector.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/api/error_tracking/collector.rb')
-rw-r--r--lib/api/error_tracking/collector.rb24
1 files changed, 22 insertions, 2 deletions
diff --git a/lib/api/error_tracking/collector.rb b/lib/api/error_tracking/collector.rb
index 22fbd3a1118..13fda356257 100644
--- a/lib/api/error_tracking/collector.rb
+++ b/lib/api/error_tracking/collector.rb
@@ -12,6 +12,10 @@ module API
content_type :txt, 'text/plain'
default_format :envelope
+ rescue_from ActiveRecord::RecordInvalid do |e|
+ render_api_error!(e.message, 400)
+ end
+
before do
not_found!('Project') unless project
not_found! unless feature_enabled?
@@ -50,6 +54,12 @@ module API
bad_request!('Failed to parse sentry request')
end
end
+
+ def validate_payload(payload)
+ unless ::ErrorTracking::Collector::PayloadValidator.new.valid?(payload)
+ bad_request!('Unsupported sentry payload')
+ end
+ end
end
desc 'Submit error tracking event to the project as envelope' do
@@ -88,6 +98,8 @@ module API
# We don't have use for transaction request yet,
# so we record only event one.
if type == 'event'
+ validate_payload(parsed_request[:event])
+
::ErrorTracking::CollectErrorService
.new(project, nil, event: parsed_request[:event])
.execute
@@ -96,7 +108,10 @@ module API
# Collector should never return any information back.
# Because DSN and public key are designed for public use,
# it is safe only for submission of new events.
- no_content!
+ #
+ # Some clients sdk require status 200 OK to work correctly.
+ # See https://gitlab.com/gitlab-org/gitlab/-/issues/343531.
+ status 200
end
desc 'Submit error tracking event to the project' do
@@ -122,6 +137,8 @@ module API
bad_request!('Failed to parse sentry request')
end
+ validate_payload(parsed_body)
+
::ErrorTracking::CollectErrorService
.new(project, nil, event: parsed_body)
.execute
@@ -129,7 +146,10 @@ module API
# Collector should never return any information back.
# Because DSN and public key are designed for public use,
# it is safe only for submission of new events.
- no_content!
+ #
+ # Some clients sdk require status 200 OK to work correctly.
+ # See https://gitlab.com/gitlab-org/gitlab/-/issues/343531.
+ status 200
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 00:10:45 +0300