From: Ricardo Marques <rimarques@suse.com>
Date: Mon, 4 Jun 2018 20:26:44 +0000 (+0100)
Subject: mgr/dashboard: Login failure should return HTTP 400
X-Git-Tag: v14.0.1~1164^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=091e01ca719f7116ea2a8dcaef5aad38e992f13c;p=ceph.git

mgr/dashboard: Login failure should return HTTP 400

Signed-off-by: Ricardo Marques <rimarques@suse.com>
---

diff --git a/qa/tasks/mgr/dashboard/test_auth.py b/qa/tasks/mgr/dashboard/test_auth.py
index 29350e2dc92c2..6f2cc7946977c 100644
--- a/qa/tasks/mgr/dashboard/test_auth.py
+++ b/qa/tasks/mgr/dashboard/test_auth.py
@@ -47,8 +47,12 @@ class AuthTest(DashboardTestCase):
 
     def test_login_invalid(self):
         self._post("/api/auth", {'username': 'admin', 'password': 'inval'})
-        self.assertStatus(403)
-        self.assertJsonBody({"detail": "Invalid credentials"})
+        self.assertStatus(400)
+        self.assertJsonBody({
+            "component": "auth",
+            "code": "invalid_credentials",
+            "detail": "Invalid credentials"
+        })
 
     def test_logout(self):
         self._post("/api/auth", {'username': 'admin', 'password': 'admin'})
diff --git a/src/pybind/mgr/dashboard/controllers/auth.py b/src/pybind/mgr/dashboard/controllers/auth.py
index 1cbad91cb86b4..be6c3298fe648 100644
--- a/src/pybind/mgr/dashboard/controllers/auth.py
+++ b/src/pybind/mgr/dashboard/controllers/auth.py
@@ -8,6 +8,7 @@ import cherrypy
 
 from . import ApiController, RESTController
 from .. import logger, mgr
+from ..exceptions import DashboardException
 from ..tools import Session
 
 
@@ -40,13 +41,14 @@ class Auth(RESTController):
             logger.debug('Login successful')
             return {'username': username}
 
-        cherrypy.response.status = 403
         if config_username is None:
             logger.warning('No Credentials configured. Need to call `ceph dashboard '
                            'set-login-credentials <username> <password>` first.')
         else:
             logger.debug('Login failed')
-        return {'detail': 'Invalid credentials'}
+        raise DashboardException(msg='Invalid credentials',
+                                 code='invalid_credentials',
+                                 component='auth')
 
     def bulk_delete(self):
         logger.debug('Logout successful')
diff --git a/src/pybind/mgr/dashboard/frontend/src/app/shared/enum/components.enum.ts b/src/pybind/mgr/dashboard/frontend/src/app/shared/enum/components.enum.ts
index f5fc998f341f1..2c6dd9b1766de 100644
--- a/src/pybind/mgr/dashboard/frontend/src/app/shared/enum/components.enum.ts
+++ b/src/pybind/mgr/dashboard/frontend/src/app/shared/enum/components.enum.ts
@@ -1,4 +1,5 @@
 export enum Components {
+  auth = 'Login',
   cephfs = 'CephFS',
   rbd = 'RBD',
   pool = 'Pool',