fix: removed useless try-catches

[HardMax71]

---

Summary by cubic

Standardized API error handling by removing route-level try/catches and using domain exceptions handled by the global error handler. Updated OpenAPI, regenerated frontend SDK/types, and aligned tests with new status codes and messages.

• Refactors

  • Replaced ValueError with NotFoundError, ValidationError, and ConflictError in services/repositories.
  • Removed route try/except; global handler now returns consistent 4xx responses.
  • Added explicit response descriptions and correct codes across endpoints (e.g., 401 login, 403 access, 404 not found, 409 conflicts, 422 validation).
  • Aligned behaviors: admin create_user returns 409 on duplicate username; replay returns 404 when no events match and 422 for empty/too-large filters.
  • Regenerated OpenAPI docs and frontend types; updated e2e tests to expect the new exceptions and status codes.

• Migration

  • Admin create_user: handle 409 for duplicate username.
  • Auth register: 400 for duplicate username, 409 for duplicate email; 500 is no longer advertised.

^{Written for commit b7a4025. Summary will update on new commits.}

Summary by CodeRabbit

• Documentation

  • Improved API error messages and OpenAPI descriptions for clearer, user-facing guidance (authentication, validation, not-found, access denied, replay and settings errors).

• Bug Fixes

  • Aligned HTTP status codes and error responses for consistency (e.g., duplicate user → 409, clearer replay/filter and system settings errors, ownership/403 clarifications).

[coderabbitai]

📝 Walkthrough

Walkthrough

Refactors backend error handling to use domain-specific exceptions (ConflictError, NotFoundError, ValidationError) and enriches OpenAPI response descriptions; updates generated frontend API types/SDK to match error-code/description changes.

Changes

Cohort / File(s)	Summary
Backend API Routes - Error Descriptions backend/app/api/routes/admin/events.py, backend/app/api/routes/admin/settings.py, backend/app/api/routes/admin/users.py, backend/app/api/routes/events.py, backend/app/api/routes/execution.py, backend/app/api/routes/saga.py, backend/app/api/routes/saved_scripts.py, backend/app/api/routes/dlq.py, backend/app/api/routes/auth.py	Added descriptive error descriptions to route decorators (404/400/403/422/500/409) and removed some inline try/except handling in favor of service-level exceptions; minor control-flow adjustments (e.g., returning service results directly).
Backend Domain & Services backend/app/db/repositories/admin/admin_events_repository.py, backend/app/services/admin/admin_events_service.py, backend/app/services/admin/admin_user_service.py	Replaced generic ValueError raises with domain-specific exceptions (NotFoundError, ValidationError, ConflictError) and adjusted service error-raising sites accordingly.
Frontend Generated API (types & SDK) frontend/src/lib/api/types.gen.ts, frontend/src/lib/api/sdk.gen.ts, frontend/src/lib/api/index.ts	Updated generated error union keys and descriptions across many endpoints to reflect new HTTP statuses/descriptions; changed one SDK API error type to unknown.
OpenAPI Spec docs/reference/openapi.json	Updated response description strings and some referenced error schemas across many endpoints to match backend decorator changes.
Tests backend/tests/e2e/services/admin/test_admin_user_service.py, backend/tests/e2e/test_admin_users_routes.py	Updated expectations to new domain exceptions/status codes (NotFoundError, HTTP 409 for duplicate username).

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• PR #149 — Also updates admin routes and standardizes ErrorResponse descriptions and decorator-based error mappings.
• PR #121 — Touches OpenAPI/type generation and frontend generated API types; related to the types/SDK changes here.
• PR #74 — Modifies admin events/replay logic and overlaps with repository/service changes to event error handling.

Poem

🐇 I hopped through code both near and far,

Swapped vague errors for a clearer star.
Conflict, NotFound, Validation too —
Now responses tell what they do.
Hop! The docs and types are new. ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main objective: removing redundant try-catch blocks and standardizing error handling via domain exceptions and a global error handler.
Docstring Coverage	✅ Passed	Docstring coverage is 90.57% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/useless-trycatch

---

No actionable comments were generated in the recent review. 🎉

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

No issues found across 16 files

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

docs/reference/openapi.json (1)

90-105: ⚠️ Potential issue | 🟠 Major

Avoid account enumeration in registration errors.

The explicit “Username already registered” and “Email already registered” responses make it easier to probe account existence. Consider using a single, generic conflict response (and optionally a single status code) for public registration endpoints.

🔧 Suggested doc tweak for safer messaging

-            "description": "Username already registered",
+            "description": "Registration failed",
...
-            "description": "Email already registered",
+            "description": "Registration failed",

🤖 Fix all issues with AI agents

In `@docs/reference/openapi.json`:
- Around line 299-306: Replace ownership-specific 403 responses that reveal
resource existence (e.g., responses with description "Not the owner of this
execution") with a generic authorization failure or 404 to reduce enumeration;
locate the OpenAPI response objects (the entries with description "Not the owner
of..." and their $ref to ErrorResponse) and change the description text to a
non-resource-specific message like "Access denied" or switch the response code
to 404 where appropriate, and apply the same change to the other occurrences
called out (lines covering the other response blocks at the ranges mentioned) so
all ownership-specific hints are masked consistently.

🧹 Nitpick comments (2)

backend/app/api/routes/auth.py (1)

248-266: Redundant "attempt" log after the operation already succeeded.

Line 249 logs "Token verification attempt" but get_current_user on line 248 has already completed successfully at that point. Consider changing the log message to just "Token verified" or removing the first log call to avoid the misleading "attempt" label followed immediately by "successful".

backend/app/api/routes/admin/users.py (1)

157-161: Document 404 response for non-existent user deletion.

The delete_user endpoint only documents a 400 response for self-deletion. However, admin_user_service.delete_user → repository.delete_user raises UserNotFoundError when the target user doesn't exist, which is mapped to a 404 response. Adding this to the responses parameter would complete the OpenAPI specification:

responses={
    400: {"model": ErrorResponse, "description": "Cannot delete your own account"},
    404: {"model": ErrorResponse, "description": "User not found"},
}

[sonarqubecloud]

Quality Gate passed

Issues
18 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud