browserstack · kneeraj2000 · Jun 1, 2023 · Jun 1, 2023
diff --git a/aws_access/access.py b/aws_access/access.py
@@ -72,12 +72,12 @@ def approve(
 
             if not granted_access:
                 logger.error(
-                    "Something when wrong while adding %s to group %s: %s",
+                    constants.ERROR_MESSAGES["grant_access_failed"],
                     user.email,
                     label["group"],
                     str(exception)
                 )
-                return False
+                return False, constants.ERROR_MESSAGES["grant_access_failed"] % (user.email, label["group"], str(exception))
 
         try:
             self.__send_approve_email(
@@ -90,7 +90,6 @@ def approve(
             )
         except Exception as ex:
             logger.exception("%s Could not send email for error %s", self.tag(), str(ex))
-            return False
 
         return True
 
@@ -215,18 +214,17 @@ def revoke(self, user, user_identity, label, request):
 
         if not is_revoked:
             logger.error(
-                "Something went wrong while removing %s from %s: %s",
+                constants.ERROR_MESSAGES["revoke_access_failed"],
                 user.email, label["group"], str(exception)
             )
-            return False
+            return False, constants.ERROR_MESSAGES["revoke_access_failed"] % (user.email, label["group"], str(exception))
 
         label_desc = self.get_label_desc(label)
         try:
             self.__send_revoke_email(user, request.request_id, label_desc)
-            return True
         except Exception as ex:
             logger.exception("Could not send email for error %s", str(ex))
-            return False
+        return True
 
     def validate_request(self, access_labels_data, request_user, is_group=False):
         """Validates the access request.

diff --git a/aws_access/constants.py b/aws_access/constants.py
@@ -6,4 +6,6 @@
     "valid_action_required": "Valid action is required for AWS access",
     "valid_account_required": "Valid account name is required for AWS access",
     "valid_group_required": "Valid group name is required for AWS access",
+    "grant_access_failed" : "Something when wrong while adding %s to group %s: %s",
+    "revoke_access_failed" : "Something went wrong while removing %s from %s: %s",
 }
diff --git a/confluence/access.py b/confluence/access.py
@@ -150,20 +150,20 @@ def __approve_space_access(
             )
 
             if response.status_code == 200:
-                return str(json.loads(response.text)["id"])
+                return True, str(json.loads(response.text)["id"])
             if response.status_code == 400:
-                return json.loads(response.text)["message"].split(" ")[-1]
+                return True, json.loads(response.text)["message"].split(" ")[-1]
             logger.error(
-                "Could not approve permission %s for response %s",
+                constants.ERROR_MESSAGES["grant_access_failed"],
                 str(permission), str(response.text)
             )
-            return False
+            return False, constants.ERROR_MESSAGES["grant_access_failed"] % (str(permission), str(response.text))
         except Exception as ex:
             logger.error(
-                "Could not approve permission %s for error %s",
+                constants.ERROR_MESSAGES["grant_access_failed"],
                 str(permission), str(ex)
             )
-            return False
+            return False, constants.ERROR_MESSAGES["grant_access_failed"] % (str(permission), str(response.text))
 
     def __revoke_space_access(self, space_key, permission_id):
         """Makes confluence API calls and revokes access to a confluence space."""
@@ -302,14 +302,14 @@ def approve(
             approve_result = []
 
             for permission in permissions:
-                response = self.__approve_space_access(
+                response, result = self.__approve_space_access(
                     label["access_workspace"],
                     permission,
                     user_identity.identity["id"],
                     subject_type="user",
                 )
                 if response is False:
-                    return False
+                    return response, result
 
                 approve_result.append(
                     {"permission": permission, "permission_id": response}
@@ -321,10 +321,9 @@ def approve(
             self.__send_approve_email(
                 user_identity.user, request.request_id, access_type, approver
             )
-            return True
         except Exception as ex:
             logger.error("Could not send email for error %s", str(ex))
-            return False
+        return True
 
     def __send_approve_email(self, user, request_id, access_type, approver):
         """Generates and sends email in access grant."""
@@ -372,16 +371,15 @@ def revoke(self, user, user_identity, label, request):
                 label["access_workspace"], permission["permission_id"]
             )
             if response is False:
-                logger.error("could not revoke access for %s", str(permission))
-                return False
+                logger.error(constants.ERROR_MESSAGES["revoke_access_failed"], str(permission))
+                return False, constants.ERROR_MESSAGES["revoke_access_failed"] % (str(permission))
 
         label_desc = self.get_label_desc(label)
         try:
             self.__send_revoke_email(user, label_desc)
-            return True
         except Exception as ex:
             logger.error("Could not send email for error %s", str(ex))
-            return False
+        return True
 
     def access_desc(self):
         """Description of the access module.

diff --git a/confluence/constants.py b/confluence/constants.py
@@ -1,4 +1,6 @@
 ERROR_MESSAGES = {
     "missing_argument": "Missing argument in the access label, please resubmit the request.",
     "valid_access_type": "Valid access type is required to raise the request.",
+    "access_grant_failed": "Could not approve permission %s for response %s",
+    "revoke_access_failed": "could not revoke access for %s",
 }
diff --git a/gcp/access.py b/gcp/access.py
@@ -143,17 +143,16 @@ def approve(
             )
             if result is False:
                 logger.error(
-                    "Something went wrong while adding the %s to group %s: %s",
+                    constants.GRANT_ACCESS_FAILED_ERROR,
                     user.email, label["group"], str(exception)
                 )
-                return False
+                return False, constants.GRANT_ACCESS_FAILED_ERROR % (user.email, label["group"], str(exception))
 
         try:
             self.__send_approve_email(user, label_desc, request.request_id, approver)
-            return True
         except Exception as e:
             logger.error("Could not send email for error %s", str(e))
-            return False
+        return True
 
     def __send_approve_email(self, user, label_desc, request_id, approver):
         """Generates and sends email in access grant."""
@@ -207,18 +206,17 @@ def revoke(self, user, user_identity, label, request):
         )
         if not result:
             logger.error(
-                f"Error while removing the user from the group {label['group']}:"
-                f" {str(exception)}"
+                constants.REVOKE_ACCESS_FAILED_ERROR,
+                label["group"], str(exception)
             )
-            return False
+            return False, constants.REVOKE_ACCESS_FAILED_ERROR % (label["group"], str(exception))
 
         label_desc = self.get_label_desc(label)
         try:
             self.__send_revoke_email(user, label_desc, request.request_id)
-            return True
         except Exception as e:
             logger.error("Could not send email for error %s", str(e))
-            return False
+        return True
 
     def access_request_data(self, request, is_group=False):
         """Creates a dictionary of GCP accounts.

diff --git a/gcp/constants.py b/gcp/constants.py
@@ -3,3 +3,5 @@
 VALID_ACTION_REQUIRED_ERROR = "Valid action is required for the request."
 VALID_DOMAIN_REQUIRED_ERROR = "Valid domain is require for the request."
 VALID_GROUP_REQUIRED_ERROR = "Valid group is required for the request."
+GRANT_ACCESS_FAILED_ERROR = "Something went wrong while adding the %s to group %s: %s"
+REVOKE_ACCESS_FAILED_ERROR = "Error while removing the user from the group %s: %s"
diff --git a/github_access/access.py b/github_access/access.py
@@ -96,6 +96,9 @@ def approve(
 
         label_desc = self.combine_labels_desc(labels)
 
+        if not return_value :
+            return return_value, error_message
+
         try:
             self.__send_approve_email(
                 user_identity.user,

diff --git a/opsgenie_access/access.py b/opsgenie_access/access.py
@@ -214,10 +214,10 @@ def revoke(self, user, user_identity, label, request):
                 return_value = True
         else:
             logger.error(
-                "Something went wrong while removing %s from %s",
+                constants.REVOKE_ACCESS_FAILED_ERROR,
                 user.user.username, team
             )
-            return False, ""
+            return False, constants.REVOKE_ACCESS_FAILED_ERROR % (user.user.username, team)
 
         access_description = self.get_label_desc(label)
         try:

diff --git a/opsgenie_access/constants.py b/opsgenie_access/constants.py
@@ -9,3 +9,4 @@
 TEAM_LIST_ERROR = "Error in Finding teams list"
 
 GET_USER_BY_EMAIL_FAILED = "Failed to read user email address from zoom."
+REVOKE_ACCESS_FAILED_ERROR = "Something went wrong while removing %s from %s"
diff --git a/slack_access/access.py b/slack_access/access.py
@@ -102,15 +102,14 @@ def approve(
                 user.email, label["workspace_id"], workspace_name
             )
             if not invite_user_resp:
-                logger.error(constants.INVITE_USER_FAILED.format(workspace_name=workspace_name))
-                return False
+                logger.error(constants.INVITE_USER_FAILED, workspace_name) 
+                return False, constants.INVITE_USER_FAILED % (workspace_name)
 
         try:
             self.__send_approve_email(user, label_desc, request.request_id, approver)
-            return True
         except Exception as e:
             logger.exception("Could not send email for error %s", str(e))
-            return False
+        return True
 
     def revoke(self, user, user_identity, label, request):
         """Revoke access to Slack.
@@ -129,17 +128,17 @@ def revoke(self, user, user_identity, label, request):
         )
         if not response:
             logger.error(
-                constants.REMOVE_USER_FAILED.format(access_workspace, error_message)
+                constants.REMOVE_USER_FAILED,
+                access_workspace, error_message
             )
-            return False
+            return False, constants.REMOVE_USER_FAILED % (access_workspace, error_message)
 
         label_desc = self.get_label_desc(label)
         try:
             self.__send_revoke_email(user, label_desc, request.request_id)
-            return True
         except Exception as e:
             logger.exception("Could not send email for error %s", str(e))
-            return False
+        return True
 
     def get_label_desc(self, access_label):
         """Returns access label description.

diff --git a/slack_access/constants.py b/slack_access/constants.py
@@ -5,7 +5,7 @@
 VALID_WORKSPACE_REQUIRED_ERROR = "Valid workspace is require for the request."
 VALID__WORKSPACE_ID_REQUIRED_ERROR = "Valid workspace id is required for the request."
 INVITE_USER_FAILED = (
-    "Could not invite user to requested workspace {workspace_name}."
+    "Could not invite user to requested workspace %s."
     " Please contact Admin."
 )
-REMOVE_USER_FAILED = "Failed to remove user from {} workspace due to error: {}"
+REMOVE_USER_FAILED = "Failed to remove user from %s workspace due to error: %s"
diff --git a/ssh/access.py b/ssh/access.py
@@ -65,6 +65,8 @@ def approve(
                 "Something went wrong while adding the %s to group %s: %s"
                 % (user.email, labels, str(error_message))
             )
+            error_msg = "Something went wrong while adding the %s to group %s: %s" % (user.email, labels, str(error_message))
+            return return_value, error_msg    
 
         try:
             self.__send_approve_email(
@@ -79,7 +81,6 @@ def approve(
             logger.error(
                 "%s: Could not send email for error %s", self.tag(), str(e)
             )
-            return_value = False
 
         return return_value, error_message
 
@@ -204,17 +205,17 @@ def revoke(self, user, user_identity, label, request):
                 "Something went wrong while revoking the %s from group %s: %s",
                 user.email, label, str(error_message)
             )
-            return False
+            error_msg = "Something went wrong while revoking the %s from group %s: %s" % (user.email, label, str(error_message))
+            return False, error_msg
 
         label_desc = self.get_label_desc(label)
         try:
             self.__send_revoke_email(user, request.request_id, label_desc)
-            return True
         except Exception as e:
             logger.error(
                 "%s: Could not send email for error %s", self.tag(), str(e)
             )
-            return False
+        return True
 
     def validate_request(self, access_labels_data, request_user, is_group=False):
         """validates the access request for the user to the resource specified in the label

diff --git a/zoom_access/access.py b/zoom_access/access.py
@@ -137,10 +137,9 @@ def approve(
                 request.request_id,
                 approver
             )
-            return True, ""
         except Exception as e:
             logger.exception("Could not send email for error %s", str(e))
-            return False, str(e)
+        return True
 
     def __send_approve_email(self, user, label_desc, request_id, approver):
         """Generates and sends email in access grant."""
@@ -199,10 +198,9 @@ def revoke(self, user, user_identity, label, request):
         label_desc = self.get_label_desc(label)
         try:
             self.__send_revoke_email(user, label_desc, request.request_id)
-            return True, ""
         except Exception as e:
             logger.exception("Could not send email for error %s", str(e))
-            return False, str(e)
+        return True
 
     def can_auto_approve(self):
         """Checks if access can be auto approved or manual approval is needed.
Original file line number	Diff line number	Diff line change
Expand Up		@@ -9,3 +9,4 @@
		TEAM_LIST_ERROR = "Error in Finding teams list"

		GET_USER_BY_EMAIL_FAILED = "Failed to read user email address from zoom."
		REVOKE_ACCESS_FAILED_ERROR = "Something went wrong while removing %s from %s"