Merge pull request #577 from TS0713/admin_add_server_exception_update_fix

admin_add_server_exception_update_fix

Author: madhav165

mcpgateway/admin.py

@@ -435,12 +435,6 @@ async def admin_add_server(request: Request, db: Session = Depends(get_db), user
     except CoreValidationError as ex:
         return JSONResponse(content={"message": str(ex), "success": False}, status_code=422)
 
-    except ValidationError as ex:
-        return JSONResponse(content={"message": str(ex), "success": False}, status_code=422)
-
-    except IntegrityError as ex:
-        logger.error(f"Database error: {ex}")
-        return JSONResponse(content={"message": f"Server already exists with name: {server.name}", "success": False}, status_code=409)
     except Exception as ex:
         if isinstance(ex, ServerError):
             # Custom server logic error — 500 Internal Server Error makes sense
@@ -456,11 +450,11 @@ async def admin_add_server(request: Request, db: Session = Depends(get_db), user
 
         if isinstance(ex, ValidationError):
             # Pydantic or input validation failure — 422 Unprocessable Entity is correct
-            return JSONResponse(content={"message": ErrorFormatter.format_validation_error(ex), "success": False}, status_code=422)
+            return JSONResponse(content=ErrorFormatter.format_validation_error(ex), status_code=422)
 
         if isinstance(ex, IntegrityError):
             # DB constraint violation — 409 Conflict is appropriate
-            return JSONResponse(content={"message": ErrorFormatter.format_database_error(ex), "success": False}, status_code=409)
+            return JSONResponse(content=ErrorFormatter.format_database_error(ex), status_code=409)
 
         # For any other unhandled error, default to 500
         return JSONResponse(content={"message": str(ex), "success": False}, status_code=500)
@@ -2299,12 +2293,9 @@ async def admin_add_gateway(request: Request, db: Session = Depends(get_db), use
         # Convert KeyError to ValidationError-like response
         return JSONResponse(content={"message": f"Missing required field: {e}", "success": False}, status_code=422)
 
-    except ValueError as ex:
+    except ValidationError as ex:
         # --- Getting only the custom message from the ValueError ---
-        error_ctx = []
-        logger.info(f" ALL -> {ex.errors()}")
-        for err in ex.errors():
-            error_ctx.append(str(err["ctx"]["error"]))
+        error_ctx = [str(err["ctx"]["error"]) for err in ex.errors()]
         return JSONResponse(content={"success": False, "message": "; ".join(error_ctx)}, status_code=422)
 
     try:

mcpgateway/config.py

@@ -490,7 +490,9 @@ def validate_database(self) -> None:
                 db_dir.mkdir(parents=True)
 
     # Validation patterns for safe display (configurable)
-    validation_dangerous_html_pattern: str = r"<(script|iframe|object|embed|link|meta|base|form|img|svg|video|audio|source|track|area|map|canvas|applet|frame|frameset|html|head|body|style)\b|</*(script|iframe|object|embed|link|meta|base|form|img|svg|video|audio|source|track|area|map|canvas|applet|frame|frameset|html|head|body|style)>"
+    validation_dangerous_html_pattern: str = (
+        r"<(script|iframe|object|embed|link|meta|base|form|img|svg|video|audio|source|track|area|map|canvas|applet|frame|frameset|html|head|body|style)\b|</*(script|iframe|object|embed|link|meta|base|form|img|svg|video|audio|source|track|area|map|canvas|applet|frame|frameset|html|head|body|style)>"
+    )
 
     validation_dangerous_js_pattern: str = r"javascript:|vbscript:|on\w+\s*=|data:.*script"
     validation_allowed_url_schemes: List[str] = ["http://", "https://", "ws://", "wss://"]

mcpgateway/schemas.py

@@ -1572,6 +1572,16 @@ class PromptInvocation(BaseModelWithConfigDict):
 
 # --- Transport Type ---
 class TransportType(str, Enum):
+    """
+    Enumeration of supported transport mechanisms for communication between components.
+
+    Attributes:
+        SSE (str): Server-Sent Events transport.
+        HTTP (str): Standard HTTP-based transport.
+        STDIO (str): Standard input/output transport.
+        STREAMABLEHTTP (str): HTTP transport with streaming.
+    """
+
     SSE = "SSE"
     HTTP = "HTTP"
     STDIO = "STDIO"
@@ -1690,6 +1700,24 @@ def create_auth_value(cls, v, info):
     @field_validator("transport")
     @classmethod
     def validate_transport(cls, v: str) -> str:
+        """
+        Validates that the given transport value is one of the supported TransportType values.
+
+        Args:
+            v (str): The transport value to validate.
+
+        Returns:
+            str: The validated transport value if it is valid.
+
+        Raises:
+            ValueError: If the provided value is not a valid transport type.
+
+        Valid transport types are defined in the TransportType enum:
+            - SSE
+            - HTTP
+            - STDIO
+            - STREAMABLEHTTP
+        """
         if v not in [t.value for t in TransportType]:
             raise ValueError(f"Invalid transport type: {v}. Must be one of: {', '.join([t.value for t in TransportType])}")
         return v

mcpgateway/validators.py

@@ -52,7 +52,9 @@ class SecurityValidator:
     """Configurable validation with MCP-compliant limits"""
 
     # Configurable patterns (from settings)
-    DANGEROUS_HTML_PATTERN = settings.validation_dangerous_html_pattern  # Default: '<(script|iframe|object|embed|link|meta|base|form|img|svg|video|audio|source|track|area|map|canvas|applet|frame|frameset|html|head|body|style)\b|</*(script|iframe|object|embed|link|meta|base|form|img|svg|video|audio|source|track|area|map|canvas|applet|frame|frameset|html|head|body|style)>'
+    DANGEROUS_HTML_PATTERN = (
+        settings.validation_dangerous_html_pattern
+    )  # Default: '<(script|iframe|object|embed|link|meta|base|form|img|svg|video|audio|source|track|area|map|canvas|applet|frame|frameset|html|head|body|style)\b|</*(script|iframe|object|embed|link|meta|base|form|img|svg|video|audio|source|track|area|map|canvas|applet|frame|frameset|html|head|body|style)>'
     DANGEROUS_JS_PATTERN = settings.validation_dangerous_js_pattern  # Default: javascript:|vbscript:|on\w+\s*=|data:.*script
     ALLOWED_URL_SCHEMES = settings.validation_allowed_url_schemes  # Default: ["http://", "https://", "ws://", "wss://"]