metabase.api.routes.common

toc

Shared helpers used by [[metabase.api.routes/routes]] as well as premium-only routes like [[metabase-enterprise.sandbox.api.routes/routes]].

(ns metabase.api.routes.common
  (:require
   [metabase.server.core :as server]))

these use vars rather than plain functions so changes to the underlying functions get propagated during REPL usage.

Wrap routes so any Exception except 404 thrown is just returned as a generic 400, to prevent details from leaking in public endpoints.

(def +public-exceptions
  #'server/public-exceptions)

Wrap routes so any Exception thrown is just returned as a 400 with only the message from the original Exception (i.e., remove the original stacktrace), to prevent details from leaking in public endpoints.

(def +message-only-exceptions
  #'server/message-only-exceptions)

Wrap routes so they may only be accessed with a correct API key header.

(def +static-apikey
  #'server/enforce-static-api-key)

Wrap routes so they may only be accessed with proper authentication credentials.

(def +auth
  #'server/enforce-authentication)
 
Generated by Marginalia.  Syntax highlighting provided by Alex Gorbatchev's SyntaxHighlighter