Skip to content

Navigating to a non-existant "service" edit url results in a 500 error

Summary

Navigating to the "edit" URL for a integration/service type which does not exist will raise a 500 error, rather than a 404.

This is because we're calling public_send("build_#{name}_service") with the invalid service param. I don't believe this a security issue, since user permissions are still respected & users can still only access valid services, but it's a poor UX.

Steps to reproduce

Follow a url like this one:

https://gitlab.com/gitlab-examples/ops/incident-setup/everyone/tanuki-inc/-/services/bad_service_type/edit

See it in Sentry:

https://sentry.gitlab.net/gitlab/gitlabcom/issues/2346887/?query=is%3Aunresolved%20cappy

What is the current bug behavior?

500 error.

What is the expected correct behavior?

404 error would be preferred, as would happen with a "disabled" service, like datadog.

Possible fixes

We should not attempt to initialize a service unless the service is of an expected type, mirroring https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/project.rb#L1350.