Show certain CustomersDot exceptions to the end user
We've recently globally disabled showing exceptions returning from CustomersDot to the users as part of !59487 (merged) due to some of those exceptions leaking details.
It turns out, some of those exceptions convey useful information which the user needs to see.
When I search sentry for https://sentry.gitlab.net/gitlab/gitlabcom/?query=SubscriptionPortalRESTException I can discover the following type of errors:
Errors we should show.
Those come mostly from Zuora and we show verbatim to the users.
{"email"=>["has already been taken"]}
{"message"=>"Your card has insufficient funds."}
{"message"=>"Your card was declined."}
Validation failed: Gl namespace can have only one trial
Gitlab::HostedPlans::CreateTrialService::TrialAlreadyUsedExceptions which leak data
Invalid Namespace ID: 111. Customer ID: 222
Validation failed: Company can't contain XSS payload
Postgres error....This is where things get complicated, so we can't show raw exceptions coming from CustomersDot components because they leak some security related information. But we must show exceptions meant to be shown to the end users.
Solution Approach
Show the user facing errors whenevr they show up
KNOWN_ZUORA_ERRORS = [
'A one-time charge can be updated only if it belongs to a New Product amendment.',
'Electronic payment needs electronic payment method.',
'Please apply some changes to your subscription before continuing.',
'Please enter a valid quantity.',
'State/Province should be ISO standard state or province. N/A is not an ISO state/province of United States.',
'Taxation Requirement: State is required for Sold To Contact if the country is United States or Canada.',
'The Zuora GetTax call to Avalara returned the following error(s): Tax calculation cannot be determined. Zip is not valid for the state.',
'Your card has insufficient funds.',
'Your card number is incorrect.',
"Your card's expiration month is invalid.",
'Your card was declined.'
].freezeEdited by Alper Akgun