diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2019-08-30 01:34:47 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-08-30 01:34:47 +0200 |
commit | 22ce4778eba300cdbd6a1eda94d49ce647ecdbaf (patch) | |
tree | d6f1315cb5e70ad58de75d483ffee17c60fd8e62 | |
parent | 8ee4a2892c91323f3f213f132d5fb7cc4bb012c8 (diff) |
Fix uncaught parameter missing exceptions and missing error templates (#11702)
-rw-r--r-- | app/controllers/api/base_controller.rb | 8 | ||||
-rw-r--r-- | app/controllers/application_controller.rb | 12 | ||||
-rw-r--r-- | app/views/errors/400.html.haml | 5 | ||||
-rw-r--r-- | app/views/errors/406.html.haml | 5 | ||||
-rw-r--r-- | app/views/errors/503.html.haml | 5 | ||||
-rw-r--r-- | config/locales/en.yml | 3 | ||||
-rw-r--r-- | spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb | 3 | ||||
-rw-r--r-- | spec/controllers/settings/two_factor_authentications_controller_spec.rb | 3 |
8 files changed, 41 insertions, 3 deletions
diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index de8fff30e..33df75b37 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -36,6 +36,14 @@ class Api::BaseController < ApplicationController render json: { error: 'This action is not allowed' }, status: 403 end + rescue_from Mastodon::RaceConditionError do + render json: { error: 'There was a temporary problem serving your request, please try again' }, status: 503 + end + + rescue_from ActionController::ParameterMissing do |e| + render json: { error: e.to_s }, status: 400 + end + def doorkeeper_unauthorized_render_options(error: nil) { json: { error: (error.try(:description) || 'Not authorized') } } end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 1caaa20f7..5b343a276 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -21,11 +21,13 @@ class ApplicationController < ActionController::Base helper_method :whitelist_mode? rescue_from ActionController::RoutingError, with: :not_found - rescue_from ActiveRecord::RecordNotFound, with: :not_found rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity rescue_from ActionController::UnknownFormat, with: :not_acceptable + rescue_from ActionController::ParameterMissing, with: :bad_request + rescue_from ActiveRecord::RecordNotFound, with: :not_found rescue_from Mastodon::NotPermittedError, with: :forbidden rescue_from HTTP::Error, OpenSSL::SSL::SSLError, with: :internal_server_error + rescue_from Mastodon::RaceConditionError, with: :service_unavailable before_action :store_current_location, except: :raise_not_found, unless: :devise_controller? before_action :require_functional!, if: :user_signed_in? @@ -96,10 +98,18 @@ class ApplicationController < ActionController::Base respond_with_error(406) end + def bad_request + respond_with_error(400) + end + def internal_server_error respond_with_error(500) end + def service_unavailable + respond_with_error(503) + end + def single_user_mode? @single_user_mode ||= Rails.configuration.x.single_user_mode && Account.where('id > 0').exists? end diff --git a/app/views/errors/400.html.haml b/app/views/errors/400.html.haml new file mode 100644 index 000000000..11fbdd40c --- /dev/null +++ b/app/views/errors/400.html.haml @@ -0,0 +1,5 @@ +- content_for :page_title do + = t('errors.400') + +- content_for :content do + = t('errors.400') diff --git a/app/views/errors/406.html.haml b/app/views/errors/406.html.haml new file mode 100644 index 000000000..0ef815df3 --- /dev/null +++ b/app/views/errors/406.html.haml @@ -0,0 +1,5 @@ +- content_for :page_title do + = t('errors.406') + +- content_for :content do + = t('errors.406') diff --git a/app/views/errors/503.html.haml b/app/views/errors/503.html.haml new file mode 100644 index 000000000..b0c895aa5 --- /dev/null +++ b/app/views/errors/503.html.haml @@ -0,0 +1,5 @@ +- content_for :page_title do + = t('errors.503') + +- content_for :content do + = t('errors.503') diff --git a/config/locales/en.yml b/config/locales/en.yml index 2f601f274..892d13c72 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -652,8 +652,10 @@ en: domain_validator: invalid_domain: is not a valid domain name errors: + '400': The request you submitted was invalid or malformed. '403': You don't have permission to view this page. '404': The page you are looking for isn't here. + '406': This page is not available in the requested format. '410': The page you were looking for doesn't exist here anymore. '422': content: Security verification failed. Are you blocking cookies? @@ -662,6 +664,7 @@ en: '500': content: We're sorry, but something went wrong on our end. title: This page is not correct + '503': The page could not be served due to a temporary server failure. noscript_html: To use the Mastodon web application, please enable JavaScript. Alternatively, try one of the <a href="%{apps_path}">native apps</a> for Mastodon for your platform. existing_username_validator: not_found: could not find a local user with that username diff --git a/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb b/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb index 478f24585..2222a7559 100644 --- a/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb +++ b/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb @@ -50,7 +50,8 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do describe 'when form_two_factor_confirmation parameter is not provided' do it 'raises ActionController::ParameterMissing' do - expect { post :create, params: {} }.to raise_error(ActionController::ParameterMissing) + post :create, params: {} + expect(response).to have_http_status(400) end end diff --git a/spec/controllers/settings/two_factor_authentications_controller_spec.rb b/spec/controllers/settings/two_factor_authentications_controller_spec.rb index 9f27222ad..f7c628756 100644 --- a/spec/controllers/settings/two_factor_authentications_controller_spec.rb +++ b/spec/controllers/settings/two_factor_authentications_controller_spec.rb @@ -112,7 +112,8 @@ describe Settings::TwoFactorAuthenticationsController do end it 'raises ActionController::ParameterMissing if code is missing' do - expect { post :destroy }.to raise_error(ActionController::ParameterMissing) + post :destroy + expect(response).to have_http_status(400) end end |