summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/controllers/application_controller.rb13
-rw-r--r--core/app/views/common/_home_page_buttons.html.haml2
-rw-r--r--test/functional/error_handling_test.rb22
-rw-r--r--users/app/controllers/email_aliases_controller.rb12
-rw-r--r--users/app/controllers/sessions_controller.rb10
-rw-r--r--users/app/controllers/v1/users_controller.rb1
-rw-r--r--users/config/routes.rb1
-rw-r--r--users/test/functional/sessions_controller_test.rb21
-rw-r--r--users/test/integration/browser/account_test.rb25
9 files changed, 55 insertions, 52 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 9734a33..b808e1c 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -7,6 +7,19 @@ class ApplicationController < ActionController::Base
protected
+
+ rescue_from StandardError do |e|
+ respond_to do |format|
+ format.json { render_json_error }
+ format.all { raise e } # reraise the exception so the normal thing happens.
+ end
+ end
+
+ def render_json_error
+ render status: 500,
+ json: {error: "The server failed to process your request. We'll look into it."}
+ end
+
#
# Allows us to pass through bold text to flash messages. See format_flash() for where this is reversed.
#
diff --git a/core/app/views/common/_home_page_buttons.html.haml b/core/app/views/common/_home_page_buttons.html.haml
index 82a5cc2..7eb4c40 100644
--- a/core/app/views/common/_home_page_buttons.html.haml
+++ b/core/app/views/common/_home_page_buttons.html.haml
@@ -9,7 +9,7 @@
.span3
.row-fluid.second
.login.span4
- %span.link= link_to(icon('ok-sign', icon_color) + t(:login), new_session_path, :class => 'btn')
+ %span.link= link_to(icon('ok-sign', icon_color) + t(:login), login_path, :class => 'btn')
%span.info= t(:login_info)
.signup.span4
%span.link= link_to(icon('user', icon_color) + t(:signup), new_user_path, :class => 'btn')
diff --git a/test/functional/error_handling_test.rb b/test/functional/error_handling_test.rb
new file mode 100644
index 0000000..47e44ce
--- /dev/null
+++ b/test/functional/error_handling_test.rb
@@ -0,0 +1,22 @@
+require 'test_helper'
+
+class ErrorHandlingTest < ActionController::TestCase
+ tests HomeController
+
+ def setup
+ HomeController.any_instance.stubs(:index).raises
+ end
+
+ def test_json_error
+ get :index, format: :json
+ assert_equal 'application/json', @response.content_type
+ assert json = JSON.parse(@response.body)
+ assert_equal ['error'], json.keys
+ end
+
+ def test_html_error_reraises
+ assert_raises RuntimeError do
+ get :index
+ end
+ end
+end
diff --git a/users/app/controllers/email_aliases_controller.rb b/users/app/controllers/email_aliases_controller.rb
deleted file mode 100644
index c90432f..0000000
--- a/users/app/controllers/email_aliases_controller.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-class EmailAliasesController < UsersBaseController
- before_filter :fetch_user
-
- def destroy
- @alias = @user.email_aliases.delete(params[:id])
- if @user.save
- flash[:notice] = t(:email_alias_destroyed_successfully, :alias => bold(@alias))
- end
- redirect_to edit_user_email_settings_path(@user) #TODO: this path doesn't exist. will want to add path for identities controller
- end
-
-end
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index d6c455b..0494b51 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -8,16 +8,6 @@ class SessionsController < ApplicationController
end
end
- def create
- logout if logged_in?
- authenticate!
- end
-
- def update
- authenticate!
- render :json => session.delete(:handshake)
- end
-
def destroy
logout
redirect_to root_path
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index f380c19..4f82572 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -8,6 +8,7 @@ module V1
respond_to :json
+ # used for autocomplete for admins in the web ui
def index
if params[:query]
@users = User.by_login.startkey(params[:query]).endkey(params[:query].succ)
diff --git a/users/config/routes.rb b/users/config/routes.rb
index d4d5933..ccecfd5 100644
--- a/users/config/routes.rb
+++ b/users/config/routes.rb
@@ -10,7 +10,6 @@ Rails.application.routes.draw do
get "login" => "sessions#new", :as => "login"
delete "logout" => "sessions#destroy", :as => "logout"
- resources :sessions, :only => [:new, :create, :update]
get "signup" => "users#new", :as => "signup"
resources :users, :except => [:create, :update] do
diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb
index b22c3a3..a630e6e 100644
--- a/users/test/functional/sessions_controller_test.rb
+++ b/users/test/functional/sessions_controller_test.rb
@@ -41,27 +41,6 @@ class SessionsControllerTest < ActionController::TestCase
assert_json_error :login => I18n.t(:all_strategies_failed)
end
- # Warden takes care of parsing the params and
- # rendering the response. So not much to test here.
- test "should perform handshake" do
- request.env['warden'].expects(:authenticate!)
- # make sure we don't get a template missing error:
- @controller.stubs(:render)
- post :create, :login => @user.login, 'A' => @client_hex
- end
-
- test "should authorize" do
- request.env['warden'].expects(:authenticate!)
- handshake = stub(:to_json => "JSON")
- session[:handshake] = handshake
-
- post :update, :id => @user.login, :client_auth => @client_hex
-
- assert_nil session[:handshake]
- assert_response :success
- assert_json_response handshake
- end
-
test "logout should reset warden user" do
expect_warden_logout
delete :destroy
diff --git a/users/test/integration/browser/account_test.rb b/users/test/integration/browser/account_test.rb
index b412980..f3a78ed 100644
--- a/users/test/integration/browser/account_test.rb
+++ b/users/test/integration/browser/account_test.rb
@@ -7,13 +7,7 @@ class AccountTest < BrowserIntegrationTest
end
test "normal account workflow" do
- username = "test_#{SecureRandom.urlsafe_base64}".downcase
- password = SecureRandom.base64
- visit '/users/new'
- fill_in 'Username', with: username
- fill_in 'Password', with: password
- fill_in 'Password confirmation', with: password
- click_on 'Sign Up'
+ username, password = submit_signup
assert page.has_content?("Welcome #{username}")
click_on 'Logout'
assert page.has_content?("Sign Up")
@@ -32,6 +26,23 @@ class AccountTest < BrowserIntegrationTest
assert page.has_no_content?("Welcome")
end
+ test "reports internal server errors" do
+ V1::UsersController.any_instance.stubs(:create).raises
+ submit_signup
+ assert page.has_content?("server failed")
+ end
+
+ def submit_signup
+ username = "test_#{SecureRandom.urlsafe_base64}".downcase
+ password = SecureRandom.base64
+ visit '/users/new'
+ fill_in 'Username', with: username
+ fill_in 'Password', with: password
+ fill_in 'Password confirmation', with: password
+ click_on 'Sign Up'
+ return username, password
+ end
+
def inject_malicious_js
page.execute_script <<-EOJS
var calc = new srp.Calculate();