summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/controllers/application_controller.rb13
-rw-r--r--test/functional/error_handling_test.rb22
-rw-r--r--users/test/integration/browser/account_test.rb25
3 files changed, 53 insertions, 7 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 9734a33..b808e1c 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -7,6 +7,19 @@ class ApplicationController < ActionController::Base
protected
+
+ rescue_from StandardError do |e|
+ respond_to do |format|
+ format.json { render_json_error }
+ format.all { raise e } # reraise the exception so the normal thing happens.
+ end
+ end
+
+ def render_json_error
+ render status: 500,
+ json: {error: "The server failed to process your request. We'll look into it."}
+ end
+
#
# Allows us to pass through bold text to flash messages. See format_flash() for where this is reversed.
#
diff --git a/test/functional/error_handling_test.rb b/test/functional/error_handling_test.rb
new file mode 100644
index 0000000..47e44ce
--- /dev/null
+++ b/test/functional/error_handling_test.rb
@@ -0,0 +1,22 @@
+require 'test_helper'
+
+class ErrorHandlingTest < ActionController::TestCase
+ tests HomeController
+
+ def setup
+ HomeController.any_instance.stubs(:index).raises
+ end
+
+ def test_json_error
+ get :index, format: :json
+ assert_equal 'application/json', @response.content_type
+ assert json = JSON.parse(@response.body)
+ assert_equal ['error'], json.keys
+ end
+
+ def test_html_error_reraises
+ assert_raises RuntimeError do
+ get :index
+ end
+ end
+end
diff --git a/users/test/integration/browser/account_test.rb b/users/test/integration/browser/account_test.rb
index b412980..f3a78ed 100644
--- a/users/test/integration/browser/account_test.rb
+++ b/users/test/integration/browser/account_test.rb
@@ -7,13 +7,7 @@ class AccountTest < BrowserIntegrationTest
end
test "normal account workflow" do
- username = "test_#{SecureRandom.urlsafe_base64}".downcase
- password = SecureRandom.base64
- visit '/users/new'
- fill_in 'Username', with: username
- fill_in 'Password', with: password
- fill_in 'Password confirmation', with: password
- click_on 'Sign Up'
+ username, password = submit_signup
assert page.has_content?("Welcome #{username}")
click_on 'Logout'
assert page.has_content?("Sign Up")
@@ -32,6 +26,23 @@ class AccountTest < BrowserIntegrationTest
assert page.has_no_content?("Welcome")
end
+ test "reports internal server errors" do
+ V1::UsersController.any_instance.stubs(:create).raises
+ submit_signup
+ assert page.has_content?("server failed")
+ end
+
+ def submit_signup
+ username = "test_#{SecureRandom.urlsafe_base64}".downcase
+ password = SecureRandom.base64
+ visit '/users/new'
+ fill_in 'Username', with: username
+ fill_in 'Password', with: password
+ fill_in 'Password confirmation', with: password
+ click_on 'Sign Up'
+ return username, password
+ end
+
def inject_malicious_js
page.execute_script <<-EOJS
var calc = new srp.Calculate();