From 85aabe832eb3eec10a29054ef5575618686eef33 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Fri, 4 Apr 2014 11:48:24 +0200
Subject: 5382 - prevent crash when destroying tokens

An expired token was removed (probably by automatic cleanup) while processing it. So the webapp crashed due to a couch 404.

We're preventing that by rescueing from a 404 on Token.delete by default.
---
 users/app/models/token.rb     | 8 ++++++++
 users/test/unit/token_test.rb | 8 +++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/users/app/models/token.rb b/users/app/models/token.rb
index 001eb40..4856c31 100644
--- a/users/app/models/token.rb
+++ b/users/app/models/token.rb
@@ -40,6 +40,14 @@ class Token < CouchRest::Model::Base
     end
   end
 
+  # Tokens can be cleaned up in different ways.
+  # So let's make sure we don't crash if they disappeared
+  def destroy_with_rescue
+    destroy_without_rescue
+  rescue RestClient::ResourceNotFound
+  end
+  alias_method_chain :destroy, :rescue
+
   def touch
     self.last_seen_at = Time.now
     save
diff --git a/users/test/unit/token_test.rb b/users/test/unit/token_test.rb
index 6c9f209..a3c6cf6 100644
--- a/users/test/unit/token_test.rb
+++ b/users/test/unit/token_test.rb
@@ -78,6 +78,12 @@ class ClientCertificateTest < ActiveSupport::TestCase
   end
 
 
-
+  test "Token.destroy_all_expired does not interfere with expired.authenticate" do
+    expired = FactoryGirl.create :token, last_seen_at: 2.hours.ago
+    with_config auth: {token_expires_after: 60} do
+      Token.destroy_all_expired
+    end
+    assert_nil expired.authenticate
+  end
 
 end
-- 
cgit v1.2.3