From a78b5f2a6aa25bfe9a34e865f128289d9bb8f3c0 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 2 Sep 2013 08:59:57 +0200 Subject: Ensure json requests get json error response on failure Normally rails sends an html page which can't be parsed by the client. --- app/controllers/application_controller.rb | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 9734a33..b808e1c 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -7,6 +7,19 @@ class ApplicationController < ActionController::Base protected + + rescue_from StandardError do |e| + respond_to do |format| + format.json { render_json_error } + format.all { raise e } # reraise the exception so the normal thing happens. + end + end + + def render_json_error + render status: 500, + json: {error: "The server failed to process your request. We'll look into it."} + end + # # Allows us to pass through bold text to flash messages. See format_flash() for where this is reversed. # -- cgit v1.2.3 From 1210f91251b14c251b2d4a6de7665fa520b77864 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 2 Sep 2013 09:29:48 +0200 Subject: Test the error handling of json and html responses --- test/functional/error_handling_test.rb | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 test/functional/error_handling_test.rb diff --git a/test/functional/error_handling_test.rb b/test/functional/error_handling_test.rb new file mode 100644 index 0000000..04ea722 --- /dev/null +++ b/test/functional/error_handling_test.rb @@ -0,0 +1,20 @@ +require 'test_helper' + +class ErrorHandlingTest < ActionController::TestCase + tests HomeController + + def setup + HomeController.any_instance.stubs(:index).raises + end + + def test_json_error + get :index, format: :json + assert_equal 'application/json', @response.content_type + end + + def test_html_error_reraises + assert_raises RuntimeError do + get :index + end + end +end -- cgit v1.2.3 From 1bcc76b4f50a181a1b3c137c79b627257187ac3c Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 2 Sep 2013 09:41:24 +0200 Subject: integration test for displaying internal server error during signup --- test/functional/error_handling_test.rb | 2 ++ users/test/integration/browser/account_test.rb | 25 ++++++++++++++++++------- 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/test/functional/error_handling_test.rb b/test/functional/error_handling_test.rb index 04ea722..47e44ce 100644 --- a/test/functional/error_handling_test.rb +++ b/test/functional/error_handling_test.rb @@ -10,6 +10,8 @@ class ErrorHandlingTest < ActionController::TestCase def test_json_error get :index, format: :json assert_equal 'application/json', @response.content_type + assert json = JSON.parse(@response.body) + assert_equal ['error'], json.keys end def test_html_error_reraises diff --git a/users/test/integration/browser/account_test.rb b/users/test/integration/browser/account_test.rb index b412980..f3a78ed 100644 --- a/users/test/integration/browser/account_test.rb +++ b/users/test/integration/browser/account_test.rb @@ -7,13 +7,7 @@ class AccountTest < BrowserIntegrationTest end test "normal account workflow" do - username = "test_#{SecureRandom.urlsafe_base64}".downcase - password = SecureRandom.base64 - visit '/users/new' - fill_in 'Username', with: username - fill_in 'Password', with: password - fill_in 'Password confirmation', with: password - click_on 'Sign Up' + username, password = submit_signup assert page.has_content?("Welcome #{username}") click_on 'Logout' assert page.has_content?("Sign Up") @@ -32,6 +26,23 @@ class AccountTest < BrowserIntegrationTest assert page.has_no_content?("Welcome") end + test "reports internal server errors" do + V1::UsersController.any_instance.stubs(:create).raises + submit_signup + assert page.has_content?("server failed") + end + + def submit_signup + username = "test_#{SecureRandom.urlsafe_base64}".downcase + password = SecureRandom.base64 + visit '/users/new' + fill_in 'Username', with: username + fill_in 'Password', with: password + fill_in 'Password confirmation', with: password + click_on 'Sign Up' + return username, password + end + def inject_malicious_js page.execute_script <<-EOJS var calc = new srp.Calculate(); -- cgit v1.2.3