Fix uncaught parameter missing exceptions and missing error templates (#11702)
This commit is contained in:
parent
8ee4a2892c
commit
22ce4778eb
8 changed files with 41 additions and 3 deletions
|
@ -36,6 +36,14 @@ class Api::BaseController < ApplicationController
|
||||||
render json: { error: 'This action is not allowed' }, status: 403
|
render json: { error: 'This action is not allowed' }, status: 403
|
||||||
end
|
end
|
||||||
|
|
||||||
|
rescue_from Mastodon::RaceConditionError do
|
||||||
|
render json: { error: 'There was a temporary problem serving your request, please try again' }, status: 503
|
||||||
|
end
|
||||||
|
|
||||||
|
rescue_from ActionController::ParameterMissing do |e|
|
||||||
|
render json: { error: e.to_s }, status: 400
|
||||||
|
end
|
||||||
|
|
||||||
def doorkeeper_unauthorized_render_options(error: nil)
|
def doorkeeper_unauthorized_render_options(error: nil)
|
||||||
{ json: { error: (error.try(:description) || 'Not authorized') } }
|
{ json: { error: (error.try(:description) || 'Not authorized') } }
|
||||||
end
|
end
|
||||||
|
|
|
@ -21,11 +21,13 @@ class ApplicationController < ActionController::Base
|
||||||
helper_method :whitelist_mode?
|
helper_method :whitelist_mode?
|
||||||
|
|
||||||
rescue_from ActionController::RoutingError, with: :not_found
|
rescue_from ActionController::RoutingError, with: :not_found
|
||||||
rescue_from ActiveRecord::RecordNotFound, with: :not_found
|
|
||||||
rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity
|
rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity
|
||||||
rescue_from ActionController::UnknownFormat, with: :not_acceptable
|
rescue_from ActionController::UnknownFormat, with: :not_acceptable
|
||||||
|
rescue_from ActionController::ParameterMissing, with: :bad_request
|
||||||
|
rescue_from ActiveRecord::RecordNotFound, with: :not_found
|
||||||
rescue_from Mastodon::NotPermittedError, with: :forbidden
|
rescue_from Mastodon::NotPermittedError, with: :forbidden
|
||||||
rescue_from HTTP::Error, OpenSSL::SSL::SSLError, with: :internal_server_error
|
rescue_from HTTP::Error, OpenSSL::SSL::SSLError, with: :internal_server_error
|
||||||
|
rescue_from Mastodon::RaceConditionError, with: :service_unavailable
|
||||||
|
|
||||||
before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
|
before_action :store_current_location, except: :raise_not_found, unless: :devise_controller?
|
||||||
before_action :require_functional!, if: :user_signed_in?
|
before_action :require_functional!, if: :user_signed_in?
|
||||||
|
@ -96,10 +98,18 @@ class ApplicationController < ActionController::Base
|
||||||
respond_with_error(406)
|
respond_with_error(406)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def bad_request
|
||||||
|
respond_with_error(400)
|
||||||
|
end
|
||||||
|
|
||||||
def internal_server_error
|
def internal_server_error
|
||||||
respond_with_error(500)
|
respond_with_error(500)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def service_unavailable
|
||||||
|
respond_with_error(503)
|
||||||
|
end
|
||||||
|
|
||||||
def single_user_mode?
|
def single_user_mode?
|
||||||
@single_user_mode ||= Rails.configuration.x.single_user_mode && Account.where('id > 0').exists?
|
@single_user_mode ||= Rails.configuration.x.single_user_mode && Account.where('id > 0').exists?
|
||||||
end
|
end
|
||||||
|
|
5
app/views/errors/400.html.haml
Normal file
5
app/views/errors/400.html.haml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
- content_for :page_title do
|
||||||
|
= t('errors.400')
|
||||||
|
|
||||||
|
- content_for :content do
|
||||||
|
= t('errors.400')
|
5
app/views/errors/406.html.haml
Normal file
5
app/views/errors/406.html.haml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
- content_for :page_title do
|
||||||
|
= t('errors.406')
|
||||||
|
|
||||||
|
- content_for :content do
|
||||||
|
= t('errors.406')
|
5
app/views/errors/503.html.haml
Normal file
5
app/views/errors/503.html.haml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
- content_for :page_title do
|
||||||
|
= t('errors.503')
|
||||||
|
|
||||||
|
- content_for :content do
|
||||||
|
= t('errors.503')
|
|
@ -652,8 +652,10 @@ en:
|
||||||
domain_validator:
|
domain_validator:
|
||||||
invalid_domain: is not a valid domain name
|
invalid_domain: is not a valid domain name
|
||||||
errors:
|
errors:
|
||||||
|
'400': The request you submitted was invalid or malformed.
|
||||||
'403': You don't have permission to view this page.
|
'403': You don't have permission to view this page.
|
||||||
'404': The page you are looking for isn't here.
|
'404': The page you are looking for isn't here.
|
||||||
|
'406': This page is not available in the requested format.
|
||||||
'410': The page you were looking for doesn't exist here anymore.
|
'410': The page you were looking for doesn't exist here anymore.
|
||||||
'422':
|
'422':
|
||||||
content: Security verification failed. Are you blocking cookies?
|
content: Security verification failed. Are you blocking cookies?
|
||||||
|
@ -662,6 +664,7 @@ en:
|
||||||
'500':
|
'500':
|
||||||
content: We're sorry, but something went wrong on our end.
|
content: We're sorry, but something went wrong on our end.
|
||||||
title: This page is not correct
|
title: This page is not correct
|
||||||
|
'503': The page could not be served due to a temporary server failure.
|
||||||
noscript_html: To use the Mastodon web application, please enable JavaScript. Alternatively, try one of the <a href="%{apps_path}">native apps</a> for Mastodon for your platform.
|
noscript_html: To use the Mastodon web application, please enable JavaScript. Alternatively, try one of the <a href="%{apps_path}">native apps</a> for Mastodon for your platform.
|
||||||
existing_username_validator:
|
existing_username_validator:
|
||||||
not_found: could not find a local user with that username
|
not_found: could not find a local user with that username
|
||||||
|
|
|
@ -50,7 +50,8 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
|
||||||
|
|
||||||
describe 'when form_two_factor_confirmation parameter is not provided' do
|
describe 'when form_two_factor_confirmation parameter is not provided' do
|
||||||
it 'raises ActionController::ParameterMissing' do
|
it 'raises ActionController::ParameterMissing' do
|
||||||
expect { post :create, params: {} }.to raise_error(ActionController::ParameterMissing)
|
post :create, params: {}
|
||||||
|
expect(response).to have_http_status(400)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -112,7 +112,8 @@ describe Settings::TwoFactorAuthenticationsController do
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'raises ActionController::ParameterMissing if code is missing' do
|
it 'raises ActionController::ParameterMissing if code is missing' do
|
||||||
expect { post :destroy }.to raise_error(ActionController::ParameterMissing)
|
post :destroy
|
||||||
|
expect(response).to have_http_status(400)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue