IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: Add site setting to show more detailed 404 errors. (#8014)

Browse Source 
If the setting is turned on, then the user will receive information
about the subject: if it was deleted or requires some special access to
a group (only if the group is public). Otherwise, the user will receive
a generic #404 error message. For now, this change affects only the
topics and categories controller.

This commit also tries to refactor some of the code related to error
handling. To make error pages more consistent (design-wise), the actual
error page will be rendered server-side.
This commit is contained in:
Dan Ungureanu
2019-10-08 14:15:08 +03:00
committed by GitHub
parent d2bceff133
commit fdb1d3404c
23 changed files with 769 additions and 660 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
spec/requests/application_controller_spec.rb
View File

@@ -145,6 +145,12 @@ RSpec.describe ApplicationController do
topic = create_post.topic
Permalink.create!(url: topic.relative_url, topic_id: topic.id + 1)
topic.trash!
SiteSetting.detailed_404 = false
get topic.relative_url
expect(response.status).to eq(404)
SiteSetting.detailed_404 = true
get topic.relative_url
expect(response.status).to eq(410)
end
@@ -204,7 +210,7 @@ RSpec.describe ApplicationController do
response_body = response.body
expect(response_body).to include(I18n.t('page_not_found.search_button'))
expect(response_body).to have_tag("input", with: { value: 'nopenope' })
expect(response_body).to have_tag("input", with: { value: 'nope nope' })
end
it 'should not include Google search if login_required is enabled' do

303
spec/requests/topics_controller_spec.rb
View File

@@ -1229,12 +1229,13 @@ RSpec.describe TopicsController do
describe 'when topic is not allowed' do
it 'should return the right response' do
SiteSetting.detailed_404 = true
sign_in(user)
get "/t/#{private_topic.id}.json"
expect(response.status).to eq(403)
expect(response.body).to eq(I18n.t('invalid_access'))
expect(response.body).to include(I18n.t('invalid_access'))
end
end
@@ -1379,108 +1380,224 @@ RSpec.describe TopicsController do
end
end
context 'anonymous' do
expected = {
normal_topic: 200,
secure_topic: 403,
private_topic: 403,
deleted_topic: 410,
deleted_secure_topic: 403,
deleted_private_topic: 403,
nonexist: 404,
secure_accessible_topic: 403
}
include_examples "various scenarios", expected
end
context 'anonymous with login required' do
context 'without detailed error pages' do
before do
SiteSetting.login_required = true
end
expected = {
normal_topic: 302,
secure_topic: 302,
private_topic: 302,
deleted_topic: 302,
deleted_secure_topic: 302,
deleted_private_topic: 302,
nonexist: 302,
secure_accessible_topic: 302
}
include_examples "various scenarios", expected
end
context 'normal user' do
before do
sign_in(user)
SiteSetting.detailed_404 = false
end
expected = {
normal_topic: 200,
secure_topic: 403,
private_topic: 403,
deleted_topic: 410,
deleted_secure_topic: 403,
deleted_private_topic: 403,
nonexist: 404,
secure_accessible_topic: 200
}
include_examples "various scenarios", expected
end
context 'allowed user' do
before do
sign_in(allowed_user)
context 'anonymous' do
expected = {
normal_topic: 200,
secure_topic: 404,
private_topic: 404,
deleted_topic: 404,
deleted_secure_topic: 404,
deleted_private_topic: 404,
nonexist: 404,
secure_accessible_topic: 404
}
include_examples "various scenarios", expected
end
expected = {
normal_topic: 200,
secure_topic: 200,
private_topic: 200,
deleted_topic: 410,
deleted_secure_topic: 410,
deleted_private_topic: 410,
nonexist: 404,
secure_accessible_topic: 200
}
include_examples "various scenarios", expected
end
context 'moderator' do
before do
sign_in(moderator)
context 'anonymous with login required' do
before do
SiteSetting.login_required = true
end
expected = {
normal_topic: 302,
secure_topic: 302,
private_topic: 302,
deleted_topic: 302,
deleted_secure_topic: 302,
deleted_private_topic: 302,
nonexist: 302,
secure_accessible_topic: 302
}
include_examples "various scenarios", expected
end
expected = {
normal_topic: 200,
secure_topic: 403,
private_topic: 403,
deleted_topic: 200,
deleted_secure_topic: 403,
deleted_private_topic: 403,
nonexist: 404,
secure_accessible_topic: 200
}
include_examples "various scenarios", expected
end
context 'normal user' do
before do
sign_in(user)
end
context 'admin' do
before do
sign_in(admin)
expected = {
normal_topic: 200,
secure_topic: 404,
private_topic: 404,
deleted_topic: 404,
deleted_secure_topic: 404,
deleted_private_topic: 404,
nonexist: 404,
secure_accessible_topic: 404
}
include_examples "various scenarios", expected
end
expected = {
normal_topic: 200,
secure_topic: 200,
private_topic: 200,
deleted_topic: 200,
deleted_secure_topic: 200,
deleted_private_topic: 200,
nonexist: 404,
secure_accessible_topic: 200
}
include_examples "various scenarios", expected
context 'allowed user' do
before do
sign_in(allowed_user)
end
expected = {
normal_topic: 200,
secure_topic: 200,
private_topic: 200,
deleted_topic: 404,
deleted_secure_topic: 404,
deleted_private_topic: 404,
nonexist: 404,
secure_accessible_topic: 404
}
include_examples "various scenarios", expected
end
context 'moderator' do
before do
sign_in(moderator)
end
expected = {
normal_topic: 200,
secure_topic: 404,
private_topic: 404,
deleted_topic: 200,
deleted_secure_topic: 404,
deleted_private_topic: 404,
nonexist: 404,
secure_accessible_topic: 404
}
include_examples "various scenarios", expected
end
context 'admin' do
before do
sign_in(admin)
end
expected = {
normal_topic: 200,
secure_topic: 200,
private_topic: 200,
deleted_topic: 200,
deleted_secure_topic: 200,
deleted_private_topic: 200,
nonexist: 404,
secure_accessible_topic: 200
}
include_examples "various scenarios", expected
end
end
context 'with detailed error pages' do
before do
SiteSetting.detailed_404 = true
end
context 'anonymous' do
expected = {
normal_topic: 200,
secure_topic: 403,
private_topic: 403,
deleted_topic: 410,
deleted_secure_topic: 403,
deleted_private_topic: 403,
nonexist: 404,
secure_accessible_topic: 403
}
include_examples "various scenarios", expected
end
context 'anonymous with login required' do
before do
SiteSetting.login_required = true
end
expected = {
normal_topic: 302,
secure_topic: 302,
private_topic: 302,
deleted_topic: 302,
deleted_secure_topic: 302,
deleted_private_topic: 302,
nonexist: 302,
secure_accessible_topic: 302
}
include_examples "various scenarios", expected
end
context 'normal user' do
before do
sign_in(user)
end
expected = {
normal_topic: 200,
secure_topic: 403,
private_topic: 403,
deleted_topic: 410,
deleted_secure_topic: 403,
deleted_private_topic: 403,
nonexist: 404,
secure_accessible_topic: 403
}
include_examples "various scenarios", expected
end
context 'allowed user' do
before do
sign_in(allowed_user)
end
expected = {
normal_topic: 200,
secure_topic: 200,
private_topic: 200,
deleted_topic: 410,
deleted_secure_topic: 410,
deleted_private_topic: 410,
nonexist: 404,
secure_accessible_topic: 403
}
include_examples "various scenarios", expected
end
context 'moderator' do
before do
sign_in(moderator)
end
expected = {
normal_topic: 200,
secure_topic: 403,
private_topic: 403,
deleted_topic: 200,
deleted_secure_topic: 403,
deleted_private_topic: 403,
nonexist: 404,
secure_accessible_topic: 403
}
include_examples "various scenarios", expected
end
context 'admin' do
before do
sign_in(admin)
end
expected = {
normal_topic: 200,
secure_topic: 200,
private_topic: 200,
deleted_topic: 200,
deleted_secure_topic: 200,
deleted_private_topic: 200,
nonexist: 404,
secure_accessible_topic: 200
}
include_examples "various scenarios", expected
end
end
end
it 'records a view' do
@@ -1637,7 +1754,7 @@ RSpec.describe TopicsController do
[:json, :html].each do |format|
get "/t/#{topic.slug}/#{topic.id}.#{format}", params: { api_key: "bad" }
expect(response.code.to_i).to be(403)
expect(response.code.to_i).to eq(403)
expect(response.body).to include(I18n.t("invalid_access"))
end
end