From 422346c79941657f8c39151eb5bb2bf7ac6b5a64 Mon Sep 17 00:00:00 2001 From: Andy Waite Date: Mon, 31 Oct 2022 14:37:49 -0400 Subject: [PATCH] Detect controller concern clash --- CHANGELOG.md | 1 + .../concerns/shopify_app/require_known_shop.rb | 5 +++++ lib/shopify_app/controller_concerns/login_protection.rb | 5 +++++ test/controllers/concerns/require_known_shop_test.rb | 9 +++++++++ test/dummy/app/controllers/application_controller.rb | 1 - test/dummy/app/controllers/home_controller.rb | 2 ++ .../controller_concerns/login_protection_test.rb | 9 +++++++++ 7 files changed, 31 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c67897461..8e373e982 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ Unreleased ---------- +* Detect the use of incompatible controller concerns [#1560](https://github.com/Shopify/shopify_app/pull/1560) 21.2.0 (Oct 25, 2022) ---------- diff --git a/app/controllers/concerns/shopify_app/require_known_shop.rb b/app/controllers/concerns/shopify_app/require_known_shop.rb index b5268cc93..5d7c5bfc7 100644 --- a/app/controllers/concerns/shopify_app/require_known_shop.rb +++ b/app/controllers/concerns/shopify_app/require_known_shop.rb @@ -6,6 +6,11 @@ module RequireKnownShop include ShopifyApp::RedirectForEmbedded included do + if ancestors.include?(ShopifyApp::LoginProtection) + raise ConfigurationError, + "You are attempting to use both RequireKnownShop and LoginProtection. Please choose one." + end + before_action :check_shop_domain before_action :check_shop_known end diff --git a/lib/shopify_app/controller_concerns/login_protection.rb b/lib/shopify_app/controller_concerns/login_protection.rb index 08c11aef4..a915cc083 100644 --- a/lib/shopify_app/controller_concerns/login_protection.rb +++ b/lib/shopify_app/controller_concerns/login_protection.rb @@ -9,6 +9,11 @@ module LoginProtection include ShopifyApp::SanitizedParams included do + if ancestors.include?(ShopifyApp::RequireKnownShop) + raise ConfigurationError, + "You are attempting to use both RequireKnownShop and LoginProtection. Please choose one." + end + after_action :set_test_cookie rescue_from ShopifyAPI::Errors::HttpResponseError, with: :handle_http_error end diff --git a/test/controllers/concerns/require_known_shop_test.rb b/test/controllers/concerns/require_known_shop_test.rb index 9347c4fdc..d9f2e0ca0 100644 --- a/test/controllers/concerns/require_known_shop_test.rb +++ b/test/controllers/concerns/require_known_shop_test.rb @@ -60,4 +60,13 @@ def index assert_response :ok end + + test "detects incompatible controller concerns" do + assert_raises ShopifyApp::ConfigurationError do + Class.new(ApplicationController) do + include ShopifyApp::RequireKnownShop + include ShopifyApp::LoginProtection + end + end + end end diff --git a/test/dummy/app/controllers/application_controller.rb b/test/dummy/app/controllers/application_controller.rb index 921861742..7944f9f99 100644 --- a/test/dummy/app/controllers/application_controller.rb +++ b/test/dummy/app/controllers/application_controller.rb @@ -1,5 +1,4 @@ # frozen_string_literal: true class ApplicationController < ActionController::Base - include ShopifyApp::LoginProtection end diff --git a/test/dummy/app/controllers/home_controller.rb b/test/dummy/app/controllers/home_controller.rb index c92198787..7912ce1dd 100644 --- a/test/dummy/app/controllers/home_controller.rb +++ b/test/dummy/app/controllers/home_controller.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class HomeController < ApplicationController + include ShopifyApp::LoginProtection + def index "index" end diff --git a/test/shopify_app/controller_concerns/login_protection_test.rb b/test/shopify_app/controller_concerns/login_protection_test.rb index 186b94faa..167eee06b 100644 --- a/test/shopify_app/controller_concerns/login_protection_test.rb +++ b/test/shopify_app/controller_concerns/login_protection_test.rb @@ -470,6 +470,15 @@ class LoginProtectionControllerTest < ActionController::TestCase end end + test "detects incompatible controller concerns" do + assert_raises ShopifyApp::ConfigurationError do + Class.new(ApplicationController) do + include ShopifyApp::LoginProtection + include ShopifyApp::RequireKnownShop + end + end + end + private def assert_fullpage_redirected(shop_domain, _response)