diff --git a/app/Http/Controllers/GroupController.php b/app/Http/Controllers/GroupController.php index 08ccc12dea..a13666cd0d 100644 --- a/app/Http/Controllers/GroupController.php +++ b/app/Http/Controllers/GroupController.php @@ -876,6 +876,10 @@ public static function stats($id, $format = 'row') $emissionRatio = $footprintRatioCalculator->calculateRatio(); $group = Group::where('idgroups', $id)->first(); + if (!$group) { + return abort(404, 'Invalid group id'); + } + $groupStats = $group->getGroupStats($emissionRatio); $groupStats['format'] = $format; diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php index d11b6458fd..07e1907766 100644 --- a/app/Http/Controllers/UserController.php +++ b/app/Http/Controllers/UserController.php @@ -1190,9 +1190,13 @@ public function getUserMenus(Request $request) { $user = User::where('mediawiki', $request->input('wiki_username'))->first(); + if (!$user) { + abort('404', 'Wiki user not found'); + } + $menus = []; - if ($user->hasRole('Administrator') || $user->hasPermission('verify-translation-access') || $user->hasRole('NetworkCoordinator')) { + if (($user->hasRole('Administrator') || $user->hasPermission('verify-translation-access') || $user->hasRole('NetworkCoordinator'))) { $items = []; if ($user->hasRole('Administrator')) { diff --git a/routes/web.php b/routes/web.php index 727d921735..d038922253 100644 --- a/routes/web.php +++ b/routes/web.php @@ -395,8 +395,6 @@ Route::get('/set-lang/{locale}', 'LocaleController@setLang'); -Route::get('/set-lang/{locale}', 'LocaleController@setLang'); - Route::post('/set-cookie', 'InformationAlertCookieController'); Route::get('/test/check-auth', function () { diff --git a/tests/Feature/GroupStatsTest.php b/tests/Feature/GroupStatsTest.php index 7c7967051f..c008b6ce26 100644 --- a/tests/Feature/GroupStatsTest.php +++ b/tests/Feature/GroupStatsTest.php @@ -6,6 +6,8 @@ use App\Party; use Carbon\Carbon; use DB; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; +use Tests\TestCase; use Illuminate\Foundation\Testing\RefreshDatabase; use Tests\TestCase; @@ -65,4 +67,10 @@ public function a_group_with_one_past_event_has_stats_for_that_event() ]; $this->assertEquals($expectedStats, $group->getGroupStats(0.5)); } + + /** @test */ + public function stats_for_invalid_group() { + $this->expectException(NotFoundHttpException::class); + $response = $this->get("/group/stats/37/mini"); + } } diff --git a/tests/Feature/Users/EditLanguageSettingsTest.php b/tests/Feature/Users/EditLanguageSettingsTest.php index c6772e34e4..46cfc39a32 100644 --- a/tests/Feature/Users/EditLanguageSettingsTest.php +++ b/tests/Feature/Users/EditLanguageSettingsTest.php @@ -46,4 +46,20 @@ public function user_language_update_triggers_language_sync() // assert Event::assertDispatched(UserLanguageUpdated::class); } + + /** @test */ + // Added these to try (and fail) to reproduce a Sentry error. + public function user_sets_language() { + $this->loginAsTestUser(); + + $this->followingRedirects(); + $response = $this->from('/')->get('/set-lang/en'); + $response->assertSuccessful(); + $this->assertEquals('en', session('locale')); + + $this->followingRedirects(); + $response = $this->from('/')->get('/set-lang/zz'); + $response->assertSuccessful(); + $this->assertEquals('zz', session('locale')); + } } diff --git a/tests/Feature/Users/MenusTest.php b/tests/Feature/Users/MenusTest.php index 2ef4569b2b..9bebf332fe 100644 --- a/tests/Feature/Users/MenusTest.php +++ b/tests/Feature/Users/MenusTest.php @@ -5,10 +5,10 @@ use App\Events\UserUpdated; use App\User; use Carbon\Carbon; -use DB; -use Illuminate\Foundation\Testing\RefreshDatabase; -use Illuminate\Support\Facades\Event; +use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; use Tests\TestCase; +use Illuminate\Support\Facades\Event; +use Illuminate\Foundation\Testing\RefreshDatabase; class MenusTest extends TestCase { @@ -59,4 +59,9 @@ public function testSections($role, $present) $this->assertEquals($present, array_keys($menus)); } + + public function testLoggedOut() { + $this->expectException(NotFoundHttpException::class); + $this->get('/user/menus'); + } }