Skip to content

Commit

Permalink
[stable9.1] Merge pull request #707 from owncloud/master-error-messages
Browse files Browse the repository at this point in the history 
[nc] Do not display technical error messages
  • Loading branch information
@DeepDiver1975
Vincent Petry authored and DeepDiver1975 committed Oct 24, 2016
1 parent eaba090 commit b3b3772
Show file tree
Hide file tree
Showing 9 changed files with 63 additions and 21 deletions.
2 changes: 1 addition & 1 deletion controller/configapicontroller.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ public function get($extramediatypes = false) {
try { try {
return $this->getConfig($extramediatypes); return $this->getConfig($extramediatypes);
} catch (\Exception $exception) { } catch (\Exception $exception) {
return $this->jsonError($exception); return $this->jsonError($exception, $this->request, $this->logger);
} }
} }


Expand Down
2 changes: 1 addition & 1 deletion controller/configcontroller.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ public function get($extramediatypes = false) {
try { try {
return $this->getConfig($extramediatypes); return $this->getConfig($extramediatypes);
} catch (\Exception $exception) { } catch (\Exception $exception) {
return $this->jsonError($exception); return $this->jsonError($exception, $this->request, $this->logger);
} }
} }


Expand Down
2 changes: 1 addition & 1 deletion controller/filesapicontroller.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ public function getList($location, $features, $etag, $mediatypes) {
try { try {
return $this->getFilesAndAlbums($location, $featuresArray, $etag, $mediaTypesArray); return $this->getFilesAndAlbums($location, $featuresArray, $etag, $mediaTypesArray);
} catch (\Exception $exception) { } catch (\Exception $exception) {
return $this->jsonError($exception); return $this->jsonError($exception, $this->request, $this->logger);
} }
} }


Expand Down
2 changes: 1 addition & 1 deletion controller/filescontroller.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ public function getList($location, $features, $etag, $mediatypes) {
try { try {
return $this->getFilesAndAlbums($location, $featuresArray, $etag, $mediaTypesArray); return $this->getFilesAndAlbums($location, $featuresArray, $etag, $mediaTypesArray);
} catch (\Exception $exception) { } catch (\Exception $exception) {
return $this->jsonError($exception); return $this->jsonError($exception, $this->request, $this->logger);
} }
} }


Expand Down
22 changes: 18 additions & 4 deletions controller/httperror.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@


use Exception; use Exception;


use OCP\ILogger;
use OCP\IRequest;
use OCP\IURLGenerator; use OCP\IURLGenerator;


use OCP\AppFramework\Http; use OCP\AppFramework\Http;
Expand All @@ -36,17 +38,29 @@ trait HttpError {


/** /**
* @param \Exception $exception * @param \Exception $exception
* @param IRequest $request
* @param ILogger $logger
* *
* @return JSONResponse * @return JSONResponse
*/ */
public function jsonError(Exception $exception) { public function jsonError(Exception $exception,
$message = $exception->getMessage(); IRequest $request,
ILogger $logger) {
$code = $this->getHttpStatusCode($exception); $code = $this->getHttpStatusCode($exception);


// If the exception is not of type ForbiddenServiceException only show a
// generic error message to avoid leaking information.
if(!($exception instanceof ForbiddenServiceException)) {
$logger->logException($exception, ['app' => 'gallery']);
$message = sprintf('An error occurred. Request ID: %s', $request->getId());
} else {
$message = $exception->getMessage() . ' (' . $code . ')';
}

return new JSONResponse( return new JSONResponse(
[ [
'message' => $message . ' (' . $code . ')', 'message' => $message,
'success' => false 'success' => false,
], ],
$code $code
); );
Expand Down
2 changes: 1 addition & 1 deletion js/galleryview.js
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -201,7 +201,7 @@
if (!_.isUndefined(errorMessage) && errorMessage !== null) { if (!_.isUndefined(errorMessage) && errorMessage !== null) {
message += '<h2>' + t('gallery', message += '<h2>' + t('gallery',
'Album cannot be shown') + '</h2>'; 'Album cannot be shown') + '</h2>';
message += '<p>' + errorMessage + '</p>'; message += '<p>' + escapeHTML(errorMessage) + '</p>';
uploadAllowed = false; uploadAllowed = false;
} else { } else {
message += '<h2>' + t('gallery', message += '<h2>' + t('gallery',
Expand Down
8 changes: 5 additions & 3 deletions tests/unit/controller/ConfigControllerTest.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -170,10 +170,12 @@ public function testGetConfigWithBrokenSystem() {
$this->configService->expects($this->any()) $this->configService->expects($this->any())
->method('getFeaturesList') ->method('getFeaturesList')
->willThrowException(new ServiceException($exceptionMessage)); ->willThrowException(new ServiceException($exceptionMessage));
// Default status code when something breaks $this->request
$status = Http::STATUS_INTERNAL_SERVER_ERROR; ->expects($this->once())
->method('getId')
->willReturn('1234');
$errorMessage = [ $errorMessage = [
'message' => $exceptionMessage . ' (' . $status . ')', 'message' => 'An error occurred. Request ID: 1234',
'success' => false 'success' => false
]; ];
/** @type JSONResponse $response */ /** @type JSONResponse $response */
Expand Down
6 changes: 5 additions & 1 deletion tests/unit/controller/FilesControllerTest.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -262,8 +262,12 @@ public function testGetFilesWithBrokenSetup() {
->willThrowException(new ServiceException($exceptionMessage)); ->willThrowException(new ServiceException($exceptionMessage));
// Default status code when something breaks // Default status code when something breaks
$status = Http::STATUS_INTERNAL_SERVER_ERROR; $status = Http::STATUS_INTERNAL_SERVER_ERROR;
$this->request
->expects($this->once())
->method('getId')
->willReturn('1234');
$errorMessage = [ $errorMessage = [
'message' => $exceptionMessage . ' (' . $status . ')', 'message' => 'An error occurred. Request ID: 1234',
'success' => false 'success' => false
]; ];
/** @type JSONResponse $response */ /** @type JSONResponse $response */
Expand Down
38 changes: 30 additions & 8 deletions tests/unit/controller/HttpErrorTest.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@
use OCA\Gallery\Service\NotFoundServiceException; use OCA\Gallery\Service\NotFoundServiceException;
use OCA\Gallery\Service\ForbiddenServiceException; use OCA\Gallery\Service\ForbiddenServiceException;
use OCA\Gallery\Service\InternalServerErrorServiceException; use OCA\Gallery\Service\InternalServerErrorServiceException;
use OCP\ILogger;
use OCP\IRequest;


/** /**
* Class HttpErrorTest * Class HttpErrorTest
Expand All @@ -35,23 +37,23 @@ class HttpErrorTest extends \Test\TestCase {
* @return array * @return array
*/ */
public function providesExceptionData() { public function providesExceptionData() {
$notFoundEnvMessage = 'Not found in env'; $notFoundEnvMessage = 'An error occurred. Request ID: 1234';
$notFoundEnvException = new NotFoundEnvException($notFoundEnvMessage); $notFoundEnvException = new NotFoundEnvException($notFoundEnvMessage);
$notFoundEnvStatus = Http::STATUS_NOT_FOUND; $notFoundEnvStatus = Http::STATUS_NOT_FOUND;


$notFoundServiceMessage = 'Not found in service'; $notFoundServiceMessage = 'An error occurred. Request ID: 1234';
$notFoundServiceException = new NotFoundServiceException($notFoundServiceMessage); $notFoundServiceException = new NotFoundServiceException($notFoundServiceMessage);
$notFoundServiceStatus = Http::STATUS_NOT_FOUND; $notFoundServiceStatus = Http::STATUS_NOT_FOUND;


$forbiddenServiceMessage = 'Forbidden in service'; $forbiddenServiceMessage = 'Forbidden in service';
$forbiddenServiceException = new ForbiddenServiceException($forbiddenServiceMessage); $forbiddenServiceException = new ForbiddenServiceException($forbiddenServiceMessage);
$forbiddenServiceStatus = Http::STATUS_FORBIDDEN; $forbiddenServiceStatus = Http::STATUS_FORBIDDEN;


$errorServiceMessage = 'Broken service'; $errorServiceMessage = 'An error occurred. Request ID: 1234';
$errorServiceException = new InternalServerErrorServiceException($errorServiceMessage); $errorServiceException = new InternalServerErrorServiceException($errorServiceMessage);
$errorServiceStatus = Http::STATUS_INTERNAL_SERVER_ERROR; $errorServiceStatus = Http::STATUS_INTERNAL_SERVER_ERROR;


$coreServiceMessage = 'Broken core'; $coreServiceMessage = 'An error occurred. Request ID: 1234';
$coreServiceException = new \Exception($coreServiceMessage); $coreServiceException = new \Exception($coreServiceMessage);
$coreServiceStatus = Http::STATUS_INTERNAL_SERVER_ERROR; $coreServiceStatus = Http::STATUS_INTERNAL_SERVER_ERROR;


Expand All @@ -72,12 +74,32 @@ public function providesExceptionData() {
* @param String $status * @param String $status
*/ */
public function testJsonError($exception, $message, $status) { public function testJsonError($exception, $message, $status) {
$httpError = $this->getMockForTrait('\OCA\Gallery\Controller\HttpError'); $request = $this->createMock(IRequest::class);
$logger = $this->createMock(ILogger::class);

if($exception instanceof ForbiddenServiceException) {
$amount = 0;
$message = $message . ' (' . $status . ')';
} else {
$amount = 1;
}

$logger
->expects($this->exactly($amount))
->method('logException')
->with($exception, ['app' => 'gallery']);
$request
->expects($this->exactly($amount))
->method('getId')
->willReturn('1234');

/** @var HttpError $httpError */
$httpError = $this->getMockForTrait(HttpError::class);
/** @type JSONResponse $response */ /** @type JSONResponse $response */
$response = $httpError->jsonError($exception); $response = $httpError->jsonError($exception, $request, $logger);


$this->assertEquals( $this->assertSame(
['message' => $message . ' (' . $status . ')', 'success' => false], $response->getData() ['message' => $message, 'success' => false], $response->getData()
); );
$this->assertEquals($status, $response->getStatus()); $this->assertEquals($status, $response->getStatus());
} }
Expand Down

0 comments on commit b3b3772

Please sign in to comment.