Skip to content

Commit

Permalink
Merge pull request #501 from sul-dlss/workflow-testing
Browse files Browse the repository at this point in the history 
HTML Escape text in error message sent to workflow
  • Loading branch information
@ndushay
ndushay committed Jan 25, 2018
2 parents 3932b4a + 80d620a commit 786ef31
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 6 deletions.
2 changes: 1 addition & 1 deletion app/services/workflow_errors_reporter.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ def self.update_workflow(druid, process_name, error_message)
private_class_method def self.request_params(request, druid, process_name, error_message)
request.headers['content-type'] = "application/xml"
request.url "/workflow/dor/objects/druid:#{druid}/workflows/preservationAuditWF/#{process_name}"
request.body = "<process name='#{process_name}' status='error' errorMessage='#{error_message}'/>"
request.body = "<process name='#{process_name}' status='error' errorMessage='#{CGI.escapeHTML(error_message)}'/>"
end

private_class_method def self.conn
Expand Down
23 changes: 18 additions & 5 deletions spec/services/workflow_errors_reporter_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,8 @@
'https://sul-lyberservices-test.stanford.edu/workflow/dor/objects/druid:jj925bx9565/workflows/preservationAuditWF/moab-valid'
end
let(:headers) { { 'Content-Type' => 'application/xml' } }
let(:result) do
{ 13 => "Invalid moab, validation error...ential version directories." }
end
let(:body) { "<process name='moab-valid' status='error' errorMessage='{13=>\"Invalid moab, validation error...ential version directories.\"}'/>" }
let(:result) { "Invalid moab, validation error...ential version directories." }
let(:body) { "<process name='moab-valid' status='error' errorMessage='#{result}'/>" }
let(:druid) { 'jj925bx9565' }

context '.update_workflow' do
Expand All @@ -28,7 +26,7 @@
.with(body: body,
headers: headers)
.to_return(status: 400, body: "", headers: {})
expect(Rails.logger).to receive(:warn).with("#{druid} - unable to update workflow for preservationAuditWF moab-valid #<Faraday::ClientError response={:status=>400, :headers=>{}, :body=>\"\"}>. Error message: #{result}")
expect(Rails.logger).to receive(:warn).with("#{druid} - unable to update workflow for preservationAuditWF moab-valid #<Faraday::ClientError response={:status=>400, :headers=>{}, :body=>\"\"}>. Error message: Invalid moab, validation error...ential version directories.")
described_class.update_workflow(druid, 'moab-valid', result)
end

Expand All @@ -53,4 +51,19 @@
expect(headers_hash).to eq("content-type" => "application/xml")
end
end

context '.request_params' do
it 'escapes special characters in error message' do
process_name = 'moab-valid'
error_msg = "Invalid moab, validation errors: [\"Version directory name not in 'v00xx' format: original-v1\"]"
mock_request = instance_double(Faraday::Request)
headers_hash = {}
expected_error_msg = CGI.escapeHTML(error_msg)
allow(mock_request).to receive(:headers).and_return(headers_hash)
allow(mock_request).to receive(:url)
expect(mock_request).to receive(:body=).with("<process name='#{process_name}' status='error' errorMessage='#{expected_error_msg}'/>")
described_class.send(:request_params, mock_request, druid, process_name, error_msg)
end
end

end

0 comments on commit 786ef31

Please sign in to comment.