New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug #3920: Prevent 500 ScopedSearch errors on the API #1126
Conversation
I'm seeing: Started GET "/users?utf8=%E2%9C%93&search=arg+%3D+ghw" for 127.0.0.1 at 2014-01-15 12:39:27 +0000 NoMethodError (undefined method when I enter "arg = ghw" in search textbox on the Users screen. Shouldn't be the default value of the "options" method parameter in ApplicationController#search_error_handler an empty hash instead of a nil? I'll check other places too. |
Right, I'm not sure why I left |
common_parameters, audits, config_templates, ptables, media, architectures, subnets, and roles controllers have the same issue as above. |
nm, looks like your last commit fixed the issue... :) |
It seemed to be fine except for 1.9.3 and sqlite3, which had an error I don't understand [test] so we can see if its good to merge or not. |
@elobato try a rebase, it was a patch application error |
|
||
instance_variable_set('@keys_counter', Puppetclass.joins(:class_params).select('distinct environment_classes.lookup_key_id').group(:name).count) if options[:template_vars].include?('keys_counter') | ||
end | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is good, but I wonder if the code setting instance variables would be better placed in corresponding controllers (mostly a readability issue).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nm, I see those are used in a quite a few controllers.
The duplication between the index method and the around_filter worries me a bit, I worry that we might accidentally let these two implementations drift (particularly as there are security consequences with Can we just use a |
Done, Thanks for the tip, I was really overcomplicating things here. |
render_error 'standard_error', :status => 500, :locals => { :exception => error } | ||
} | ||
|
||
<<<<<<< HEAD |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Drop this .orig file?
Fixed, I guess I was a tad asleep 👅 |
Thanks! As discussed on IRC, I think we can now switch to rescue_from too, and drop the around_filters. |
Views that use counters from the search filter Filter to fix 500 errors with ScopedSearch This filter is applied on every controller, around the index action. It's functionality is basically to avoid 500 errors caused by broken ScopedSearch queries, for instance "wrongfield = dlkas". Filter around index to avoid 500 on scopedsearch Search test for around_filter on index Typo on scoped search error handler Use Hostgroup.my_groups when User is admin Simpler implementation of search error handler Fix tests to test redirect_to back Remove unnecessary scoped_search error UI handler
https://github.com/theforeman/foreman/blob/develop/app/controllers/application_controller.rb#L6 basically does it, I'm not sure what happened but the last rebase I did made it work properly (I get the error messages fixed). I tried 1.3-stable (which contains this |
This PR applies a filter on every controller, around the index action.
It's functionality is basically to avoid 500 errors caused by broken
ScopedSearch queries, for instance "wrongfield = dlkas".
Tests just check that the appropriate template is rendered for the API, and in the UI case it checks the flash message and an appropriate redirection.
Without this PR, wrongly formed queries will result on 500 errors from the API and the UI side. Some of the controllers already implemented a fix for this, so this functionality was extracted and applied across all controllers.
Here's a list of the controllers where this is fixed (all of them except 2):
http://projects.theforeman.org/issues/3920