From f1aa0042842cf2f3898b8fe637f62a9c381986e8 Mon Sep 17 00:00:00 2001 From: Sebastian Serth Date: Wed, 14 Sep 2022 01:01:14 +0200 Subject: [PATCH] Use controller method for 404 responses --- app/controllers/application_controller.rb | 10 +++++++++ config/locales/de.yml | 3 ++- config/locales/en.yml | 1 + .../application_controller_spec.rb | 21 +++++++++++++++++++ 4 files changed, 34 insertions(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index a08e780a..4874d845 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base before_action :set_sentry_context, :load_embed_options protect_from_forgery(with: :exception, prepend: true) rescue_from Pundit::NotAuthorizedError, with: :render_not_authorized + rescue_from ActiveRecord::RecordNotFound, with: :render_not_found rescue_from ActionController::InvalidAuthenticityToken, with: :render_csrf_error def current_user @@ -68,6 +69,15 @@ class ApplicationController < ActionController::Base end private :render_not_authorized + def render_not_found + if current_user&.admin? + render_error t('application.not_found'), :not_found + else + render_not_authorized + end + end + private :render_not_authorized + def render_error(message, status) set_sentry_context respond_to do |format| diff --git a/config/locales/de.yml b/config/locales/de.yml index 426343b9..1743d35e 100644 --- a/config/locales/de.yml +++ b/config/locales/de.yml @@ -248,7 +248,8 @@ de: idleRunners: Freie Runner usedRunners: Reservierte Runner application: - not_authorized: Sie Sind nicht berechtigt, diese Aktion auszuführen. + not_authorized: Sie sind nicht berechtigt, diese Aktion auszuführen. + not_found: Die angeforderte Ressource konnte nicht gefunden werden. welcome: text_signed_in_as_external_user: 'Bitte rufen Sie %{application_name} von einer E-Learning-Plattform auf.' text_signed_in_as_internal_user: 'Schön, Sie zu sehen, %{user_name}!' diff --git a/config/locales/en.yml b/config/locales/en.yml index 3c0d52e2..7d4ba314 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -249,6 +249,7 @@ en: usedRunners: Reserved Runners application: not_authorized: You are not authorized to perform this action. + not_found: The requested resource could not be found. welcome: text_signed_in_as_external_user: 'Please access %{application_name} from an e-learning platform.' text_signed_in_as_internal_user: 'Good to see you, %{user_name}!' diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb index 26332f6b..1ef03f42 100644 --- a/spec/controllers/application_controller_spec.rb +++ b/spec/controllers/application_controller_spec.rb @@ -35,6 +35,27 @@ describe ApplicationController do expect_redirect(:root) end + describe '#render_not_found' do + before do + allow(controller).to receive(:welcome) { controller.send(:render_not_found) } + login_user(user) if defined?(user) + get :welcome + end + + expect_flash_message(:alert, I18n.t('application.not_authorized')) + expect_redirect(:root) + + context 'with an admin' do + let(:user) { create(:admin) } + expect_flash_message(:alert, I18n.t('application.not_found')) + end + + context 'with a teacher' do + let(:user) { create(:teacher) } + expect_flash_message(:alert, I18n.t('application.not_authorized')) + end + end + describe '#switch_locale' do let(:locale) { :de }