Use controller method for 404 responses

2022-09-14 01:01:14 +02:00
parent 006c794f54
commit f1aa004284
4 changed files with 34 additions and 1 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base
  before_action :set_sentry_context, :load_embed_options
  protect_from_forgery(with: :exception, prepend: true)
  rescue_from Pundit::NotAuthorizedError, with: :render_not_authorized
+  rescue_from ActiveRecord::RecordNotFound, with: :render_not_found
  rescue_from ActionController::InvalidAuthenticityToken, with: :render_csrf_error

  def current_user
@ -68,6 +69,15 @@ class ApplicationController < ActionController::Base
  end
  private :render_not_authorized

+  def render_not_found
+    if current_user&.admin?
+      render_error t('application.not_found'), :not_found
+    else
+      render_not_authorized
+    end
+  end
+  private :render_not_authorized
+
  def render_error(message, status)
    set_sentry_context
    respond_to do |format|
--- a/config/locales/de.yml
+++ b/config/locales/de.yml
@ -248,7 +248,8 @@ de:
        idleRunners: Freie Runner
        usedRunners: Reservierte Runner
  application:
-    not_authorized: Sie Sind nicht berechtigt, diese Aktion auszuführen.
+    not_authorized: Sie sind nicht berechtigt, diese Aktion auszuführen.
+    not_found: Die angeforderte Ressource konnte nicht gefunden werden.
    welcome:
      text_signed_in_as_external_user: 'Bitte rufen Sie %{application_name} von einer E-Learning-Plattform auf.'
      text_signed_in_as_internal_user: 'Schön, Sie zu sehen, %{user_name}!'
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -249,6 +249,7 @@ en:
        usedRunners: Reserved Runners
  application:
    not_authorized: You are not authorized to perform this action.
+    not_found: The requested resource could not be found.
    welcome:
      text_signed_in_as_external_user: 'Please access %{application_name} from an e-learning platform.'
      text_signed_in_as_internal_user: 'Good to see you, %{user_name}!'
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@ -35,6 +35,27 @@ describe ApplicationController do
    expect_redirect(:root)
  end

+  describe '#render_not_found' do
+    before do
+      allow(controller).to receive(:welcome) { controller.send(:render_not_found) }
+      login_user(user) if defined?(user)
+      get :welcome
+    end
+
+    expect_flash_message(:alert, I18n.t('application.not_authorized'))
+    expect_redirect(:root)
+
+    context 'with an admin' do
+      let(:user) { create(:admin) }
+      expect_flash_message(:alert, I18n.t('application.not_found'))
+    end
+
+    context 'with a teacher' do
+      let(:user) { create(:teacher) }
+      expect_flash_message(:alert, I18n.t('application.not_authorized'))
+    end
+  end
+
  describe '#switch_locale' do
    let(:locale) { :de }