trabajo-afectivo/app/controllers/application_controller/handles_errors.rb

# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/

module ApplicationController::HandlesErrors
  extend ActiveSupport::Concern

  included do
    rescue_from StandardError, with: :internal_server_error
    rescue_from ExecJS::RuntimeError, with: :internal_server_error
    rescue_from ActiveRecord::RecordNotFound, with: :not_found
    rescue_from ActiveRecord::StatementInvalid, with: :unprocessable_entity
    rescue_from ActiveRecord::RecordInvalid, with: :unprocessable_entity
    rescue_from ActiveRecord::DeleteRestrictionError, with: :unprocessable_entity
    rescue_from ArgumentError, with: :unprocessable_entity
    rescue_from Exceptions::UnprocessableEntity, with: :unprocessable_entity
    rescue_from Exceptions::NotAuthorized, with: :unauthorized
    rescue_from Exceptions::Forbidden, with: :forbidden
    rescue_from Pundit::NotAuthorizedError, with: :pundit_not_authorized_error
  end

  def not_found(e)
    logger.error e
    respond_to_exception(e, :not_found)
    http_log
  end

  def unprocessable_entity(e)
    logger.error e
    respond_to_exception(e, :unprocessable_entity)
    http_log
  end

  def internal_server_error(e)
    logger.error e
    respond_to_exception(e, :internal_server_error)
    http_log
  end

  def unauthorized(e)
    logger.info { e }
    error = humanize_error(e)
    response.headers['X-Failure'] = error.fetch(:error_human, error[:error])
    respond_to_exception(e, :unauthorized)
    http_log
  end

  def forbidden(e)
    logger.info { e }
    error = humanize_error(e)
    response.headers['X-Failure'] = error.fetch(:error_human, error[:error])
    respond_to_exception(e, :forbidden)
    http_log
  end

  def pundit_not_authorized_error(e)
    logger.info { e }
    # check if a special authorization_error should be shown in the result payload
    # which was raised in one of the policies. Fall back to a simple "Not authorized"
    # error to hide actual cause for security reasons.
    exeption = e.policy&.custom_exception || Exceptions::Forbidden.new('Not authorized')
    forbidden(exeption)
  end

  private

  def respond_to_exception(e, status)
    status_code = Rack::Utils.status_code(status)

    respond_to do |format|
      format.json { render json: humanize_error(e), status: status }
      format.any do
        errors = humanize_error(e)
        @exception = e
        @message = errors[:error_human] || errors[:error] || param[:message]
        @traceback = !Rails.env.production?
        file = File.open(Rails.root.join('public', "#{status_code}.html"), 'r')
        render inline: file.read, status: status # rubocop:disable Rails/RenderInline
      end
    end
  end

  def humanize_error(e)

    data = {
      error: e.message
    }

    if e.message =~ %r{Validation failed: (.+?)(,|$)}i
      data[:error_human] = $1
    elsif e.message.match?(%r{(already exists|duplicate key|duplicate entry)}i)
      data[:error_human] = 'Object already exists!'
    elsif e.message =~ %r{null value in column "(.+?)" violates not-null constraint}i || e.message =~ %r{Field '(.+?)' doesn't have a default value}i
      data[:error_human] = "Attribute '#{$1}' required!"
    elsif e.message == 'Exceptions::Forbidden'
      data[:error]       = 'Not authorized'
      data[:error_human] = data[:error]
    elsif e.message == 'Exceptions::NotAuthorized'
      data[:error]       = 'Authorization failed'
      data[:error_human] = data[:error]
    elsif [ActionController::RoutingError, ActiveRecord::RecordNotFound, Exceptions::UnprocessableEntity, Exceptions::NotAuthorized, Exceptions::Forbidden].include?(e.class)
      data[:error_human] = data[:error]
    end

    if data[:error_human].present?
      data[:error] = data[:error_human]
    elsif !current_user&.permissions?('admin')
      # We want to avoid leaking of internal information but also want the user
      # to give the administrator a reference to find the cause of the error.
      # Therefore we generate a one time unique error ID that can be used to
      # search the logs and find the actual error message.
      error_code_prefix = "Error ID #{SecureRandom.urlsafe_base64(6)}:"
      Rails.logger.error "#{error_code_prefix} #{data[:error]}"
      data[:error] = "#{error_code_prefix} Please contact your administrator."
    end

    data
  end
end
Maintenance: Update copyright information and add a new rubocop cop to watch over it. 2021-06-01 12:20:20 +00:00			`# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/`

Refactoring: Splitted ApplicationController functionality into separat modules and concerns. 2017-03-09 11:44:51 +00:00			`module ApplicationController::HandlesErrors`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`extend ActiveSupport::Concern`

			`included do`
			`rescue_from StandardError, with: :internal_server_error`
			`rescue_from ExecJS::RuntimeError, with: :internal_server_error`
			`rescue_from ActiveRecord::RecordNotFound, with: :not_found`
			`rescue_from ActiveRecord::StatementInvalid, with: :unprocessable_entity`
			`rescue_from ActiveRecord::RecordInvalid, with: :unprocessable_entity`
Knowledge Base Prep: Rescue DeleteRestrictionError with 422 Unprocessable Entity 2019-03-01 04:26:53 +00:00			`rescue_from ActiveRecord::DeleteRestrictionError, with: :unprocessable_entity`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`rescue_from ArgumentError, with: :unprocessable_entity`
			`rescue_from Exceptions::UnprocessableEntity, with: :unprocessable_entity`
			`rescue_from Exceptions::NotAuthorized, with: :unauthorized`
Fixes issue #2983 - HTTP 401 responses causing issues with Basic Authentication. 2021-02-04 08:28:41 +00:00			`rescue_from Exceptions::Forbidden, with: :forbidden`
Refactoring: Replaced home-rolled authorization logic in Controllers with Pundit. 2020-03-19 09:39:51 +00:00			`rescue_from Pundit::NotAuthorizedError, with: :pundit_not_authorized_error`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`end`

			`def not_found(e)`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`logger.error e`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`respond_to_exception(e, :not_found)`
Initial Check_MK integration. 2017-08-21 23:13:19 +00:00			`http_log`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`end`

			`def unprocessable_entity(e)`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`logger.error e`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`respond_to_exception(e, :unprocessable_entity)`
Initial Check_MK integration. 2017-08-21 23:13:19 +00:00			`http_log`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`end`

			`def internal_server_error(e)`
Initial version of LDAP user sync support. 2017-04-19 10:09:54 +00:00			`logger.error e`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`respond_to_exception(e, :internal_server_error)`
Initial Check_MK integration. 2017-08-21 23:13:19 +00:00			`http_log`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`end`

			`def unauthorized(e)`
Refactoring: Replaced home-rolled authorization logic in Controllers with Pundit. 2020-03-19 09:39:51 +00:00			`logger.info { e }`
Follow up - bca16dee1685797eec5836f129b7e096774c9e9c - Enhancement: Provide unique error code for technical errors to make it easy to find them in the logs. - Show all error messages if `current_user` has `admin` permission(s) right away. - Pass messages of `ActionController::RoutingError`, `ActiveRecord::RecordNotFound`, `Exceptions::UnprocessableEntity` and `Exceptions::NotAuthorized` exceptions to user. - Fix regression: 'Not authorized' errors lack of cause. - Remove diverged behavior for different environments. 2020-03-06 14:31:43 +00:00			`error = humanize_error(e)`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`response.headers['X-Failure'] = error.fetch(:error_human, error[:error])`
			`respond_to_exception(e, :unauthorized)`
Initial Check_MK integration. 2017-08-21 23:13:19 +00:00			`http_log`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`end`

Fixes issue #2983 - HTTP 401 responses causing issues with Basic Authentication. 2021-02-04 08:28:41 +00:00			`def forbidden(e)`
			`logger.info { e }`
			`error = humanize_error(e)`
			`response.headers['X-Failure'] = error.fetch(:error_human, error[:error])`
			`respond_to_exception(e, :forbidden)`
			`http_log`
			`end`

Refactoring: Replaced home-rolled authorization logic in Controllers with Pundit. 2020-03-19 09:39:51 +00:00			`def pundit_not_authorized_error(e)`
			`logger.info { e }`
			`# check if a special authorization_error should be shown in the result payload`
			`# which was raised in one of the policies. Fall back to a simple "Not authorized"`
			`# error to hide actual cause for security reasons.`
Fixes issue #2983 - HTTP 401 responses causing issues with Basic Authentication. 2021-02-04 08:28:41 +00:00			`exeption = e.policy&.custom_exception \|\| Exceptions::Forbidden.new('Not authorized')`
			`forbidden(exeption)`
Refactoring: Replaced home-rolled authorization logic in Controllers with Pundit. 2020-03-19 09:39:51 +00:00			`end`

Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`private`

			`def respond_to_exception(e, status)`
			`status_code = Rack::Utils.status_code(status)`

			`respond_to do \|format\|`
Follow up - bca16dee1685797eec5836f129b7e096774c9e9c - Enhancement: Provide unique error code for technical errors to make it easy to find them in the logs. - Show all error messages if `current_user` has `admin` permission(s) right away. - Pass messages of `ActionController::RoutingError`, `ActiveRecord::RecordNotFound`, `Exceptions::UnprocessableEntity` and `Exceptions::NotAuthorized` exceptions to user. - Fix regression: 'Not authorized' errors lack of cause. - Remove diverged behavior for different environments. 2020-03-06 14:31:43 +00:00			`format.json { render json: humanize_error(e), status: status }`
Applied RuboCop Style/BlockDelimiters to improve readability. 2017-10-01 12:25:52 +00:00			`format.any do`
Follow up - bca16dee1685797eec5836f129b7e096774c9e9c - Enhancement: Provide unique error code for technical errors to make it easy to find them in the logs. - Show all error messages if `current_user` has `admin` permission(s) right away. - Pass messages of `ActionController::RoutingError`, `ActiveRecord::RecordNotFound`, `Exceptions::UnprocessableEntity` and `Exceptions::NotAuthorized` exceptions to user. - Fix regression: 'Not authorized' errors lack of cause. - Remove diverged behavior for different environments. 2020-03-06 14:31:43 +00:00			`errors = humanize_error(e)`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`@exception = e`
Fixed issue #2128 - Route for /auth/failure is missing to show login failure messages form oauth provider (if request was technical ok - only login was not possible by oauth provider). 2018-07-17 08:35:51 +00:00			`@message = errors[:error_human] \|\| errors[:error] \|\| param[:message]`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`@traceback = !Rails.env.production?`
			`file = File.open(Rails.root.join('public', "#{status_code}.html"), 'r')`
Maintenance: Updated rubocop(-* gems) to latest version (0.92.0). 2020-09-30 09:07:01 +00:00			`render inline: file.read, status: status # rubocop:disable Rails/RenderInline`
Applied RuboCop Style/BlockDelimiters to improve readability. 2017-10-01 12:25:52 +00:00			`end`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`end`
			`end`

Follow up - bca16dee1685797eec5836f129b7e096774c9e9c - Enhancement: Provide unique error code for technical errors to make it easy to find them in the logs. - Show all error messages if `current_user` has `admin` permission(s) right away. - Pass messages of `ActionController::RoutingError`, `ActiveRecord::RecordNotFound`, `Exceptions::UnprocessableEntity` and `Exceptions::NotAuthorized` exceptions to user. - Fix regression: 'Not authorized' errors lack of cause. - Remove diverged behavior for different environments. 2020-03-06 14:31:43 +00:00			`def humanize_error(e)`

Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`data = {`
Follow up - bca16dee1685797eec5836f129b7e096774c9e9c - Enhancement: Provide unique error code for technical errors to make it easy to find them in the logs. - Show all error messages if `current_user` has `admin` permission(s) right away. - Pass messages of `ActionController::RoutingError`, `ActiveRecord::RecordNotFound`, `Exceptions::UnprocessableEntity` and `Exceptions::NotAuthorized` exceptions to user. - Fix regression: 'Not authorized' errors lack of cause. - Remove diverged behavior for different environments. 2020-03-06 14:31:43 +00:00			`error: e.message`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`}`

Maintenance: Rubocop enforces %r{} regular expression style 2021-05-12 11:37:44 +00:00			`if e.message =~ %r{Validation failed: (.+?)(,\|$)}i`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`data[:error_human] = $1`
Maintenance: Rubocop enforces %r{} regular expression style 2021-05-12 11:37:44 +00:00			`elsif e.message.match?(%r{(already exists\|duplicate key\|duplicate entry)}i)`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`data[:error_human] = 'Object already exists!'`
Maintenance: Rubocop enforces %r{} regular expression style 2021-05-12 11:37:44 +00:00			`elsif e.message =~ %r{null value in column "(.+?)" violates not-null constraint}i \|\| e.message =~ %r{Field '(.+?)' doesn't have a default value}i`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`data[:error_human] = "Attribute '#{$1}' required!"`
Fixes issue #2983 - HTTP 401 responses causing issues with Basic Authentication. 2021-02-04 08:28:41 +00:00			`elsif e.message == 'Exceptions::Forbidden'`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`data[:error] = 'Not authorized'`
			`data[:error_human] = data[:error]`
Fixes issue #2983 - HTTP 401 responses causing issues with Basic Authentication. 2021-02-04 08:28:41 +00:00			`elsif e.message == 'Exceptions::NotAuthorized'`
			`data[:error] = 'Authorization failed'`
			`data[:error_human] = data[:error]`
			`elsif [ActionController::RoutingError, ActiveRecord::RecordNotFound, Exceptions::UnprocessableEntity, Exceptions::NotAuthorized, Exceptions::Forbidden].include?(e.class)`
Follow up - bca16dee1685797eec5836f129b7e096774c9e9c - Enhancement: Provide unique error code for technical errors to make it easy to find them in the logs. - Show all error messages if `current_user` has `admin` permission(s) right away. - Pass messages of `ActionController::RoutingError`, `ActiveRecord::RecordNotFound`, `Exceptions::UnprocessableEntity` and `Exceptions::NotAuthorized` exceptions to user. - Fix regression: 'Not authorized' errors lack of cause. - Remove diverged behavior for different environments. 2020-03-06 14:31:43 +00:00			`data[:error_human] = data[:error]`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`end`

Follow up - bca16dee1685797eec5836f129b7e096774c9e9c - Enhancement: Provide unique error code for technical errors to make it easy to find them in the logs. - Show all error messages if `current_user` has `admin` permission(s) right away. - Pass messages of `ActionController::RoutingError`, `ActiveRecord::RecordNotFound`, `Exceptions::UnprocessableEntity` and `Exceptions::NotAuthorized` exceptions to user. - Fix regression: 'Not authorized' errors lack of cause. - Remove diverged behavior for different environments. 2020-03-06 14:31:43 +00:00			`if data[:error_human].present?`
			`data[:error] = data[:error_human]`
			`elsif !current_user&.permissions?('admin')`
			`# We want to avoid leaking of internal information but also want the user`
			`# to give the administrator a reference to find the cause of the error.`
			`# Therefore we generate a one time unique error ID that can be used to`
			`# search the logs and find the actual error message.`
			`error_code_prefix = "Error ID #{SecureRandom.urlsafe_base64(6)}:"`
			`Rails.logger.error "#{error_code_prefix} #{data[:error]}"`
			`data[:error] = "#{error_code_prefix} Please contact your administrator."`
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`end`
Follow up - bca16dee1685797eec5836f129b7e096774c9e9c - Enhancement: Provide unique error code for technical errors to make it easy to find them in the logs. - Show all error messages if `current_user` has `admin` permission(s) right away. - Pass messages of `ActionController::RoutingError`, `ActiveRecord::RecordNotFound`, `Exceptions::UnprocessableEntity` and `Exceptions::NotAuthorized` exceptions to user. - Fix regression: 'Not authorized' errors lack of cause. - Remove diverged behavior for different environments. 2020-03-06 14:31:43 +00:00
Application controller refactoring: Moving error methods to proper concern. 2017-01-20 09:45:19 +00:00			`data`
			`end`
			`end`