diff options
author | Rhenium <rhenium@rhe.jp> | 2014-03-11 21:23:02 +0900 |
---|---|---|
committer | Rhenium <rhenium@rhe.jp> | 2014-03-11 21:23:02 +0900 |
commit | 7c392ca7735a36948515a392b544ace60a242838 (patch) | |
tree | 7d887731c549decf33d23018268e5e974b16a2cd | |
parent | 71c2069595618cb048c8e04c577902c08fc20a57 (diff) | |
download | aclog-7c392ca7735a36948515a392b544ace60a242838.tar.gz |
reorganize exceptions
-rw-r--r-- | Gemfile | 2 | ||||
-rw-r--r-- | Gemfile.lock | 27 | ||||
-rw-r--r-- | app/api/api.rb | 8 | ||||
-rw-r--r-- | app/api/api_deprecated.rb | 2 | ||||
-rw-r--r-- | app/api/api_tweets.rb | 6 | ||||
-rw-r--r-- | app/api/api_users.rb | 2 | ||||
-rw-r--r-- | app/api/concerns/twitter_oauth_echo_authentication.rb | 4 | ||||
-rw-r--r-- | app/controllers/errors_controller.rb | 22 | ||||
-rw-r--r-- | app/controllers/settings_controller.rb | 2 | ||||
-rw-r--r-- | app/models/user.rb | 2 | ||||
-rw-r--r-- | lib/aclog/exceptions.rb | 30 |
11 files changed, 47 insertions, 60 deletions
@@ -4,7 +4,7 @@ gem "rails", "~> 4.0.3" gem "mysql2" gem "settingslogic" gem "yajl-ruby", require: "yajl" -gem "grape" +gem "grape", github: "intridea/grape" gem "grape-rabl" gem "twitter" gem "twitter-text" diff --git a/Gemfile.lock b/Gemfile.lock index 59bb98d..066bbfe 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,3 +1,18 @@ +GIT + remote: git://github.com/intridea/grape.git + revision: 1fecd022c119239ed6b476aee05590fad689e10a + specs: + grape (0.7.0) + activesupport + builder + hashie (>= 1.2.0) + multi_json (>= 1.3.2) + multi_xml (>= 0.5.2) + rack (>= 1.3.0) + rack-accept + rack-mount + virtus (>= 1.0.0) + GEM remote: https://rubygems.org/ specs: @@ -75,16 +90,6 @@ GEM railties (>= 3.0.0) faraday (0.9.0) multipart-post (>= 1.2, < 3) - grape (0.6.1) - activesupport - builder - hashie (>= 1.2.0) - multi_json (>= 1.3.2) - multi_xml (>= 0.5.2) - rack (>= 1.3.0) - rack-accept - rack-mount - virtus (>= 1.0.0) grape-rabl (0.2.2) grape i18n @@ -267,7 +272,7 @@ DEPENDENCIES dalli em-work_queue factory_girl_rails - grape + grape! grape-rabl haml-rails jquery-rails diff --git a/app/api/api.rb b/app/api/api.rb index 5eb0711..353a99e 100644 --- a/app/api/api.rb +++ b/app/api/api.rb @@ -5,13 +5,13 @@ class Api < Grape::API { error: { message: message } }.to_json end - rescue_from ActiveRecord::RecordNotFound, Aclog::Exceptions::NotFound do + rescue_from ActiveRecord::RecordNotFound, Aclog::Exceptions::NotFound, rescue_subclasses: true do error_response message: "That page does not exists.", status: 404 end - rescue_from Aclog::Exceptions::Forbidden do + rescue_from Aclog::Exceptions::Forbidden, rescue_subclasses: true do error_response message: "You do not have permission to access this page.", status: 403 end - rescue_from Aclog::Exceptions::OAuthEchoError do + rescue_from Aclog::Exceptions::OAuthEchoError, rescue_subclasses: true do error_response message: "Invalid OAuth Echo data.", status: 401 end @@ -27,8 +27,6 @@ class Api < Grape::API User.find(user_id) end end - rescue Aclog::Exceptions::OAuthEchoUnauthorized - raise Aclog::Exceptions::OAuthEchoError, $! end def permitted_to_see?(user_or_tweet) diff --git a/app/api/api_deprecated.rb b/app/api/api_deprecated.rb index 5f325f4..9c0607d 100644 --- a/app/api/api_deprecated.rb +++ b/app/api/api_deprecated.rb @@ -33,7 +33,7 @@ class ApiDeprecated < Grape::API def user @_user ||= begin user = User.find(id: params[:user_id], screen_name: params[:screen_name]) - raise Aclog::Exceptions::Forbidden unless permitted_to_see?(user) + raise Aclog::Exceptions::UserProtected unless permitted_to_see?(user) user end end diff --git a/app/api/api_tweets.rb b/app/api/api_tweets.rb index 72a9c92..f792989 100644 --- a/app/api/api_tweets.rb +++ b/app/api/api_tweets.rb @@ -39,14 +39,14 @@ class ApiTweets < Grape::API def user @_user ||= begin user = User.find(id: params[:user_id], screen_name: params[:screen_name]) - raise Aclog::Exceptions::Forbidden unless permitted_to_see?(user) + raise Aclog::Exceptions::UserProtected unless permitted_to_see?(user) user end end def source_user user = User.find(id: params[:source_user_id], screen_name: params[:source_screen_name]) - raise Aclog::Exceptions::Forbidden unless permitted_to_see?(user) + raise Aclog::Exceptions::UserProtected unless permitted_to_see?(user) user end @@ -66,7 +66,7 @@ class ApiTweets < Grape::API end get "show", rabl: "tweet" do @tweet = Tweet.find(params[:id]) - raise Aclog::Exceptions::Forbidden unless permitted_to_see?(@tweet) + raise Aclog::Exceptions::UserProtected unless permitted_to_see?(@tweet) end desc "Returns Tweets, specified by comma-separated IDs.", example_params: { ids: "43341783446466560,50220624609685505" } diff --git a/app/api/api_users.rb b/app/api/api_users.rb index 9eda640..253bd63 100644 --- a/app/api/api_users.rb +++ b/app/api/api_users.rb @@ -11,7 +11,7 @@ class ApiUsers < Grape::API def user @_user ||= begin user = User.find(id: params[:id] || params[:user_id], screen_name: params[:screen_name]) - raise Aclog::Exceptions::Forbidden unless permitted_to_see?(user) + raise Aclog::Exceptions::UserProtected unless permitted_to_see?(user) user end end diff --git a/app/api/concerns/twitter_oauth_echo_authentication.rb b/app/api/concerns/twitter_oauth_echo_authentication.rb index 224dca6..f0cf53a 100644 --- a/app/api/concerns/twitter_oauth_echo_authentication.rb +++ b/app/api/concerns/twitter_oauth_echo_authentication.rb @@ -7,7 +7,7 @@ module TwitterOauthEchoAuthentication provider = headers["X-Auth-Service-Provider"] credentials = headers["X-Verify-Credentials-Authorization"] unless provider == twitter_provider && credentials - raise Aclog::Exceptions::OAuthEchoUnauthorized, "X-Auth-Service-Provider is invalid" + raise Aclog::Exceptions::OAuthEchoError, "X-Auth-Service-Provider is invalid" end json = open(twitter_provider, "Authorization" => credentials) {|res| @@ -15,7 +15,7 @@ module TwitterOauthEchoAuthentication } json["id"] - rescue Aclog::Exceptions::OAuthEchoUnauthorized + rescue Aclog::Exceptions::OAuthEchoError raise $! rescue OpenURI::HTTPError if $!.message.include?("401") diff --git a/app/controllers/errors_controller.rb b/app/controllers/errors_controller.rb index 8328388..f59c6e5 100644 --- a/app/controllers/errors_controller.rb +++ b/app/controllers/errors_controller.rb @@ -1,42 +1,32 @@ class ErrorsController < ApplicationController before_action :force_format - layout :select_layout def render_error @exception = env["action_dispatch.exception"] case @exception - when OAuth::Unauthorized - # only /i/callback: when Cancel pressed on Twitter's OAuth - redirect_to root_path - when Aclog::Exceptions::LoginRequired, - Aclog::Exceptions::UserProtected, - Aclog::Exceptions::AccountPrivate + when Aclog::Exceptions::Forbidden @status = 403 @message = t("error.forbidden") when ActionController::RoutingError, ActiveRecord::RecordNotFound, ActionView::MissingTemplate, - Aclog::Exceptions::UserNotRegistered + Aclog::Exceptions::NotFound @status = 404 @message = t("error.not_found") + when OAuth::Unauthorized, + Aclog::Exceptions::Unauthorized + @status = 401 + @message = "" else @status = 500 @message = "#{t("error.internal_error")}: #{@exception.class}" end - if @exception.is_a? Aclog::Exceptions::UserError - @user = @exception.user - end - render status: @status end private - def select_layout - @user ? nil : "index" - end - def force_format request.format = (env["REQUEST_PATH"].scan(/\.([A-Za-z]+)$/).flatten.first || :html).to_sym diff --git a/app/controllers/settings_controller.rb b/app/controllers/settings_controller.rb index ca30d46..587bc7f 100644 --- a/app/controllers/settings_controller.rb +++ b/app/controllers/settings_controller.rb @@ -21,6 +21,6 @@ class SettingsController < ApplicationController private def set_account @account = logged_in? && current_user.account - raise Aclog::Exceptions::LoginRequired unless @account + redirect_to "/i/login" unless @account end end diff --git a/app/models/user.rb b/app/models/user.rb index de499fd..f067894 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -68,7 +68,7 @@ class User < ActiveRecord::Base end def stats - raise Aclog::Exceptions::UserNotRegistered.new(self) unless registered? && account.active? + raise(Aclog::Exceptions::UserNotRegistered, self) unless registered? && account.active? Rails.cache.fetch("stats/#{self.id}", expires_in: 3.hours) do reactions_count = tweets.sum(:reactions_count) diff --git a/lib/aclog/exceptions.rb b/lib/aclog/exceptions.rb index 5eafc99..1a58755 100644 --- a/lib/aclog/exceptions.rb +++ b/lib/aclog/exceptions.rb @@ -1,26 +1,20 @@ module Aclog module Exceptions - class UserError < StandardError - attr_reader :user - def initialize(user) - @user = user - end - end + class AclogError < StandardError; end + class NotFound < AclogError; end + class Forbidden < AclogError; end + class Unauthorized < AclogError; end - class UserNotFound < StandardError; end - class LoginRequired < StandardError; end - class TweetNotFound < StandardError; end - class OAuthEchoUnauthorized < StandardError; end + class UserNotFound < NotFound; end + class TweetNotFound < NotFound; end + class UserNotRegistered < NotFound; end + class DocumentNotFound < NotFound; end - class UserNotRegistered < UserError; end - class UserProtected < UserError; end - class AccountPrivate < UserError; end + class UserProtected < Forbidden; end + class AccountPrivate < Forbidden; end - class DocumentNotFound < StandardError; end + class OAuthEchoError < Unauthorized; end - class AclogError < StandardError; end - class NotFound < AclogError; end - class Forbidden < AclogError; end - class OAuthEchoError < AclogError; end + class OAuthEchoUnauthorized < OAuthEchoError; end end end |