work in progress do no use for production

Evandro Junior
1 parent d620ea76
Showing 4 changed files with 42 additions and 28 deletions Show diff stats
lib/noosfero/api/helpers.rb
lib/noosfero/api/session.rb
test/unit/api/helpers_test.rb
test/unit/api/session_test.rb
@@ -216,8 +216,13 @@ require &#39;grape&#39;
         render_api_error!(_('Method Not Allowed'), 405)
       end
  
-      def render_api_error!(message, status)
-        error!({'message' => message, :code => status}, status)
+      # Message will be logged and shown to user
+      # javascript_console_message is supposed to be executed as console.log()
+      def render_api_error!(user_message, _status, log_message = nil, javascript_console_message = nil)
+        message_hash = {'message' => user_message, :code => status}
+        message_hash[:javascript_console_message] = javascript_console_message if javascript_console_message.present?
+        status(_status || namespace_inheritable(:default_error_status))
+        throw :error, message: "#{user_message} #{log_message}", status: _status, headers: headers
       end
  
       def render_api_errors!(messages)
@@ -284,10 +289,15 @@ require &#39;grape&#39;
       def test_captcha(remote_ip, params, environment)
         d = environment.api_captcha_settings
         return true unless d[:enabled] == true
+        msg_cve = _('Captcha validation error')
+        msg_eacs = 'Environment api_captcha_settings'
  
         if d[:provider] == 'google'
-          raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil?
-          raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 || d[:version] == 2
+          render_api_error!(msg_cve, status, javascript_console_message = nil)
+
+
+          return log_ret_error_msg(msg_cve,"#{msg_eacs} private_key not defined") if d[:private_key].nil?
+          return log_ret_error_msg(msg_cve,"#{msg_eacs} version not defined") unless d[:version] == 1 || d[:version] == 2
           if d[:version]  == 1
             d[:verify_uri] ||= 'https://www.google.com/recaptcha/api/verify'
             return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field])
@@ -298,20 +308,15 @@ require &#39;grape&#39;
           end
         end
         if d[:provider] == 'serpro'
-          #raise ArgumentError, "Environment api_captcha_settings verify_uri not defined" if d[:verify_uri].nil?
-          if d[:verify_uri].nil?
-            msg="Environment api_captcha_settings verify_uri not defined"
-            log msg
-            return client_message(_('Captcha validation error'), msg)
-          end
+          return log_ret_error_msg(msg_cve,"#{msg_eacs} verify_uri not defined") if d[:verify_uri].nil?
           return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], d[:verify_uri])
         end
-        raise ArgumentError, "Environment api_captcha_settings provider not defined"
+        return log_ret_error_msg(msg_cve,"#{msg_eacs} provider not defined") 
       end
  
       def verify_recaptcha_v1(remote_ip, private_key, api_recaptcha_verify_uri, recaptcha_challenge_field, recaptcha_response_field)
         if recaptcha_challenge_field == nil || recaptcha_response_field == nil
-          return _('Missing captcha data')
+          return log_ret_error_msg(_('Captcha validation error'), _('Missing captcha data'))
         end
  
         verify_hash = {
@@ -374,14 +379,13 @@ require &#39;grape&#39;
           body = http.request(request).body
         rescue Exception => e
           log_exception(e)
-          return client_message(_('Internal captcha validation error'),"Serpro captcha error: #{e.message}")
+          return error_message(_('Internal captcha validation error'),"Serpro captcha error: #{e.message}")
         end
         return _("Wrong captcha text, please try again") if body == 0
         return _("Token not found") if body == 2
         body == '1' ? true : body
       end
  
-
       # custom_message[:prepend2log] -> Prepend2log gives more details to the application log
       def log_exception(e, prepend_message2log=nil)
         logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log"))
@@ -391,13 +395,6 @@ require &#39;grape&#39;
         logger.error e
       end
  
-      # message[:user_message] -> Displays the message directly to user
-      # message[:console_message] -> Displays the message to the javascript console
-      def client_message(user_message, console_message)
-        message = {single_message: true, user_message: user_message, console_message: console_message}
-        message.to_json if message.present?
-      end
-
       def log(message)
         logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log"))
         logger.formatter = GrapeLogging::Formatters::Default.new
@@ -40,13 +40,7 @@ module Noosfero
         unique_attributes! User, [:email, :login]
         attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields
         remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
-
-        result = test_captcha(remote_ip, params, environment)
-        unless result == true
-          render_api_error!(result, 401)
-          return
-        end
-
+        test_captcha(remote_ip, params, environment)
         user = User.new(attrs)
         if  user.save
           user.activate
@@ -57,6 +51,11 @@ module Noosfero
           render_api_error!(message, 400)
         end
       end
+
+      post "/error" do
+        render_api_error!("show on screen", 400, "this is the log message", "go to JS")
+      end
+
     end
   end
 end
@@ -252,6 +252,20 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
   end
  
  
+  # def render_api_error!(user_message, status, log_message = nil, javascript_console_message = nil)
+  #   message_hash = {'message' => user_message, :code => status}
+  #   message_hash[:javascript_console_message] = javascript_console_message if javascript_console_message.present?
+  #   self.status(status || namespace_inheritable(:default_error_status))
+  #   throw :error, message: message_hash, status: self.status, headers: headers
+  # end
+
+
+  should 'display user message' do
+    r=render_api_error!('Error to the user', '403', 'detailed log_message', 'show this on user\'s javascript console')
+    puts r.inspect
+    tsil
+  end
+
   protected
  
   def error!(info, status)
@@ -55,5 +55,9 @@ class SessionTest &lt; ActiveSupport::TestCase
     assert_equal "Serpro captcha error: getaddrinfo: Name or service not known", JSON.parse(message)['console_message']
   end
  
+  should 'show erro' do
+    puts (post("/api/v1/error")).inspect
+  end
+
  
 end
...	...	@@ -216,8 +216,13 @@ require 'grape'
216	216	render_api_error!(_('Method Not Allowed'), 405)
217	217	end
218	218
219		- def render_api_error!(message, status)
220		- error!({'message' => message, :code => status}, status)
	219	+ # Message will be logged and shown to user
	220	+ # javascript_console_message is supposed to be executed as console.log()
	221	+ def render_api_error!(user_message, _status, log_message = nil, javascript_console_message = nil)
	222	+ message_hash = {'message' => user_message, :code => status}
	223	+ message_hash[:javascript_console_message] = javascript_console_message if javascript_console_message.present?
	224	+ status(_status \|\| namespace_inheritable(:default_error_status))
	225	+ throw :error, message: "#{user_message} #{log_message}", status: _status, headers: headers
221	226	end
222	227
223	228	def render_api_errors!(messages)
...	...	@@ -284,10 +289,15 @@ require 'grape'
284	289	def test_captcha(remote_ip, params, environment)
285	290	d = environment.api_captcha_settings
286	291	return true unless d[:enabled] == true
	292	+ msg_cve = _('Captcha validation error')
	293	+ msg_eacs = 'Environment api_captcha_settings'
287	294
288	295	if d[:provider] == 'google'
289		- raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil?
290		- raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 \|\| d[:version] == 2
	296	+ render_api_error!(msg_cve, status, javascript_console_message = nil)
	297	+
	298	+
	299	+ return log_ret_error_msg(msg_cve,"#{msg_eacs} private_key not defined") if d[:private_key].nil?
	300	+ return log_ret_error_msg(msg_cve,"#{msg_eacs} version not defined") unless d[:version] == 1 \|\| d[:version] == 2
291	301	if d[:version] == 1
292	302	d[:verify_uri] \|\|= 'https://www.google.com/recaptcha/api/verify'
293	303	return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field])
...	...	@@ -298,20 +308,15 @@ require 'grape'
298	308	end
299	309	end
300	310	if d[:provider] == 'serpro'
301		- #raise ArgumentError, "Environment api_captcha_settings verify_uri not defined" if d[:verify_uri].nil?
302		- if d[:verify_uri].nil?
303		- msg="Environment api_captcha_settings verify_uri not defined"
304		- log msg
305		- return client_message(_('Captcha validation error'), msg)
306		- end
	311	+ return log_ret_error_msg(msg_cve,"#{msg_eacs} verify_uri not defined") if d[:verify_uri].nil?
307	312	return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], d[:verify_uri])
308	313	end
309		- raise ArgumentError, "Environment api_captcha_settings provider not defined"
	314	+ return log_ret_error_msg(msg_cve,"#{msg_eacs} provider not defined")
310	315	end
311	316
312	317	def verify_recaptcha_v1(remote_ip, private_key, api_recaptcha_verify_uri, recaptcha_challenge_field, recaptcha_response_field)
313	318	if recaptcha_challenge_field == nil \|\| recaptcha_response_field == nil
314		- return _('Missing captcha data')
	319	+ return log_ret_error_msg(_('Captcha validation error'), _('Missing captcha data'))
315	320	end
316	321
317	322	verify_hash = {
...	...	@@ -374,14 +379,13 @@ require 'grape'
374	379	body = http.request(request).body
375	380	rescue Exception => e
376	381	log_exception(e)
377		- return client_message(_('Internal captcha validation error'),"Serpro captcha error: #{e.message}")
	382	+ return error_message(_('Internal captcha validation error'),"Serpro captcha error: #{e.message}")
378	383	end
379	384	return _("Wrong captcha text, please try again") if body == 0
380	385	return _("Token not found") if body == 2
381	386	body == '1' ? true : body
382	387	end
383	388
384		-
385	389	# custom_message[:prepend2log] -> Prepend2log gives more details to the application log
386	390	def log_exception(e, prepend_message2log=nil)
387	391	logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] \|\| 'production'}_api.log"))
...	...	@@ -391,13 +395,6 @@ require 'grape'
391	395	logger.error e
392	396	end
393	397
394		- # message[:user_message] -> Displays the message directly to user
395		- # message[:console_message] -> Displays the message to the javascript console
396		- def client_message(user_message, console_message)
397		- message = {single_message: true, user_message: user_message, console_message: console_message}
398		- message.to_json if message.present?
399		- end
400		-
401	398	def log(message)
402	399	logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] \|\| 'production'}_api.log"))
403	400	logger.formatter = GrapeLogging::Formatters::Default.new
...	...
...	...	@@ -40,13 +40,7 @@ module Noosfero
40	40	unique_attributes! User, [:email, :login]
41	41	attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields
42	42	remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) \|\| (env && env['REMOTE_ADDR'])
43		-
44		- result = test_captcha(remote_ip, params, environment)
45		- unless result == true
46		- render_api_error!(result, 401)
47		- return
48		- end
49		-
	43	+ test_captcha(remote_ip, params, environment)
50	44	user = User.new(attrs)
51	45	if user.save
52	46	user.activate
...	...	@@ -57,6 +51,11 @@ module Noosfero
57	51	render_api_error!(message, 400)
58	52	end
59	53	end
	54	+
	55	+ post "/error" do
	56	+ render_api_error!("show on screen", 400, "this is the log message", "go to JS")
	57	+ end
	58	+
60	59	end
61	60	end
62	61	end
...	...
...	...	@@ -252,6 +252,20 @@ class APIHelpersTest < ActiveSupport::TestCase
252	252	end
253	253
254	254
	255	+ # def render_api_error!(user_message, status, log_message = nil, javascript_console_message = nil)
	256	+ # message_hash = {'message' => user_message, :code => status}
	257	+ # message_hash[:javascript_console_message] = javascript_console_message if javascript_console_message.present?
	258	+ # self.status(status \|\| namespace_inheritable(:default_error_status))
	259	+ # throw :error, message: message_hash, status: self.status, headers: headers
	260	+ # end
	261	+
	262	+
	263	+ should 'display user message' do
	264	+ r=render_api_error!('Error to the user', '403', 'detailed log_message', 'show this on user\'s javascript console')
	265	+ puts r.inspect
	266	+ tsil
	267	+ end
	268	+
255	269	protected
256	270
257	271	def error!(info, status)
...	...
...	...	@@ -55,5 +55,9 @@ class SessionTest < ActiveSupport::TestCase
55	55	assert_equal "Serpro captcha error: getaddrinfo: Name or service not known", JSON.parse(message)['console_message']
56	56	end
57	57
	58	+ should 'show erro' do
	59	+ puts (post("/api/v1/error")).inspect
	60	+ end
	61	+
58	62
59	63	end
...	...