Download as
Browse Code »

Commit f5389436761d74edc54f065f1f17c578e77a92f8

Authored by Evandro Junior
1 parent d620ea76
Exists in theme-brasil-digital-from-staging and in 9 other branches angular_poc, api-article-archived, backup-7-jan-2016, captcha_serpro_plugin, login-captcha, production, resend_confirmation_email, staging, staging_rails3

work in progress do no use for production

Showing 4 changed files with 42 additions and 28 deletions   Show diff stats
lib/noosfero/api/helpers.rb
  Diff comments   View file @f538943
@@ -216,8 +216,13 @@ require 'grape' @@ -216,8 +216,13 @@ require 'grape'
216 render_api_error!(_('Method Not Allowed'), 405) 216 render_api_error!(_('Method Not Allowed'), 405)
217 end 217 end
218 218
219 - def render_api_error!(message, status)  
220 - error!({'message' => message, :code => status}, status) 219 + # Message will be logged and shown to user
  220 + # javascript_console_message is supposed to be executed as console.log()
  221 + def render_api_error!(user_message, _status, log_message = nil, javascript_console_message = nil)
  222 + message_hash = {'message' => user_message, :code => status}
  223 + message_hash[:javascript_console_message] = javascript_console_message if javascript_console_message.present?
  224 + status(_status || namespace_inheritable(:default_error_status))
  225 + throw :error, message: "#{user_message} #{log_message}", status: _status, headers: headers
221 end 226 end
222 227
223 def render_api_errors!(messages) 228 def render_api_errors!(messages)
@@ -284,10 +289,15 @@ require 'grape' @@ -284,10 +289,15 @@ require 'grape'
284 def test_captcha(remote_ip, params, environment) 289 def test_captcha(remote_ip, params, environment)
285 d = environment.api_captcha_settings 290 d = environment.api_captcha_settings
286 return true unless d[:enabled] == true 291 return true unless d[:enabled] == true
  292 + msg_cve = _('Captcha validation error')
  293 + msg_eacs = 'Environment api_captcha_settings'
287 294
288 if d[:provider] == 'google' 295 if d[:provider] == 'google'
289 - raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil?  
290 - raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 || d[:version] == 2 296 + render_api_error!(msg_cve, status, javascript_console_message = nil)
  297 +
  298 +
  299 + return log_ret_error_msg(msg_cve,"#{msg_eacs} private_key not defined") if d[:private_key].nil?
  300 + return log_ret_error_msg(msg_cve,"#{msg_eacs} version not defined") unless d[:version] == 1 || d[:version] == 2
291 if d[:version] == 1 301 if d[:version] == 1
292 d[:verify_uri] ||= 'https://www.google.com/recaptcha/api/verify' 302 d[:verify_uri] ||= 'https://www.google.com/recaptcha/api/verify'
293 return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field]) 303 return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field])
@@ -298,20 +308,15 @@ require 'grape' @@ -298,20 +308,15 @@ require 'grape'
298 end 308 end
299 end 309 end
300 if d[:provider] == 'serpro' 310 if d[:provider] == 'serpro'
301 - #raise ArgumentError, "Environment api_captcha_settings verify_uri not defined" if d[:verify_uri].nil?  
302 - if d[:verify_uri].nil?  
303 - msg="Environment api_captcha_settings verify_uri not defined"  
304 - log msg  
305 - return client_message(_('Captcha validation error'), msg)  
306 - end 311 + return log_ret_error_msg(msg_cve,"#{msg_eacs} verify_uri not defined") if d[:verify_uri].nil?
307 return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], d[:verify_uri]) 312 return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], d[:verify_uri])
308 end 313 end
309 - raise ArgumentError, "Environment api_captcha_settings provider not defined" 314 + return log_ret_error_msg(msg_cve,"#{msg_eacs} provider not defined")
310 end 315 end
311 316
312 def verify_recaptcha_v1(remote_ip, private_key, api_recaptcha_verify_uri, recaptcha_challenge_field, recaptcha_response_field) 317 def verify_recaptcha_v1(remote_ip, private_key, api_recaptcha_verify_uri, recaptcha_challenge_field, recaptcha_response_field)
313 if recaptcha_challenge_field == nil || recaptcha_response_field == nil 318 if recaptcha_challenge_field == nil || recaptcha_response_field == nil
314 - return _('Missing captcha data') 319 + return log_ret_error_msg(_('Captcha validation error'), _('Missing captcha data'))
315 end 320 end
316 321
317 verify_hash = { 322 verify_hash = {
@@ -374,14 +379,13 @@ require 'grape' @@ -374,14 +379,13 @@ require 'grape'
374 body = http.request(request).body 379 body = http.request(request).body
375 rescue Exception => e 380 rescue Exception => e
376 log_exception(e) 381 log_exception(e)
377 - return client_message(_('Internal captcha validation error'),"Serpro captcha error: #{e.message}") 382 + return error_message(_('Internal captcha validation error'),"Serpro captcha error: #{e.message}")
378 end 383 end
379 return _("Wrong captcha text, please try again") if body == 0 384 return _("Wrong captcha text, please try again") if body == 0
380 return _("Token not found") if body == 2 385 return _("Token not found") if body == 2
381 body == '1' ? true : body 386 body == '1' ? true : body
382 end 387 end
383 388
384 -  
385 # custom_message[:prepend2log] -> Prepend2log gives more details to the application log 389 # custom_message[:prepend2log] -> Prepend2log gives more details to the application log
386 def log_exception(e, prepend_message2log=nil) 390 def log_exception(e, prepend_message2log=nil)
387 logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log")) 391 logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log"))
@@ -391,13 +395,6 @@ require 'grape' @@ -391,13 +395,6 @@ require 'grape'
391 logger.error e 395 logger.error e
392 end 396 end
393 397
394 - # message[:user_message] -> Displays the message directly to user  
395 - # message[:console_message] -> Displays the message to the javascript console  
396 - def client_message(user_message, console_message)  
397 - message = {single_message: true, user_message: user_message, console_message: console_message}  
398 - message.to_json if message.present?  
399 - end  
400 -  
401 def log(message) 398 def log(message)
402 logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log")) 399 logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log"))
403 logger.formatter = GrapeLogging::Formatters::Default.new 400 logger.formatter = GrapeLogging::Formatters::Default.new
lib/noosfero/api/session.rb
  Diff comments   View file @f538943
@@ -40,13 +40,7 @@ module Noosfero @@ -40,13 +40,7 @@ module Noosfero
40 unique_attributes! User, [:email, :login] 40 unique_attributes! User, [:email, :login]
41 attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields 41 attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields
42 remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR']) 42 remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
43 -  
44 - result = test_captcha(remote_ip, params, environment)  
45 - unless result == true  
46 - render_api_error!(result, 401)  
47 - return  
48 - end  
49 - 43 + test_captcha(remote_ip, params, environment)
50 user = User.new(attrs) 44 user = User.new(attrs)
51 if user.save 45 if user.save
52 user.activate 46 user.activate
@@ -57,6 +51,11 @@ module Noosfero @@ -57,6 +51,11 @@ module Noosfero
57 render_api_error!(message, 400) 51 render_api_error!(message, 400)
58 end 52 end
59 end 53 end
  54 +
  55 + post "/error" do
  56 + render_api_error!("show on screen", 400, "this is the log message", "go to JS")
  57 + end
  58 +
60 end 59 end
61 end 60 end
62 end 61 end
test/unit/api/helpers_test.rb
  Diff comments   View file @f538943
@@ -252,6 +252,20 @@ class APIHelpersTest < ActiveSupport::TestCase @@ -252,6 +252,20 @@ class APIHelpersTest < ActiveSupport::TestCase
252 end 252 end
253 253
254 254
  255 + # def render_api_error!(user_message, status, log_message = nil, javascript_console_message = nil)
  256 + # message_hash = {'message' => user_message, :code => status}
  257 + # message_hash[:javascript_console_message] = javascript_console_message if javascript_console_message.present?
  258 + # self.status(status || namespace_inheritable(:default_error_status))
  259 + # throw :error, message: message_hash, status: self.status, headers: headers
  260 + # end
  261 +
  262 +
  263 + should 'display user message' do
  264 + r=render_api_error!('Error to the user', '403', 'detailed log_message', 'show this on user\'s javascript console')
  265 + puts r.inspect
  266 + tsil
  267 + end
  268 +
255 protected 269 protected
256 270
257 def error!(info, status) 271 def error!(info, status)
test/unit/api/session_test.rb
  Diff comments   View file @f538943
@@ -55,5 +55,9 @@ class SessionTest < ActiveSupport::TestCase @@ -55,5 +55,9 @@ class SessionTest < ActiveSupport::TestCase
55 assert_equal "Serpro captcha error: getaddrinfo: Name or service not known", JSON.parse(message)['console_message'] 55 assert_equal "Serpro captcha error: getaddrinfo: Name or service not known", JSON.parse(message)['console_message']
56 end 56 end
57 57
  58 + should 'show erro' do
  59 + puts (post("/api/v1/error")).inspect
  60 + end
  61 +
58 62
59 end 63 end