Commit 669bea9556b8ae17f9e1352a885ae8a9cf75fe34
1 parent
8b7475ad
Exists in
fix_sign_up_form
new_password: rescue exceptions on api requests
Showing
2 changed files
with
12 additions
and
7 deletions
Show diff stats
app/api/v1/session.rb
| @@ -141,14 +141,13 @@ module Api | @@ -141,14 +141,13 @@ module Api | ||
| 141 | # Example Request: | 141 | # Example Request: |
| 142 | # PATCH /new_password?code=xxxx&password=secret&password_confirmation=secret | 142 | # PATCH /new_password?code=xxxx&password=secret&password_confirmation=secret |
| 143 | patch "/new_password" do | 143 | patch "/new_password" do |
| 144 | - change_password = ChangePassword.find_by code: params[:code] | ||
| 145 | - not_found! if change_password.nil? | ||
| 146 | - | ||
| 147 | - if change_password.update_attributes(:password => params[:password], :password_confirmation => params[:password_confirmation]) | 144 | + begin |
| 145 | + change_password = ChangePassword.find_by! code: params[:code] | ||
| 146 | + change_password.update_attributes!(:password => params[:password], :password_confirmation => params[:password_confirmation]) | ||
| 148 | change_password.finish | 147 | change_password.finish |
| 149 | present change_password.requestor.user, :with => Entities::UserLogin, :current_person => current_person | 148 | present change_password.requestor.user, :with => Entities::UserLogin, :current_person => current_person |
| 150 | - else | ||
| 151 | - something_wrong! | 149 | + rescue Exception => ex |
| 150 | + render_api_error!(ex.message, 400) | ||
| 152 | end | 151 | end |
| 153 | end | 152 | end |
| 154 | 153 |
test/api/session_test.rb
| @@ -178,13 +178,19 @@ class SessionTest < ActiveSupport::TestCase | @@ -178,13 +178,19 @@ class SessionTest < ActiveSupport::TestCase | ||
| 178 | patch "/api/v1/new_password?#{params.to_query}" | 178 | patch "/api/v1/new_password?#{params.to_query}" |
| 179 | assert_equal Task::Status::ACTIVE, task.reload.status | 179 | assert_equal Task::Status::ACTIVE, task.reload.status |
| 180 | assert !user.reload.authenticated?('secret') | 180 | assert !user.reload.authenticated?('secret') |
| 181 | + json = JSON.parse(last_response.body) | ||
| 182 | + assert_match /doesn't match/, json['message'] | ||
| 183 | + | ||
| 181 | assert_equal 400, last_response.status | 184 | assert_equal 400, last_response.status |
| 182 | end | 185 | end |
| 183 | 186 | ||
| 184 | should 'render not found when provide a wrong code on password change' do | 187 | should 'render not found when provide a wrong code on password change' do |
| 185 | params = {:code => "wrongcode", :password => 'secret', :password_confirmation => 'secret'} | 188 | params = {:code => "wrongcode", :password => 'secret', :password_confirmation => 'secret'} |
| 186 | patch "/api/v1/new_password?#{params.to_query}" | 189 | patch "/api/v1/new_password?#{params.to_query}" |
| 187 | - assert_equal 404, last_response.status | 190 | + json = JSON.parse(last_response.body) |
| 191 | + assert_match /Couldn't find/, json['message'] | ||
| 192 | + | ||
| 193 | + assert_equal 400, last_response.status | ||
| 188 | end | 194 | end |
| 189 | 195 | ||
| 190 | should 'not return private token when the registered user is inactive' do | 196 | should 'not return private token when the registered user is inactive' do |