Commit Graph

3277 Commits

Author SHA1 Message Date
Franz Liedke
429b8e1a32 Restore error details in JSON-API error formatter
Fixes #1865. Refs #1843.
2019-09-04 01:44:22 +02:00
Franz Liedke
a7b19284b9 Convert controller test to request test
This further decouples these tests from the implementation (i.e. which
controller are we calling?).
2019-09-04 01:27:24 +02:00
Matteo Contrini
0005da3a0d Allow formatting post content without a request (#1848) 2019-09-04 00:12:28 +02:00
Matthew Kilgore
e5e505e85a Add Edit User permission to permissions grid (#1859) 2019-09-03 23:54:38 +02:00
Franz Liedke
a61f6d4453 Merge pull request #1854 from flarum/fl/1641-fix-status-codes
Error handling: Fix status codes
2019-09-02 16:33:48 +02:00
dependabot[bot]
e04d825ee2 Bump lodash from 4.17.11 to 4.17.15 in /js (#1863)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.15.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.15)

Signed-off-by: dependabot[bot] <support@github.com>
2019-08-28 09:11:25 +02:00
dependabot[bot]
f95d2a8841 Bump mixin-deep from 1.3.1 to 1.3.2 in /js (#1862)
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)

Signed-off-by: dependabot[bot] <support@github.com>
2019-08-28 09:06:38 +02:00
Franz Liedke
6a6a915732 Remove unnecessary dependency
Refs #1773.
2019-08-22 10:04:38 +02:00
Franz Liedke
54b4292c5e Remove superfluous ForbiddenException
It has the same effect as the PermissionDeniedException, so let's
just use that.

Refs #1641.
2019-08-22 00:06:26 +02:00
Franz Liedke
fbc940412c When signups are prohibited, respond with HTTP 403 2019-08-21 23:48:24 +02:00
Franz Liedke
67aa8d5cef Move authentication check into assertCan() method
This will cause the right error (HTTP 401) to be thrown whenever
we're checking for a specific permission, but the user is not even
logged in. Authenticated users will still get HTTP 403.
2019-08-21 23:48:03 +02:00
Franz Liedke
152b455acf Remove unnecessary indirection 2019-08-21 00:06:32 +02:00
Franz Liedke
ee4a536de1 Document permission check methods 2019-08-21 00:06:31 +02:00
Franz Liedke
7d52a49cfb Fix inconsistent status codes
HTTP 401 should be used when logging in (i.e. authenticating) would make
a difference; HTTP 403 is reserved for requests that fail because the
already authenticated user is not authorized (i.e. lacking permissions)
to do something.
2019-08-21 00:06:31 +02:00
Franz Liedke
7eaa566f9a Travis: Remove deploy key 2019-08-21 00:06:16 +02:00
David Sevilla Martín
6360bd4938 Move to GitHub Actions (#1853) 2019-08-21 00:05:04 +02:00
Franz Liedke
8953bb8cc8 Error handling: Document another interface 2019-08-20 22:20:11 +02:00
Franz Liedke
d41018dd1a Rename method 2019-08-20 20:08:01 +02:00
Franz Liedke
18b887ee39 Error handling: Tweak Reporter interface
Because reporters are used for exceptions we were not able to handle, it
makes sense to simply pass the exception, not the "handled error".
2019-08-20 20:07:56 +02:00
Franz Liedke
3eb1a6f133 Error handling: Document classes and interfaces 2019-08-20 20:07:52 +02:00
Franz Liedke
be5c1f6033 Error handling: Rename renderers to formatters
Refs #1641.
2019-08-20 20:07:47 +02:00
Franz Liedke
8a74becdff Remove obsolete queue config 2019-08-19 22:33:32 +02:00
Daniël Klabbers
c5f5d47d31 Queue support (#1773)
Implementation of clean queue handling, by default sync is used
2019-08-19 21:44:06 +02:00
Franz Liedke
bccd493967 Don't fail when extend.php doesn't return an array
Refs #1607.
2019-08-16 12:29:31 +02:00
Franz Liedke
3feca515c3 #1607: Show more details when catching boot errors 2019-08-16 12:13:47 +02:00
Franz Liedke
430ddefb42 Bubble up exception for invalid confirmation token
This way, the error handler can simply be amended to deal with this
exception type with a dedicated error message or page.

Refs #1337.
Closes #1528.
2019-08-14 19:47:56 +02:00
Franz Liedke
919ebfcc33 Determine error view and message based on type
...not based on status code.

To simplify this logic, we now use the same error "type" both when
routes are not found and specific models are not found. One exception is
ours, one is from Laravel, but for the purposes of error handling they
should be treated the same.

Fixes flarum/core#1641.
2019-08-14 19:47:56 +02:00
flarum-bot
40a8068dea Bundled output for commit 4cd48ac048 [skip ci] 2019-08-14 06:41:45 +00:00
Franz Liedke
4cd48ac048 Tweak translation keys, always use full keys
Makes them easier to grep when editing / removing.

Refs #1750, #1788.
2019-08-14 08:34:36 +02:00
Franz Liedke
e7cdd497dd Extract real method
Refs #1750, #1788.
2019-08-14 08:34:14 +02:00
flarum-bot
c3740281b6 Bundled output for commit be6d42d46f [skip ci] 2019-08-13 21:02:10 +00:00
Tobias Karlsson
be6d42d46f Improve feedback on user deletion
Fixes #1750, #1777
2019-08-13 22:56:24 +02:00
Franz Liedke
fcb3921a42 Merge pull request #1843 from flarum/fl/1641-exception-handling
Implement new error handling stack
2019-08-13 22:45:46 +02:00
Franz Liedke
01c77b8e2a Support multiple error reporters
The error handling middleware now expects an array of reporters.
Extensions can register new reporters in the container like this:

    use Flarum\Foundation\ErrorHandling\Reporter;

    $container->tag(NewReporter::class, Reporter::class);

Note that this is just an implementation detail and will be hidden
behind an extender.
2019-08-10 11:04:12 +02:00
Franz Liedke
f73a39d3f4 Remove old error handler, middleware and tests 2019-08-10 00:26:24 +02:00
Franz Liedke
8e0cd27f54 API Client: Use new error handling mechanism 2019-08-10 00:26:24 +02:00
Franz Liedke
410028dae6 Use new error handler middleware 2019-08-10 00:26:24 +02:00
Franz Liedke
817e54abe0 Wire up new error handling stack 2019-08-10 00:26:23 +02:00
Franz Liedke
13377100fb Make existing extensions compatible with new stack 2019-08-10 00:26:22 +02:00
Franz Liedke
11e76b1965 Implement new error handling stack
This separates the error registry (mapping exception types to status
codes) from actual handling (the middleware) as well as error formatting
(Whoops, pretty error pages or JSON-API?) and reporting (log? Sentry?).

The components can be reused in different places (e.g. the API client
and the error handler middleware both need the registry to understand
all the exceptions Flarum knows how to handle), while still allowing to
change only the parts that need to change (the API stack always uses the
JSON-API formatter, and the forum stack switches between Whoops and
pretty error pages based on debug mode).

Finally, this paves the way for some planned features and extensibility:
- A console error handler can build on top of the registry.
- Extensions can register new exceptions and how to handle them.
- Extensions can change how we report exceptions (e.g. Sentry).
- We can build more pretty error pages, even different ones for
  exceptions having the same status code.
2019-08-10 00:26:22 +02:00
Franz Liedke
dbbfb01e3a Remove obsolete constructor parameter
This was removed in commit 7b2807a8.
2019-08-10 00:16:21 +02:00
flarum-bot
e79d1b8f6b Bundled output for commit 1702929079 [skip ci] 2019-08-08 23:12:56 +00:00
Franz Liedke
1702929079 a11y: Try to make screenreaders read tooltips
Refs #1835.
2019-08-08 22:40:30 +02:00
David Sevilla Martín
b3019e72fe Add canonical URL to discussion list (#1814) 2019-08-08 00:01:25 +02:00
Franz Liedke
2fc2cd5863 Bypass CSRF token check when using access tokens
Fixes #1828.
2019-08-01 22:53:31 +02:00
Franz Liedke
51b33c8cab Make exception message dynamic as well 2019-08-01 22:25:28 +02:00
Daniël Klabbers
a46c9b0c1d Merge branch 'master' of github.com:flarum/core 2019-07-31 17:10:47 +02:00
Daniël Klabbers
9209a5f588 Allows configuration of where the language files live. So that
language packs can optionally decide for themselves if they want
to use a different directory.
2019-07-31 17:10:13 +02:00
Franz Liedke
1169e4aca6 Determine default route after extensions
Fixes #1819.
2019-07-30 00:56:29 +02:00
Franz Liedke
b59aef7838 PHPUnit: Get rid of deprecated annotation
Refs #1795.
2019-07-30 00:09:10 +02:00