From 9aec9c6a6332c2bb08ea1fab90c8c7b6f8d40eb5 Mon Sep 17 00:00:00 2001 From: Hannah Wolfe Date: Mon, 6 Mar 2017 16:37:16 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Use=20isIgnitionError=20to=20det?= =?UTF-8?q?ect=20unhandled=20errors=20(#8100)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit closes #8099, refs https://github.com/TryGhost/Ignition/issues/28 - use new utility to detect if an error has not yet been handled & convert it to a generic Ghost error - update theme_spec tests to include checking error messages, which catches this issue --- core/server/middleware/error-handler.js | 2 +- .../test/functional/routes/api/themes_spec.js | 20 +++++++++++++++++-- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/core/server/middleware/error-handler.js b/core/server/middleware/error-handler.js index 6d533501bd..8d1bf44d51 100644 --- a/core/server/middleware/error-handler.js +++ b/core/server/middleware/error-handler.js @@ -58,7 +58,7 @@ _private.prepareError = function prepareError(err, req, res, next) { err = err[0]; } - if (!(err instanceof errors.GhostError)) { + if (!errors.utils.isIgnitionError(err)) { // We need a special case for 404 errors // @TODO look at adding this to the GhostError class if (err.statusCode && err.statusCode === 404) { diff --git a/core/test/functional/routes/api/themes_spec.js b/core/test/functional/routes/api/themes_spec.js index 71a89267a0..c362e71724 100644 --- a/core/test/functional/routes/api/themes_spec.js +++ b/core/test/functional/routes/api/themes_spec.js @@ -255,6 +255,12 @@ describe('Themes API', function () { } res.statusCode.should.eql(403); + + should.exist(res.body.errors); + res.body.errors.should.be.an.Array().with.lengthOf(1); + res.body.errors[0].errorType.should.eql('NoPermissionError'); + res.body.errors[0].message.should.eql('You do not have permission to add themes'); + done(); }); }); @@ -263,11 +269,16 @@ describe('Themes API', function () { request.del(testUtils.API.getApiQuery('themes/test')) .set('Authorization', 'Bearer ' + scope.editorAccessToken) .expect(403) - .end(function (err) { + .end(function (err, res) { if (err) { return done(err); } + should.exist(res.body.errors); + res.body.errors.should.be.an.Array().with.lengthOf(1); + res.body.errors[0].errorType.should.eql('NoPermissionError'); + res.body.errors[0].message.should.eql('You do not have permission to destroy themes'); + done(); }); }); @@ -276,11 +287,16 @@ describe('Themes API', function () { request.get(testUtils.API.getApiQuery('themes/casper/download/')) .set('Authorization', 'Bearer ' + scope.editorAccessToken) .expect(403) - .end(function (err) { + .end(function (err, res) { if (err) { return done(err); } + should.exist(res.body.errors); + res.body.errors.should.be.an.Array().with.lengthOf(1); + res.body.errors[0].errorType.should.eql('NoPermissionError'); + res.body.errors[0].message.should.eql('You do not have permission to read themes'); + done(); }); });