FIX: return 429 when admin api key is limited on admin route

This also handles a general case where exceptions leak out prior to being handled by the application controller
2025-05-22 06:41:25 +08:00 · 2018-01-12 14:15:10 +11:00
parent dcbaf2f213
commit 49ed382c2a
39 changed files with 322 additions and 349 deletions
--- a/lib/middleware/discourse_public_exceptions.rb
+++ b/lib/middleware/discourse_public_exceptions.rb
@ -0,0 +1,31 @@
+# since all the rescue from clauses are not caught by the application controller for matches
+# we need to handle certain exceptions here
+module Middleware
+  class DiscoursePublicExceptions < ::ActionDispatch::PublicExceptions
+
+    def initialize(path)
+      super
+    end
+
+    def call(env)
+      # this is so so gnarly
+      # sometimes we leak out exceptions prior to creating a controller instance
+      # this can happen if we have an exception in a route constraint in some cases
+      # this code re-dispatches the exception to our application controller so we can
+      # properly translate the exception to a page
+      exception = env["action_dispatch.exception"]
+      response = ActionDispatch::Response.new
+
+      if exception
+        fake_controller = ApplicationController.new
+        fake_controller.response = response
+
+        if ApplicationController.rescue_with_handler(exception, object: fake_controller)
+          return [response.status, response.headers, response.body]
+        end
+      end
+      super
+    end
+
+  end
+end