X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/1aa4d0dc59fb118c6cf28fd71af366c1882da74b..refs/pull/2700/head:/app/Exceptions/Handler.php diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php index a979072e2..196897164 100644 --- a/app/Exceptions/Handler.php +++ b/app/Exceptions/Handler.php @@ -4,54 +4,67 @@ namespace BookStack\Exceptions; use Exception; use Illuminate\Auth\AuthenticationException; +use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler; +use Illuminate\Http\JsonResponse; use Illuminate\Http\Request; -use Illuminate\Pipeline\Pipeline; use Illuminate\Validation\ValidationException; -use Illuminate\Database\Eloquent\ModelNotFoundException; use Symfony\Component\HttpKernel\Exception\HttpException; -use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler; -use Illuminate\Auth\Access\AuthorizationException; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; class Handler extends ExceptionHandler { /** - * A list of the exception types that should not be reported. + * A list of the exception types that are not reported. * * @var array */ protected $dontReport = [ - AuthorizationException::class, - HttpException::class, - ModelNotFoundException::class, - ValidationException::class, + NotFoundException::class, + ]; + + /** + * A list of the inputs that are never flashed for validation exceptions. + * + * @var array + */ + protected $dontFlash = [ + 'password', + 'password_confirmation', ]; /** * Report or log an exception. - * This is a great spot to send exceptions to Sentry, Bugsnag, etc. * - * @param \Exception $e - * @return mixed + * @param Exception $exception + * @return void + * + * @throws Exception */ - public function report(Exception $e) + public function report(Exception $exception) { - return parent::report($e); + parent::report($exception); } /** * Render an exception into an HTTP response. * * @param \Illuminate\Http\Request $request - * @param \Exception $e + * @param Exception $e * @return \Illuminate\Http\Response */ public function render($request, Exception $e) { + if ($this->isApiRequest($request)) { + return $this->renderApiException($e); + } + // Handle notify exceptions which will redirect to the // specified location then show a notification message. if ($this->isExceptionType($e, NotifyException::class)) { - session()->flash('error', $this->getOriginalMessage($e)); + $message = $this->getOriginalMessage($e); + if (!empty($message)) { + session()->flash('error', $message); + } return redirect($e->redirectLocation); } @@ -65,49 +78,65 @@ class Handler extends ExceptionHandler // Handle 404 errors with a loaded session to enable showing user-specific information if ($this->isExceptionType($e, NotFoundHttpException::class)) { - return $this->loadErrorMiddleware($request, function ($request) use ($e) { - $message = $e->getMessage() ?: trans('errors.404_page_not_found'); - return response()->view('errors/404', ['message' => $message], 404); - }); + return \Route::respondWithRoute('fallback'); } return parent::render($request, $e); } /** - * Load the middleware required to show state/session-enabled error pages. - * @param Request $request - * @param $callback - * @return mixed + * Check if the given request is an API request. */ - protected function loadErrorMiddleware(Request $request, $callback) + protected function isApiRequest(Request $request): bool { - $middleware = (\Route::getMiddlewareGroups()['web_errors']); - return (new Pipeline($this->container)) - ->send($request) - ->through($middleware) - ->then($callback); + return strpos($request->path(), 'api/') === 0; + } + + /** + * Render an exception when the API is in use. + */ + protected function renderApiException(Exception $e): JsonResponse + { + $code = $e->getCode() === 0 ? 500 : $e->getCode(); + $headers = []; + if ($e instanceof HttpException) { + $code = $e->getStatusCode(); + $headers = $e->getHeaders(); + } + + $responseData = [ + 'error' => [ + 'message' => $e->getMessage(), + ] + ]; + + if ($e instanceof ValidationException) { + $responseData['error']['validation'] = $e->errors(); + $code = $e->status; + } + + $responseData['error']['code'] = $code; + return new JsonResponse($responseData, $code, $headers); } /** * Check the exception chain to compare against the original exception type. - * @param Exception $e - * @param $type - * @return bool */ - protected function isExceptionType(Exception $e, $type) { + protected function isExceptionType(Exception $e, string $type): bool + { do { - if (is_a($e, $type)) return true; + if (is_a($e, $type)) { + return true; + } } while ($e = $e->getPrevious()); return false; } /** * Get original exception message. - * @param Exception $e - * @return string */ - protected function getOriginalMessage(Exception $e) { + protected function getOriginalMessage(Exception $e): string + { do { $message = $e->getMessage(); } while ($e = $e->getPrevious());