X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/3ac34b584930aad5625d29ca6c2e59b85e9d2ef8..refs/pull/3593/head:/app/Exceptions/Handler.php diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php index 0eb62dc31..187664f9e 100644 --- a/app/Exceptions/Handler.php +++ b/app/Exceptions/Handler.php @@ -4,106 +4,119 @@ namespace BookStack\Exceptions; use Exception; use Illuminate\Auth\AuthenticationException; -use Illuminate\Validation\ValidationException; use Illuminate\Database\Eloquent\ModelNotFoundException; -use Symfony\Component\HttpKernel\Exception\HttpException; use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler; -use Illuminate\Auth\Access\AuthorizationException; -use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; +use Illuminate\Http\JsonResponse; +use Illuminate\Http\Request; +use Illuminate\Validation\ValidationException; +use Symfony\Component\HttpKernel\Exception\HttpException; +use Throwable; class Handler extends ExceptionHandler { /** - * A list of the exception types that should not be reported. + * A list of the exception types that are not reported. * * @var array */ protected $dontReport = [ - AuthorizationException::class, - HttpException::class, - ModelNotFoundException::class, - ValidationException::class, + NotFoundException::class, + StoppedAuthenticationException::class, + ]; + + /** + * A list of the inputs that are never flashed for validation exceptions. + * + * @var array + */ + protected $dontFlash = [ + 'current_password', + 'password', + 'password_confirmation', ]; /** * Report or log an exception. - * This is a great spot to send exceptions to Sentry, Bugsnag, etc. * - * @param \Exception $e - * @return mixed - * @throws Exception + * @param \Throwable $exception + * + * @throws \Throwable + * + * @return void */ - public function report(Exception $e) + public function report(Throwable $exception) { - return parent::report($e); + parent::report($exception); } /** * Render an exception into an HTTP response. * - * @param \Illuminate\Http\Request $request - * @param \Exception $e + * @param \Illuminate\Http\Request $request + * @param Exception $e + * * @return \Illuminate\Http\Response */ - public function render($request, Exception $e) + public function render($request, Throwable $e) { - // Handle notify exceptions which will redirect to the - // specified location then show a notification message. - if ($this->isExceptionType($e, NotifyException::class)) { - session()->flash('error', $this->getOriginalMessage($e)); - return redirect($e->redirectLocation); - } - - // Handle pretty exceptions which will show a friendly application-fitting page - // Which will include the basic message to point the user roughly to the cause. - if ($this->isExceptionType($e, PrettyException::class) && !config('app.debug')) { - $message = $this->getOriginalMessage($e); - $code = ($e->getCode() === 0) ? 500 : $e->getCode(); - return response()->view('errors/' . $code, ['message' => $message], $code); - } - - // Handle 404 errors with a loaded session to enable showing user-specific information - if ($this->isExceptionType($e, NotFoundHttpException::class)) { - return \Route::respondWithRoute('fallback'); + if ($this->isApiRequest($request)) { + return $this->renderApiException($e); } return parent::render($request, $e); } /** - * Check the exception chain to compare against the original exception type. - * @param Exception $e - * @param $type - * @return bool + * Check if the given request is an API request. */ - protected function isExceptionType(Exception $e, $type) + protected function isApiRequest(Request $request): bool { - do { - if (is_a($e, $type)) { - return true; - } - } while ($e = $e->getPrevious()); - return false; + return strpos($request->path(), 'api/') === 0; } /** - * Get original exception message. - * @param Exception $e - * @return string + * Render an exception when the API is in use. */ - protected function getOriginalMessage(Exception $e) + protected function renderApiException(Throwable $e): JsonResponse { - do { - $message = $e->getMessage(); - } while ($e = $e->getPrevious()); - return $message; + $code = 500; + $headers = []; + + if ($e instanceof HttpException) { + $code = $e->getStatusCode(); + $headers = $e->getHeaders(); + } + + if ($e instanceof ModelNotFoundException) { + $code = 404; + } + + $responseData = [ + 'error' => [ + 'message' => $e->getMessage(), + ], + ]; + + if ($e instanceof ValidationException) { + $responseData['error']['validation'] = $e->errors(); + $code = $e->status; + } + + if (method_exists($e, 'getStatus')) { + $code = $e->getStatus(); + } + + $responseData['error']['code'] = $code; + + return new JsonResponse($responseData, $code, $headers); } /** * Convert an authentication exception into an unauthenticated response. * - * @param \Illuminate\Http\Request $request - * @param \Illuminate\Auth\AuthenticationException $exception + * @param \Illuminate\Http\Request $request + * @param \Illuminate\Auth\AuthenticationException $exception + * * @return \Illuminate\Http\Response */ protected function unauthenticated($request, AuthenticationException $exception) @@ -118,8 +131,9 @@ class Handler extends ExceptionHandler /** * Convert a validation exception into a JSON response. * - * @param \Illuminate\Http\Request $request - * @param \Illuminate\Validation\ValidationException $exception + * @param \Illuminate\Http\Request $request + * @param \Illuminate\Validation\ValidationException $exception + * * @return \Illuminate\Http\JsonResponse */ protected function invalidJson($request, ValidationException $exception)