Skip to content

Commit

Permalink
Merge pull request #215 from munen/bugfix/73385046/raise-on-failed-state
Browse files Browse the repository at this point in the history 
raise an error if api/talks#update fails to set state
  • Loading branch information
@munen
munen committed Jun 19, 2014
2 parents fb13b5b + c43109c commit 74584ee
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 0 deletions.
12 changes: 12 additions & 0 deletions app/controllers/api/talks_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,14 @@ def update
# TODO check for security issue (whitelist methods)
msg = send @method, msg if respond_to? @method

# this is critical, so raise an error if it fails
if validate_state(state)
raise "Critical: Failed to set state #{state} " +
"for user #{current_user.id} " +
"on talk #{@talk.id} " +
"with method #{@method}"
end

publish msg.to_hash
head :ok
end
Expand Down Expand Up @@ -95,4 +103,8 @@ def verified_request?
super || form_authenticity_token == request.headers['X-XSRF-TOKEN']
end

def validate_state(state)
state && state != @talk.reload.session[current_user.id][:state]
end

end
7 changes: 7 additions & 0 deletions spec/controllers/api/talks_controller_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,13 @@
response.status.should be(422)
end

it 'raises error when state cannot be set' do
Api::TalksController.any_instance.stub(:validate_state).and_raise
expect {
put :update, id: @talk.id, msg: { state: 'WaitingForPromotion' }
}.to raise_error
end

end

# as host sending events for other user
Expand Down

0 comments on commit 74584ee

Please sign in to comment.