FIX: Theme import error handling needs to happen inside the hijack block (#18866)

Otherwise the errors don't get caught.
This commit is contained in:
Daniel Waterworth 2022-11-03 14:02:26 -05:00 committed by GitHub
parent 943c43ddc5
commit 1398bd5f1f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 20 deletions

View File

@ -97,15 +97,14 @@ class Admin::ThemesController < Admin::AdminController
return return
end end
hijack do
begin begin
branch = params[:branch] ? params[:branch] : nil branch = params[:branch] ? params[:branch] : nil
private_key = params[:public_key] ? Discourse.redis.get("ssh_key_#{params[:public_key]}") : nil private_key = params[:public_key] ? Discourse.redis.get("ssh_key_#{params[:public_key]}") : nil
return render_json_error I18n.t("themes.import_error.ssh_key_gone") if params[:public_key].present? && private_key.blank? return render_json_error I18n.t("themes.import_error.ssh_key_gone") if params[:public_key].present? && private_key.blank?
hijack do
@theme = RemoteTheme.import_theme(remote, theme_user, private_key: private_key, branch: branch) @theme = RemoteTheme.import_theme(remote, theme_user, private_key: private_key, branch: branch)
render json: @theme, status: :created render json: @theme, status: :created
end
rescue RemoteTheme::ImportError => e rescue RemoteTheme::ImportError => e
if params[:force] if params[:force]
theme_name = params[:remote].gsub(/.git$/, "").split("/").last theme_name = params[:remote].gsub(/.git$/, "").split("/").last
@ -125,6 +124,7 @@ class Admin::ThemesController < Admin::AdminController
render_json_error e.message render_json_error e.message
end end
end end
end
elsif params[:bundle] || (params[:theme] && THEME_CONTENT_TYPES.include?(params[:theme].content_type)) elsif params[:bundle] || (params[:theme] && THEME_CONTENT_TYPES.include?(params[:theme].content_type))
ban_in_allowlist_mode! ban_in_allowlist_mode!

View File

@ -230,6 +230,14 @@ RSpec.describe Admin::ThemesController do
expect(response.status).to eq(201) expect(response.status).to eq(201)
end end
it 'fails to import with a failing status' do
post "/admin/themes/import.json", params: {
remote: 'non-existant'
}
expect(response.status).to eq(422)
end
it 'can lookup a private key by public key' do it 'can lookup a private key by public key' do
Discourse.redis.setex('ssh_key_abcdef', 1.hour, 'rsa private key') Discourse.redis.setex('ssh_key_abcdef', 1.hour, 'rsa private key')