Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: Return the right response code for invalid theme id.

This commit is contained in:
Guo Xiang Tan 2019-04-11 13:56:43 +08:00
parent 3ac18b92b3
commit 87cca0fb80
2 changed files with 34 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
app/controllers/admin/themes_controller.rb
View File

@ -7,8 +7,10 @@ class Admin::ThemesController < Admin::AdminController
skip_before_action :check_xhr, only: [:show, :preview, :export] skip_before_action :check_xhr, only: [:show, :preview, :export]
def preview def preview
@theme = Theme.find(params[:id]) theme = Theme.find_by(id: params[:id])
redirect_to path("/?preview_theme_id=#{@theme.id}") raise Discourse::InvalidParameters.new(:id) unless theme
redirect_to path("/?preview_theme_id=#{theme.id}")
end end
def upload_asset def upload_asset
@ -148,7 +150,8 @@ class Admin::ThemesController < Admin::AdminController
end end
def update def update
@theme = Theme.find(params[:id]) @theme = Theme.find_by(id: params[:id])
raise Discourse::InvalidParameters.new(:id) unless @theme
original_json = ThemeSerializer.new(@theme, root: false).to_json original_json = ThemeSerializer.new(@theme, root: false).to_json
@ -215,7 +218,9 @@ class Admin::ThemesController < Admin::AdminController
end end
def destroy def destroy
@theme = Theme.find(params[:id]) @theme = Theme.find_by(id: params[:id])
raise Discourse::InvalidParameters.new(:id) unless @theme
StaffActionLogger.new(current_user).log_theme_destroy(@theme) StaffActionLogger.new(current_user).log_theme_destroy(@theme)
@theme.destroy @theme.destroy
@ -225,12 +230,15 @@ class Admin::ThemesController < Admin::AdminController
end end
def show def show
@theme = Theme.find(params[:id]) @theme = Theme.find_by(id: params[:id])
raise Discourse::InvalidParameters.new(:id) unless @theme
render json: ThemeSerializer.new(@theme) render json: ThemeSerializer.new(@theme)
end end
def export def export
@theme = Theme.find(params[:id]) @theme = Theme.find_by(id: params[:id])
raise Discourse::InvalidParameters.new(:id) unless @theme
exporter = ThemeStore::TgzExporter.new(@theme) exporter = ThemeStore::TgzExporter.new(@theme)
file_path = exporter.package_filename file_path = exporter.package_filename

20
spec/requests/admin/themes_controller_spec.rb
View File

@ -218,6 +218,12 @@ describe Admin::ThemesController do
describe '#update' do describe '#update' do
let(:theme) { Fabricate(:theme) } let(:theme) { Fabricate(:theme) }
it 'returns the right response when an invalid id is given' do
put "/admin/themes/99999.json"
expect(response.status).to eq(400)
end
it 'can change default theme' do it 'can change default theme' do
SiteSetting.default_theme_id = -1 SiteSetting.default_theme_id = -1
@ -342,6 +348,12 @@ describe Admin::ThemesController do
describe '#destroy' do describe '#destroy' do
let(:theme) { Fabricate(:theme) } let(:theme) { Fabricate(:theme) }
it 'returns the right response when an invalid id is given' do
delete "/admin/themes/9999.json"
expect(response.status).to eq(400)
end
it "deletes the field's javascript cache" do it "deletes the field's javascript cache" do
theme.set_field(target: :common, name: :header, value: '<script>console.log("test")</script>') theme.set_field(target: :common, name: :header, value: '<script>console.log("test")</script>')
theme.save! theme.save!
@ -356,4 +368,12 @@ describe Admin::ThemesController do
expect { javascript_cache.reload }.to raise_error(ActiveRecord::RecordNotFound) expect { javascript_cache.reload }.to raise_error(ActiveRecord::RecordNotFound)
end end
end end
describe '#preview' do
it "should return the right response when an invalid id is given" do
get "/admin/themes/9999/preview.json"
expect(response.status).to eq(400)
end
end
end end