From 27c9926bf064f9cc63b76f2398e4315cb6adb55f Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Wed, 11 Feb 2026 13:25:45 -0600 Subject: [PATCH] app: Add ParameterMissing exception handling This way, if a parameter is missing in a request, it is logged as a 400 Bad Request instead of a 500 Internal Server Error. --- app/controllers/concerns/exception_handling.rb | 5 +++++ app/views/application/bad_request.html.erb | 7 +++++++ spec/request/fees_request_spec.rb | 5 +++-- spec/request/tind_download_request_spec.rb | 3 ++- spec/request/validate_proxy_patron_request_spec.rb | 3 ++- 5 files changed, 19 insertions(+), 4 deletions(-) create mode 100644 app/views/application/bad_request.html.erb diff --git a/app/controllers/concerns/exception_handling.rb b/app/controllers/concerns/exception_handling.rb index c953dcb0..44f7c15b 100644 --- a/app/controllers/concerns/exception_handling.rb +++ b/app/controllers/concerns/exception_handling.rb @@ -29,6 +29,11 @@ def log_error(error) render :not_found, status: :not_found, locals: { exception: error } end + rescue_from ActionController::ParameterMissing do |error| + log_error(error) + render :bad_request, status: :bad_request, locals: { exception: error } + end + rescue_from Error::PatronApiError do |error| log_error(error) render :patron_api_error, status: :service_unavailable diff --git a/app/views/application/bad_request.html.erb b/app/views/application/bad_request.html.erb new file mode 100644 index 00000000..0749e5a3 --- /dev/null +++ b/app/views/application/bad_request.html.erb @@ -0,0 +1,7 @@ +

Bad Request

+ +

Your browser sent a request that the server does not understand.

+ +<% if defined?(exception) && Rails.env.test? %> + <%= render(partial: 'exception_details', locals: { exception: exception }) %> +<% end %> diff --git a/spec/request/fees_request_spec.rb b/spec/request/fees_request_spec.rb index ee90a049..89043ccd 100644 --- a/spec/request/fees_request_spec.rb +++ b/spec/request/fees_request_spec.rb @@ -12,8 +12,9 @@ def base_url_for(user_id = nil) allow(Rails.application.config).to receive(:alma_api_key).and_return(alma_api_key) end - it 'throws a ParameterMissing error if request has no jwt' do - expect { get fees_path }.to raise_error(ActionController::ParameterMissing) + it 'shows a Bad Request error if request has no jwt' do + get fees_path + expect(response).to have_http_status(:bad_request) end it 'redirects to error page if request has a non-existant alma id' do diff --git a/spec/request/tind_download_request_spec.rb b/spec/request/tind_download_request_spec.rb index d9dff711..16bec080 100644 --- a/spec/request/tind_download_request_spec.rb +++ b/spec/request/tind_download_request_spec.rb @@ -114,7 +114,8 @@ describe 'find_collection' do it 'requires a collection' do - expect { get tind_download_find_collection_path }.to raise_error(ActionController::ParameterMissing) + get tind_download_find_collection_path + expect(response).to have_http_status :bad_request end it 'returns the matching collection name list' do diff --git a/spec/request/validate_proxy_patron_request_spec.rb b/spec/request/validate_proxy_patron_request_spec.rb index 1c9d618d..18297119 100644 --- a/spec/request/validate_proxy_patron_request_spec.rb +++ b/spec/request/validate_proxy_patron_request_spec.rb @@ -16,7 +16,8 @@ def base_url_for(user_id) end it 'alerts user of invalid parameters' do - expect { post('/validate_proxy_patron') }.to raise_error ActionController::ParameterMissing + post('/validate_proxy_patron') + expect(response).to have_http_status :bad_request end it 'alerts user if they failed to authenticate' do