Class: ProxES::Middleware::ErrorHandling

Inherits:

Object

• Object
• ProxES::Middleware::ErrorHandling

Includes:

Wisper::Publisher

Defined in:

lib/proxes/middleware/error_handling.rb

Instance Attribute Summary

• #logger ⇒ Object readonly

  Returns the value of attribute logger.

Instance Method Summary

• #call(env) ⇒ Object
• #error(message, code = 500) ⇒ Object

  Response Helpers.

• #initialize(app, logger = nil) ⇒ ErrorHandling constructor

  A new instance of ErrorHandling.

• #log_not_authorized(request) ⇒ Object
• #login_and_redirect(request) ⇒ Object
• #redirect(destination, code = 302) ⇒ Object

Constructor Details

#initialize(app, logger = nil) ⇒ ErrorHandling

Returns a new instance of ErrorHandling.

# File 'lib/proxes/middleware/error_handling.rb', line 14

def initialize(app, logger = nil)
  @app = app
  @logger = logger || ::Ditty::Services::Logger
end

Instance Attribute Details

#logger ⇒ Object (readonly)

Returns the value of attribute logger.

# File 'lib/proxes/middleware/error_handling.rb', line 10

def logger
  @logger
end

Instance Method Details

#call(env) ⇒ Object

# File 'lib/proxes/middleware/error_handling.rb', line 19

def call(env)
  request = ProxES::Request.from_env(env)
  response = @app.call env
  broadcast(:es_request_failed, request, response) unless (200..299).cover?(response[0])
  response
rescue Errno::EHOSTUNREACH
  error 'Could not reach Elasticsearch at ' + ENV['ELASTICSEARCH_URL']
rescue Errno::ECONNREFUSED, Faraday::ConnectionFailed, SocketError
  error 'Elasticsearch not listening at ' + ENV['ELASTICSEARCH_URL']
rescue Pundit::NotAuthorizedError, Ditty::Helpers::NotAuthenticated => e
  broadcast(:es_request_denied, request, e)
  log_not_authorized request
  raise e if ENV['APP_ENV'] == 'development'
  return [401, {}, []] if request.head?

  request.html? && request.user.nil? ? login_and_redirect(request) : error('Not Authorized', 401)
rescue StandardError => e
  broadcast(:es_request_denied, request, e)
  log_not_authorized request
  raise e if ENV['APP_ENV'] == 'development'
  return [403, {}. []] if request.head?

  error 'Forbidden', 403
end

#error(message, code = 500) ⇒ Object

Response Helpers

# File 'lib/proxes/middleware/error_handling.rb', line 50

def error(message, code = 500)
  headers = { 'Content-Type' => 'application/json' }
  headers['WWW-Authenticate'] = 'Basic realm="Authorization Required"' if code == 401
  [code, headers, ['{"error":"' + message + '"}']]
end

#log_not_authorized(request) ⇒ Object

# File 'lib/proxes/middleware/error_handling.rb', line 44

def log_not_authorized(request)
  user = request.user ? request.user.email : 'unauthenticated request'
  logger.error "Access denied for #{user} by security layer: #{request.detail} #{request.indices.join(',')}"
end

#login_and_redirect(request) ⇒ Object

# File 'lib/proxes/middleware/error_handling.rb', line 56

def login_and_redirect(request)
  request.session['omniauth.origin'] = request.url unless request.url == '/_proxes/auth/login'
  redirect '/_proxes/auth/login'
end

#redirect(destination, code = 302) ⇒ Object

# File 'lib/proxes/middleware/error_handling.rb', line 61

def redirect(destination, code = 302)
  [code, { 'Location' => destination }, []]
end