BookStack/app/Exceptions/Handler.php

<?php

namespace BookStack\Exceptions;

use Exception;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Validation\ValidationException;
use Symfony\Component\HttpKernel\Exception\HttpException;
use Throwable;

class Handler extends ExceptionHandler
{
    /**
     * A list of the exception types that are not reported.
     *
     * @var array
     */
    protected $dontReport = [
        NotFoundException::class,
        StoppedAuthenticationException::class,
    ];

    /**
     * A list of the inputs that are never flashed for validation exceptions.
     *
     * @var array
     */
    protected $dontFlash = [
        'current_password',
        'password',
        'password_confirmation',
    ];

    /**
     * Report or log an exception.
     *
     * @param \Throwable $exception
     *
     * @throws \Throwable
     *
     * @return void
     */
    public function report(Throwable $exception)
    {
        parent::report($exception);
    }

    /**
     * Render an exception into an HTTP response.
     *
     * @param \Illuminate\Http\Request $request
     * @param Exception                $e
     *
     * @return \Illuminate\Http\Response
     */
    public function render($request, Throwable $e)
    {
        if ($this->isApiRequest($request)) {
            return $this->renderApiException($e);
        }

        return parent::render($request, $e);
    }

    /**
     * Check if the given request is an API request.
     */
    protected function isApiRequest(Request $request): bool
    {
        return strpos($request->path(), 'api/') === 0;
    }

    /**
     * Render an exception when the API is in use.
     */
    protected function renderApiException(Throwable $e): JsonResponse
    {
        $code = 500;
        $headers = [];

        if ($e instanceof HttpException) {
            $code = $e->getStatusCode();
            $headers = $e->getHeaders();
        }

        if ($e instanceof ModelNotFoundException) {
            $code = 404;
        }

        $responseData = [
            'error' => [
                'message' => $e->getMessage(),
            ],
        ];

        if ($e instanceof ValidationException) {
            $responseData['error']['validation'] = $e->errors();
            $code = $e->status;
        }

        if (method_exists($e, 'getStatus')) {
            $code = $e->getStatus();
        }

        $responseData['error']['code'] = $code;

        return new JsonResponse($responseData, $code, $headers);
    }

    /**
     * Convert an authentication exception into an unauthenticated response.
     *
     * @param \Illuminate\Http\Request                 $request
     * @param \Illuminate\Auth\AuthenticationException $exception
     *
     * @return \Illuminate\Http\Response
     */
    protected function unauthenticated($request, AuthenticationException $exception)
    {
        if ($request->expectsJson()) {
            return response()->json(['error' => 'Unauthenticated.'], 401);
        }

        return redirect()->guest('login');
    }

    /**
     * Convert a validation exception into a JSON response.
     *
     * @param \Illuminate\Http\Request                   $request
     * @param \Illuminate\Validation\ValidationException $exception
     *
     * @return \Illuminate\Http\JsonResponse
     */
    protected function invalidJson($request, ValidationException $exception)
    {
        return response()->json($exception->errors(), $exception->status);
    }
}
Initial commit 2015-07-12 15:01:42 -04:00			`<?php`

Change application namespace to BookStack 2015-09-10 14:31:09 -04:00			`namespace BookStack\Exceptions;`
Initial commit 2015-07-12 15:01:42 -04:00
			`use Exception;`
Upgraded to Laravel 5.4 2017-01-25 14:35:40 -05:00			`use Illuminate\Auth\AuthenticationException;`
Fixed related permissions query not considering drafts Page-related items added on drafts could be visible in certain scenarios since the applied permissions query filters would not consider page draft visibility. This commit alters queries on related items to apply such filtering. Included test to cover API scenario. Thanks to @haxatron for reporting. 2021-11-29 19:06:17 -05:00			`use Illuminate\Database\Eloquent\ModelNotFoundException;`
Initial commit 2015-07-12 15:01:42 -04:00			`use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;`
Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`use Illuminate\Http\JsonResponse;`
			`use Illuminate\Http\Request;`
Fleshed out entity provided and optimized imports 2018-09-25 11:58:03 -04:00			`use Illuminate\Validation\ValidationException;`
			`use Symfony\Component\HttpKernel\Exception\HttpException;`
Laravel 7.x Shift (#3011) * Apply Laravel coding style * Shift bindings * Shift core files * Shift to Throwable * Add laravel/ui dependency * Shift Eloquent methods * Shift config files * Shift Laravel dependencies * Shift cleanup * Shift test config and references * Applied styleci changes * Applied fixes post shift to laravel 7 Co-authored-by: Shift <shift@laravelshift.com> 2021-10-26 17:04:18 -04:00			`use Throwable;`
Initial commit 2015-07-12 15:01:42 -04:00
			`class Handler extends ExceptionHandler`
			`{`
			`/**`
Better aligned handler with core laravel 2021-03-02 16:59:12 -05:00			`* A list of the exception types that are not reported.`
Initial commit 2015-07-12 15:01:42 -04:00			`*`
			`* @var array`
			`*/`
			`protected $dontReport = [`
Prevented entity "Not Found" events from being logged - Added testing to cover, which was more hassle than thought since Laravel did not have built in log test helpers, so: - Added Log testing helper. Related to #2110 2020-05-23 06:26:48 -04:00			`NotFoundException::class,`
Prevented inadvertant logging during MFA flow - Added StoppedAuthenticationException to dontReport list. - Added test to cover. Closes #3468 2022-05-30 13:31:08 -04:00			`StoppedAuthenticationException::class,`
Initial commit 2015-07-12 15:01:42 -04:00			`];`

Better aligned handler with core laravel 2021-03-02 16:59:12 -05:00			`/**`
			`* A list of the inputs that are never flashed for validation exceptions.`
			`*`
			`* @var array`
			`*/`
			`protected $dontFlash = [`
Laravel 8 shift squash & merge (#3029) * Temporarily moved back config path * Apply Laravel coding style * Shift exception handler * Shift HTTP kernel and middleware * Shift service providers * Convert options array to fluent methods * Shift to class based routes * Shift console routes * Ignore temporary framework files * Shift to class based factories * Namespace seeders * Shift PSR-4 autoloading * Shift config files * Default config files * Shift Laravel dependencies * Shift return type of base TestCase methods * Shift cleanup * Applied stylci style changes * Reverted config files location * Applied manual changes to Laravel 8 shift Co-authored-by: Shift <shift@laravelshift.com> 2021-10-30 16:29:59 -04:00			`'current_password',`
Better aligned handler with core laravel 2021-03-02 16:59:12 -05:00			`'password',`
			`'password_confirmation',`
			`];`

Initial commit 2015-07-12 15:01:42 -04:00			`/**`
			`* Report or log an exception.`
			`*`
Laravel 7.x Shift (#3011) * Apply Laravel coding style * Shift bindings * Shift core files * Shift to Throwable * Add laravel/ui dependency * Shift Eloquent methods * Shift config files * Shift Laravel dependencies * Shift cleanup * Shift test config and references * Applied styleci changes * Applied fixes post shift to laravel 7 Co-authored-by: Shift <shift@laravelshift.com> 2021-10-26 17:04:18 -04:00			`* @param \Throwable $exception`
Better aligned handler with core laravel 2021-03-02 16:59:12 -05:00			`*`
Laravel 7.x Shift (#3011) * Apply Laravel coding style * Shift bindings * Shift core files * Shift to Throwable * Add laravel/ui dependency * Shift Eloquent methods * Shift config files * Shift Laravel dependencies * Shift cleanup * Shift test config and references * Applied styleci changes * Applied fixes post shift to laravel 7 Co-authored-by: Shift <shift@laravelshift.com> 2021-10-26 17:04:18 -04:00			`* @throws \Throwable`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`*`
			`* @return void`
Initial commit 2015-07-12 15:01:42 -04:00			`*/`
Laravel 7.x Shift (#3011) * Apply Laravel coding style * Shift bindings * Shift core files * Shift to Throwable * Add laravel/ui dependency * Shift Eloquent methods * Shift config files * Shift Laravel dependencies * Shift cleanup * Shift test config and references * Applied styleci changes * Applied fixes post shift to laravel 7 Co-authored-by: Shift <shift@laravelshift.com> 2021-10-26 17:04:18 -04:00			`public function report(Throwable $exception)`
Initial commit 2015-07-12 15:01:42 -04:00			`{`
Better aligned handler with core laravel 2021-03-02 16:59:12 -05:00			`parent::report($exception);`
Initial commit 2015-07-12 15:01:42 -04:00			`}`

			`/**`
			`* Render an exception into an HTTP response.`
			`*`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`* @param \Illuminate\Http\Request $request`
			`* @param Exception $e`
			`*`
Initial commit 2015-07-12 15:01:42 -04:00			`* @return \Illuminate\Http\Response`
			`*/`
Laravel 7.x Shift (#3011) * Apply Laravel coding style * Shift bindings * Shift core files * Shift to Throwable * Add laravel/ui dependency * Shift Eloquent methods * Shift config files * Shift Laravel dependencies * Shift cleanup * Shift test config and references * Applied styleci changes * Applied fixes post shift to laravel 7 Co-authored-by: Shift <shift@laravelshift.com> 2021-10-26 17:04:18 -04:00			`public function render($request, Throwable $e)`
Initial commit 2015-07-12 15:01:42 -04:00			`{`
Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`if ($this->isApiRequest($request)) {`
			`return $this->renderApiException($e);`
			`}`

Initial commit 2015-07-12 15:01:42 -04:00			`return parent::render($request, $e);`
			`}`
Improved Exception handling, Removed npm requirement for testing 2016-09-03 07:08:58 -04:00
Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`/**`
			`* Check if the given request is an API request.`
			`*/`
			`protected function isApiRequest(Request $request): bool`
			`{`
			`return strpos($request->path(), 'api/') === 0;`
			`}`

			`/**`
			`* Render an exception when the API is in use.`
			`*/`
Fixed related permissions query not considering drafts Page-related items added on drafts could be visible in certain scenarios since the applied permissions query filters would not consider page draft visibility. This commit alters queries on related items to apply such filtering. Included test to cover API scenario. Thanks to @haxatron for reporting. 2021-11-29 19:06:17 -05:00			`protected function renderApiException(Throwable $e): JsonResponse`
Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`{`
Fixed related permissions query not considering drafts Page-related items added on drafts could be visible in certain scenarios since the applied permissions query filters would not consider page draft visibility. This commit alters queries on related items to apply such filtering. Included test to cover API scenario. Thanks to @haxatron for reporting. 2021-11-29 19:06:17 -05:00			`$code = 500;`
Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`$headers = [];`
Fixed related permissions query not considering drafts Page-related items added on drafts could be visible in certain scenarios since the applied permissions query filters would not consider page draft visibility. This commit alters queries on related items to apply such filtering. Included test to cover API scenario. Thanks to @haxatron for reporting. 2021-11-29 19:06:17 -05:00
Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`if ($e instanceof HttpException) {`
			`$code = $e->getStatusCode();`
			`$headers = $e->getHeaders();`
			`}`

Fixed related permissions query not considering drafts Page-related items added on drafts could be visible in certain scenarios since the applied permissions query filters would not consider page draft visibility. This commit alters queries on related items to apply such filtering. Included test to cover API scenario. Thanks to @haxatron for reporting. 2021-11-29 19:06:17 -05:00			`if ($e instanceof ModelNotFoundException) {`
			`$code = 404;`
			`}`

Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`$responseData = [`
			`'error' => [`
			`'message' => $e->getMessage(),`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`],`
Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`];`

			`if ($e instanceof ValidationException) {`
			`$responseData['error']['validation'] = $e->errors();`
			`$code = $e->status;`
			`}`

Added user-create API endpoint - Required extracting logic into repo. - Changed some existing creation paths to standardise behaviour. - Added test to cover new endpoint. - Added extra test for user delete to test migration. - Changed how permission errors are thrown to ensure the right status code can be reported when handled in API. 2022-02-03 19:26:19 -05:00			`if (method_exists($e, 'getStatus')) {`
			`$code = $e->getStatus();`
			`}`

Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`$responseData['error']['code'] = $code;`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00
Added configurable API throttling, Handled API errors standardly 2020-01-18 10:03:28 -05:00			`return new JsonResponse($responseData, $code, $headers);`
			`}`

Laravel 5.3 upgrade (#189) * Started move to laravel 5.3 * Started updating login & registration flows for laravel 5.3 update * Updated app emails to notification system * Fixed registations bugs and removed email confirmation model * Fixed large portion of laravel post-upgrade issues * Fixed and tested LDAP process 2016-09-17 13:22:04 -04:00			`/**`
			`* Convert an authentication exception into an unauthenticated response.`
			`*`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`* @param \Illuminate\Http\Request $request`
			`* @param \Illuminate\Auth\AuthenticationException $exception`
			`*`
Laravel 5.3 upgrade (#189) * Started move to laravel 5.3 * Started updating login & registration flows for laravel 5.3 update * Updated app emails to notification system * Fixed registations bugs and removed email confirmation model * Fixed large portion of laravel post-upgrade issues * Fixed and tested LDAP process 2016-09-17 13:22:04 -04:00			`* @return \Illuminate\Http\Response`
			`*/`
			`protected function unauthenticated($request, AuthenticationException $exception)`
			`{`
			`if ($request->expectsJson()) {`
			`return response()->json(['error' => 'Unauthenticated.'], 401);`
			`}`

			`return redirect()->guest('login');`
			`}`
Updated to laravel 5.5 Closes #590 2017-11-19 10:56:06 -05:00
			`/**`
			`* Convert a validation exception into a JSON response.`
			`*`
Apply fixes from StyleCI 2021-06-26 11:23:15 -04:00			`* @param \Illuminate\Http\Request $request`
			`* @param \Illuminate\Validation\ValidationException $exception`
			`*`
Updated to laravel 5.5 Closes #590 2017-11-19 10:56:06 -05:00			`* @return \Illuminate\Http\JsonResponse`
			`*/`
			`protected function invalidJson($request, ValidationException $exception)`
			`{`
			`return response()->json($exception->errors(), $exception->status);`
			`}`
Initial commit 2015-07-12 15:01:42 -04:00			`}`