From 5d4bd1b8514808d8e6afcc2330445d1ed2060fa8 Mon Sep 17 00:00:00 2001
From: farhatahmad <35435341+farhatahmad@users.noreply.github.com>
Date: Tue, 9 Jul 2019 11:00:33 -0400
Subject: [PATCH] GRN2-174: Added 404 if user does not exist (#609)

* Added 404 if user does not exist

* Differentiated between 404 and 500

* Rspec fixes
---
 app/controllers/application_controller.rb     | 17 +++++++++--
 app/views/errors/not_found.html.erb           | 15 ++++++----
 config/locales/en.yml                         |  2 ++
 .../application_controller_spec.rb            | 28 +++++++++++++++++++
 4 files changed, 54 insertions(+), 8 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 95bb979b..c8943667 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -131,10 +131,21 @@ class ApplicationController < ActionController::Base
   end
 
   def set_user_domain
-    @user_domain = if Rails.env.test? || !Rails.configuration.loadbalanced_configuration
-      "greenlight"
+    if Rails.env.test? || !Rails.configuration.loadbalanced_configuration
+      @user_domain = "greenlight"
     else
-      parse_user_domain(request.host)
+      @user_domain = parse_user_domain(request.host)
+
+      # Checks to see if the user exists
+      begin
+        retrieve_provider_info(@user_domain, 'api2', 'getUserGreenlightCredentials')
+      rescue => e
+        if e.message.eql? "No user with that id exists"
+          render "errors/not_found", locals: { user_not_found: true }
+        else
+          render "errors/internal_error"
+        end
+      end
     end
   end
   helper_method :set_user_domain
diff --git a/app/views/errors/not_found.html.erb b/app/views/errors/not_found.html.erb
index 647e34c8..95bdcbbb 100644
--- a/app/views/errors/not_found.html.erb
+++ b/app/views/errors/not_found.html.erb
@@ -15,9 +15,14 @@
 
 <div class="container text-center pt-9">
   <div class="display-1 text-muted mb-5">404</div>
-  <h1 class="h2 mb-3"><%= t("errors.not_found.message") %></h1>
-  <p class="h4 text-muted font-weight-normal mb-7"><%= t("errors.not_found.help") %></p>
-  <a class="btn btn-primary" href="javascript:history.back()">
-    <i class="fas fa-arrow-left mr-2"></i><%= t("go_back") %>
-  </a>
+  <% if defined?(user_not_found) %>
+    <h1 class="h2 mb-3"><%= t("errors.not_found.user_message") %></h1>
+    <p class="h4 text-muted font-weight-normal mb-7"><%= t("errors.not_found.user_help") %></p>
+  <% else %>
+    <h1 class="h2 mb-3"><%= t("errors.not_found.message") %></h1>
+    <p class="h4 text-muted font-weight-normal mb-7"><%= t("errors.not_found.help") %></p>
+    <a class="btn btn-primary" href="javascript:history.back()">
+      <i class="fas fa-arrow-left mr-2"></i><%= t("go_back") %>
+    </a>
+  <% end %>
 </div>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 1e444d3c..375f164c 100755
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -140,6 +140,8 @@ en:
     not_found:
       message: Whoops! Looks like we can't find that.
       help: Is it possible its been removed?
+      user_message: User Not Found.
+      user_help: Sorry, this user is not registered.
     title: Errors
     unauthorized:
       message: You do not have access to this application
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
index 0d5e9550..14bf1f65 100644
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@@ -31,6 +31,10 @@ describe ApplicationController do
     def error
       raise BigBlueButton::BigBlueButtonException
     end
+
+    def user_not_found
+      set_user_domain
+    end
   end
 
   context "roles" do
@@ -66,5 +70,29 @@ describe ApplicationController do
       get :error
       expect(response).to render_template("errors/bigbluebutton_error")
     end
+
+    it "renders a 404 error if user is not found" do
+      allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
+      allow(Rails.env).to receive(:test?).and_return(false)
+      allow_any_instance_of(SessionsHelper).to receive(:parse_user_domain).and_return("")
+      allow_any_instance_of(BbbApi).to receive(:retrieve_provider_info).and_raise("No user with that id exists")
+
+      routes.draw { get "user_not_found" => "anonymous#user_not_found" }
+
+      get :user_not_found
+      expect(response).to render_template("errors/not_found")
+    end
+
+    it "renders a 500 error if any other error is not found" do
+      allow(Rails.configuration).to receive(:loadbalanced_configuration).and_return(true)
+      allow(Rails.env).to receive(:test?).and_return(false)
+      allow_any_instance_of(SessionsHelper).to receive(:parse_user_domain).and_return("")
+      allow_any_instance_of(BbbApi).to receive(:retrieve_provider_info).and_raise("Other error")
+
+      routes.draw { get "user_not_found" => "anonymous#user_not_found" }
+
+      get :user_not_found
+      expect(response).to render_template("errors/internal_error")
+    end
   end
 end