mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2025-03-30 06:45:29 +00:00
Code Issues Projects Releases Wiki Activity

Convert 403 errors to 404 errors

Browse source
This commit is contained in:
Yassine Guedidi 2025-03-12 23:54:28 +01:00
parent 1447c183a4
commit 3bd434091f
8 changed files with 46 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -2,6 +2,7 @@
## Upcoming changes ## Upcoming changes
* **[BC BREAK]** Convert 403 errors to 404 errors by @yguedidi in https://github.com/wallabag/wallabag/pull/8075
* `wallassets/` folder renamed to `build/` * `wallassets/` folder renamed to `build/`
## [2.6.10](https://github.com/wallabag/wallabag/tree/2.6.10) ## [2.6.10](https://github.com/wallabag/wallabag/tree/2.6.10)

29
src/Event/Subscriber/AccessDeniedToNotFoundSubscriber.php Normal file
View file

@ -0,0 +1,29 @@
<?php
namespace Wallabag\Event\Subscriber;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\ExceptionEvent;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\HttpKernel\KernelEvents;
class AccessDeniedToNotFoundSubscriber implements EventSubscriberInterface
{
public static function getSubscribedEvents(): array
{
return [
KernelEvents::EXCEPTION => 'onKernelException',
];
}
public function onKernelException(ExceptionEvent $event): void
{
$exception = $event->getThrowable();
if ($exception instanceof AccessDeniedHttpException) {
$notFoundException = new NotFoundHttpException('', $exception);
$event->setThrowable($notFoundException);
}
}
}

2
tests/Controller/Api/DeveloperControllerTest.php
View file

@ -105,7 +105,7 @@ class DeveloperControllerTest extends WallabagTestCase
$this->logInAs('bob'); $this->logInAs('bob');
$client->request('POST', '/developer/client/delete/' . $adminApiClient->getId()); $client->request('POST', '/developer/client/delete/' . $adminApiClient->getId());
$this->assertSame(403, $client->getResponse()->getStatusCode()); $this->assertSame(404, $client->getResponse()->getStatusCode());
// Try to remove the admin's client with the good user // Try to remove the admin's client with the good user
$this->logInAs('admin'); $this->logInAs('admin');

6
tests/Controller/Api/EntryRestControllerTest.php
View file

@ -110,7 +110,7 @@ class EntryRestControllerTest extends WallabagApiTestCase
$this->client->request('GET', '/api/entries/' . $entry->getId() . '.json'); $this->client->request('GET', '/api/entries/' . $entry->getId() . '.json');
$this->assertSame(403, $this->client->getResponse()->getStatusCode()); $this->assertSame(404, $this->client->getResponse()->getStatusCode());
} }
public function testGetEntries() public function testGetEntries()
@ -1260,14 +1260,14 @@ class EntryRestControllerTest extends WallabagApiTestCase
{ {
$this->client->request('GET', '/api/entries/exists?url='); $this->client->request('GET', '/api/entries/exists?url=');
$this->assertSame(403, $this->client->getResponse()->getStatusCode()); $this->assertSame(404, $this->client->getResponse()->getStatusCode());
} }
public function testGetEntriesExistsWithNoHashedUrl() public function testGetEntriesExistsWithNoHashedUrl()
{ {
$this->client->request('GET', '/api/entries/exists?hashed_url='); $this->client->request('GET', '/api/entries/exists?hashed_url=');
$this->assertSame(403, $this->client->getResponse()->getStatusCode()); $this->assertSame(404, $this->client->getResponse()->getStatusCode());
} }
public function testReloadEntryErrorWhileFetching() public function testReloadEntryErrorWhileFetching()

18
tests/Controller/ConfigControllerTest.php
View file

@ -577,9 +577,9 @@ class ConfigControllerTest extends WallabagTestCase
$crawler = $client->request('GET', '/tagging-rule/delete/' . $rule->getId()); $crawler = $client->request('GET', '/tagging-rule/delete/' . $rule->getId());
$this->assertSame(403, $client->getResponse()->getStatusCode()); $this->assertSame(404, $client->getResponse()->getStatusCode());
$this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text'])); $this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text']));
$this->assertStringContainsString('You can not access this rule', $body[0]); $this->assertStringContainsString('404: Not Found', $body[0]);
} }
public function testEditingTaggingRuleFromAnOtherUser() public function testEditingTaggingRuleFromAnOtherUser()
@ -593,9 +593,9 @@ class ConfigControllerTest extends WallabagTestCase
$crawler = $client->request('GET', '/tagging-rule/edit/' . $rule->getId()); $crawler = $client->request('GET', '/tagging-rule/edit/' . $rule->getId());
$this->assertSame(403, $client->getResponse()->getStatusCode()); $this->assertSame(404, $client->getResponse()->getStatusCode());
$this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text'])); $this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text']));
$this->assertStringContainsString('You can not access this rule', $body[0]); $this->assertStringContainsString('404: Not Found', $body[0]);
} }
public function testIgnoreOriginRuleCreation() public function testIgnoreOriginRuleCreation()
@ -714,9 +714,9 @@ class ConfigControllerTest extends WallabagTestCase
$crawler = $client->request('GET', '/ignore-origin-user-rule/edit/' . $rule->getId()); $crawler = $client->request('GET', '/ignore-origin-user-rule/edit/' . $rule->getId());
$this->assertSame(403, $client->getResponse()->getStatusCode()); $this->assertSame(404, $client->getResponse()->getStatusCode());
$this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text'])); $this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text']));
$this->assertStringContainsString('You can not access this rule', $body[0]); $this->assertStringContainsString('404: Not Found', $body[0]);
} }
public function testEditingIgnoreOriginRuleFromAnOtherUser() public function testEditingIgnoreOriginRuleFromAnOtherUser()
@ -730,9 +730,9 @@ class ConfigControllerTest extends WallabagTestCase
$crawler = $client->request('GET', '/ignore-origin-user-rule/edit/' . $rule->getId()); $crawler = $client->request('GET', '/ignore-origin-user-rule/edit/' . $rule->getId());
$this->assertSame(403, $client->getResponse()->getStatusCode()); $this->assertSame(404, $client->getResponse()->getStatusCode());
$this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text'])); $this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text']));
$this->assertStringContainsString('You can not access this rule', $body[0]); $this->assertStringContainsString('404: Not Found', $body[0]);
} }
public function testDeleteUserButtonVisibility() public function testDeleteUserButtonVisibility()
@ -767,7 +767,7 @@ class ConfigControllerTest extends WallabagTestCase
$this->assertStringNotContainsString('config.form_user.delete.button', $body[0]); $this->assertStringNotContainsString('config.form_user.delete.button', $body[0]);
$client->request('POST', '/account/delete'); $client->request('POST', '/account/delete');
$this->assertSame(403, $client->getResponse()->getStatusCode()); $this->assertSame(404, $client->getResponse()->getStatusCode());
$user = $em $user = $em
->getRepository(User::class) ->getRepository(User::class)

2
tests/Controller/EntryControllerTest.php
View file

@ -781,7 +781,7 @@ class EntryControllerTest extends WallabagTestCase
$client->request('GET', '/view/' . $content->getId()); $client->request('GET', '/view/' . $content->getId());
$this->assertSame(403, $client->getResponse()->getStatusCode()); $this->assertSame(404, $client->getResponse()->getStatusCode());
} }
public function testFilterOnReadingTime() public function testFilterOnReadingTime()

2
tests/Controller/SettingsControllerTest.php
View file

@ -27,6 +27,6 @@ class SettingsControllerTest extends WallabagTestCase
$crawler = $client->request('GET', '/settings'); $crawler = $client->request('GET', '/settings');
$this->assertSame(403, $client->getResponse()->getStatusCode()); $this->assertSame(404, $client->getResponse()->getStatusCode());
} }
} }

2
tests/Controller/SiteCredentialControllerTest.php
View file

@ -114,7 +114,7 @@ class SiteCredentialControllerTest extends WallabagTestCase
$client->request('GET', '/site-credentials/' . $credential->getId() . '/edit'); $client->request('GET', '/site-credentials/' . $credential->getId() . '/edit');
$this->assertSame(403, $client->getResponse()->getStatusCode()); $this->assertSame(404, $client->getResponse()->getStatusCode());
} }
public function testDeleteSiteCredential() public function testDeleteSiteCredential()