#41 ✓resolved

Un-handled exception when running a private search and not logged in

Reported by James | August 25th, 2008 @ 01:30 PM | in 1.1

If a non-logged-in user (e.g. visitor) tries to run a private search, Kete will return an error (i.e. status code 500 if in production). This should be handled and return a 401 Unauthorized code.

To reproduce

  1. Start a Kete instance
  2. Log out
  3. Visit http://[hostname]/site/all/private/topics?sort_type=last_modified (replace hostname with the actual hostname of your Kete instance)
  4. Notice the NoMethodError returned

To fix

Ensure that the populate_result_sets_for method in SearchController returns an authorization error that can be handled correctly and ensure handling for authorization errors is in place.

Comments and changes to this ticket

  • Kieran P

    Kieran P August 25th, 2008 @ 06:54 PM

    • Assigned user changed from “Kete” to “Kieran P”

    Judging by the URL you posted in your steps, its using the new private in url code I pushed to a branch (now merged into master). I'll take a look ASAP.

  • Kieran P

    Kieran P August 26th, 2008 @ 02:21 PM

    • State changed from “new” to “open”
    • Milestone set to 1.1

    I've fixed this issue and pushed to Github at bugfix_lh_41_unauthorized_search_wrong_error

    Changes: http://github.com/kete/kete/comm...

    It now defaults, like the rest of the site, to public version/search if they don't have access.

    The error was caused by some logic I wrote over around a month ago. It was evaluating as it was wrote, but not the way I thought it would when I wrote it. I've changed it based on what I know now.

    Please test and see if you get the desired effect (given public results) instead of the error now.

  • Walter McGinnis

    Walter McGinnis August 26th, 2008 @ 02:35 PM

    Looks good to me. James, can you test the fix and merge into master if it works as expected.

    Kieran, I assume you tested the other cases for searches, too. So it doesn't break any existing functionality, correct?

    On Aug 26, 2008, at 2:21 PM, Lighthouse wrote:

  • Kieran P

    Kieran P August 26th, 2008 @ 05:10 PM

    Yes, I tested a few different searches and they appear unbroken with this fix.

  • James

    James August 26th, 2008 @ 05:28 PM

    Looks like this resolves the issue.

    Kieran, can you merge in and resolve please.

    Cheers, James

  • Kieran P

    Kieran P August 26th, 2008 @ 05:54 PM

    • State changed from “open” to “resolved”

    Bugfix merged in. Resolving ticket.

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Kete was developed by Horowhenua Library Trust and Katipo Communications Ltd. to build a digital library of Horowhenua material.

People watching this ticket