Impossible to delete a flash - ruby-on-rails

I made a mistake before migrating a plugin, and have written
flash[:notice] = :label_presta_added
instead of
flash[:notice] = l(:label_presta_added)
I corrected my mistake but it seems that my Redmine Plugin has trashed my Redmine. Even though I delete my plugin a migrate once again, I still get this error:
Started GET "/" for 127.0.0.1 at 2016-06-01 22:21:37 +0200
Processing by WelcomeController#index as HTML
Current user: admin (id=1)
Rendered welcome/index.html.erb within layouts/base (28.1ms)
Completed 500 Internal Server Error in 366ms (ActiveRecord: 116.0ms)
ActionView::Template::Error (undefined method `html_safe' for :label_presta_added:Symbol
Did you mean? html_safe?):
97: <div id="sidebar">
98: <%= yield :sidebar %>
99: <%= view_layouts_base_sidebar_hook_response %>
100: </div>
101:
102: <div id="content">
103: <%= render_flash_messages %>
app/helpers/application_helper.rb:312:in `block in render_flash_messages'
app/helpers/application_helper.rb:311:in `render_flash_messages'
app/views/layouts/base.html.erb:100:in `_app_views_layouts_base_html_erb__4104276684161420982_39604440'
lib/redmine/sudo_mode.rb:63:in `sudo_mode'
Can somebody give me a hand here?
Thanks in advance!

This is stored in your session, so usually changing the session secret key will invalidate all sessions and discard any old session data.
You can also try and rescue to clear it out as a one-time deal.

Have you restarted the server? Or you can use flash[:notice] = nil to remove it.

It looks like it throws a html_safe error. Can you see if the method which is rendering the flash is using html_safe? It looks like its coming from there.
Not sure exactly, may be shooting in the dark.
But read these and try may be:
actionview::template::error(undefined method 'html_safe' for nil:NilClass)
http://www.redmine.org/issues/8477

Related

redmine upgrade to 3.4.4 not working [ActionView::Template::Error (undefined method `default_users_time_zone')]

Every thing worked fine for me with Redmine 3.3. Now I wanted to upgrade to 3.4.4 and Redmine is no longer running. I searched the internet but did not find the exact same problem. Similar problems where caused by plugins but I do not have any plugins installed. I use the Passenger Docker image of Redmine.
The logs give me the following error message:
Processing by WelcomeController#index as HTML
Current user: anonymous
Redirected to http://0.0.0.0/login?back_url=http%3A%2F%2F0.0.0.0%2F
Filter chain halted as :check_if_login_required rendered or redirected
Completed 302 Found in 60ms (ActiveRecord: 3.7ms)
App 179 stdout:
Started GET "/login?back_url=https%3A%2F%2Fredmine.mydomain.tld%2F" for 95.90.204.176 at 2018-03-14 19:10:26 +0000
Processing by AccountController#login as HTML
Parameters: {"back_url"=>"https://redmine.mydomain.tld/"}
Current user: anonymous
Rendered account/login.html.erb within layouts/base (24.1ms)
Completed 500 Internal Server Error in 219ms (ActiveRecord: 4.3ms)
ActionView::Template::Error (undefined method `default_users_time_zone' for #<Class:0x00000000055f2120>
Did you mean? default_users_hide_mail):
11: <%= favicon %>
12: <%= stylesheet_link_tag 'jquery/jquery-ui-1.11.0', 'application', 'responsive', :media => 'all' %>
13: <%= stylesheet_link_tag 'rtl', :media => 'all' if l(:direction) == 'rtl' %>
14: <%= javascript_heads %>
15: <%= heads_for_theme %>
16: <%= call_hook :view_layouts_base_html_head %>
17: <!-- page specific tags -->
app/models/user_preference.rb:44:in `initialize'
app/models/user.rb:949:in `pref'
app/helpers/application_helper.rb:1451:in `javascript_heads'
app/views/layouts/base.html.erb:14:in `_app_views_layouts_base_html_erb__2446195152155203147_36658300'
lib/redmine/sudo_mode.rb:63:in `sudo_mode'
What could that be? I need to upgrade to 3.4 because I want to use a plugin but the plugin requires version 3.4 in use.
It was my fault! I did not copy every new settings file to my mounted config directory.

Request in Capybara a GET, when it should be a POST

So this is a pretty basic Rails 5 application using Docker, which includes some user authentication that I built from scratch (not using Devise etc). Now, I want to start learning about request specs with Capybara, but I'm hitting what seems like a pretty strange issue with it.
Here's my login form (sessions.new.erb):
<%= form_tag sessions_path do %>
<form class="m-t" role="form" action="/">
<div class="form-group">
<%= text_field_tag :email, params[:email], class: 'form-control', placeholder: "Email Address", required: "" %>
</div>
<div class="form-group">
<%= password_field_tag(:password, nil, class: 'form-control', placeholder: "Password", required: "") %>
</div>
<div class="form-group">
<%= check_box_tag :remember_me, 1, params[:remember_me] %>
<%= label_tag :remember_me %>
</div>
<div class="actions"><%= submit_tag "Log In", class: "btn btn-primary block full-width m-b" %></div>
</form>
<% end %>
And my requests/sessions_spec.rb:
require "rails_helper"
RSpec.feature "Login", :type => :feature do
scenario "handles wrong email and password gracefully" do
visit login_path
fill_in "Email Address", :with => "something"
fill_in "Password", :with => "something"
click_button "Log In"
expect(page).to have_text("Email or password incorrect")
end
end
Now, this works if you test it manually so I would presume Capybara would see the same thing. But it kept failing. I've got the application configured so that if you try and access a protected controller and you're not logged in, it redirects you to /login and flashes a message to say Please log in to see this page. The Rspec test was returning that, which was weird - that suggested that Capybara was trying to visit another page.
So I tailed the test logs (docker-compose run web tail -f log/test.log)
And what I found is puzzling me:
Started GET "/login" for 127.0.0.1 at 2017-10-17 06:59:26 +0000
Processing by SessionsController#new as HTML
Rendering sessions/new.html.erb within layouts/empty
Rendered sessions/new.html.erb within layouts/empty (1.1ms)
Completed 200 OK in 6ms (Views: 6.1ms | ActiveRecord: 0.0ms)
Started GET "/?email=something&password=[FILTERED]&commit=Log+In" for 127.0.0.1 at 2017-10-17 06:59:26 +0000
Started GET "/locations" for 127.0.0.1 at 2017-10-17 06:59:26 +0000
Processing by LocationsController#index as HTML
Redirected to http://www.example.com/login
Filter chain halted as :authenticate rendered or redirected
Completed 302 Found in 2ms (ActiveRecord: 0.0ms)
Started GET "/login" for 127.0.0.1 at 2017-10-17 06:59:26 +0000
Processing by SessionsController#new as HTML
Rendering sessions/new.html.erb within layouts/empty
Rendered sessions/new.html.erb within layouts/empty (1.1ms)
Completed 200 OK in 6ms (Views: 4.9ms | ActiveRecord: 0.0ms)
(0.4ms) ROLLBACK
The first bit is okay, GET Login is processed by the SessionsController#new. But then, (see line 6) for some reason Capybara tried to GET the root URL, passing the email/password params in. My root URL is mapped to the LocationsController#index, which the user isn't allowed to access, so gets redirected back to /login with the message Please log in to see this page. What that button actually does is send a POST to SessionsController#create. And if you watch the logs when you do it manually, that's exactly what happens:
web_1 | Started POST "/sessions" for 172.18.0.1 at 2017-10-17 07:02:19+0000
web_1 | Processing by SessionsController#create as HTML
I can't work out why in Capybara when you press the button it performs a completely different request to when you click the button manually.
Help greatly appreciated!
A couple of clarifications first.
You're not writing request specs, you're writing feature specs (as evidenced by the use of RSpec.feature and :type => :feature
You don't need to specify :type => :feature when using RSpec.feature since that's already set.
Now on to your issue. You have nested forms in your view code since form_tag creates a <form>element and then you have another <form> element directly inside that (Note: it's always better to post the actual HTML rather than the erb so people can see what the actual HTML is). Combine that with the fact you appear to be using the rack-test driver (no js: true metadata) which won't behave the same way as a real browser when the HTML is invalid (which nested forms are), and you end up with your current behavior. I would guess when you use it with a real browser the inside form element is ignored and the outer form element has a method attribute equal to "post" so it gets posted. When using rack-test it's probably submitting the inner form element which has no method attribute and therefore defaults to "get". Remove the extraneous <form class="m-t" role="form" action="/"> form element from your view and things should work.

current_user available when using firefox but not Chrome

I am using Rails and Devise in a Rails application.
In my code, I am trying to use current_user in layouts/_header.html.erb.
<% Rails.logger.debug("Time is: #{Time.now} - Current User: #{current_user}") %>
When I use Firefox on my MAC to run the application, here's what I have in the log file:
Time is: 2013-06-18 16:21:42 - Current User: #<User:0x007fae442cf020>
When I use Chrome on my MAC to run the application, here's what I have in the log file:
Time is: 2013-06-18 16:20:33 - Current User:
Rendered layouts/_promo_bar.html.erb (3.4ms)
Completed 500 Internal Server Error in 657ms
ActionView::Template::Error (undefined method `email' for nil:NilClass):
27: <div class="promo-bar-box last-right-box">
28: <div class="request-invitation-text">
29: <% Rails.logger.debug("Time is: #{Time.now} - Current User: #{current_user}") %>
30: <% reg_user = user_registered_for_event(current_user.email) %>
app/views/layouts/_promo_bar.html.erb:30:in `_app_views_layouts__promo_bar_html_erb__785786602602486184_70193263335300'
Any ideas?
It looks like you are accessing a page without having logged in yet. If the session isn't set then current_user isn't going to exist and throw an error when trying to access one of its attributes, in this case being the user's email.
If you are logged in, try clearing your session cookie via Devloper Tools (hamburger icon > tools > Developer Tools). And reloading the page.

Devise warden 401 Unauthorized when wrong credentials

I have a quite standard Devise login procedure with:
View:
resource_name, :url => session_path(resource_name)) do |f| %>
<%= f.input :password, input_html: {class: "span6"} %>
<% if devise_mapping.rememberable? -%>
<p><%= f.check_box :remember_me %> Remember me</p>
<% end -%>
<input type="hidden" name="after_sign_in_page" value="<%=#after_sign_in_page%>">
<p><%= f.submit "Sign in", class: "btn btn-success" %></p>
And I just created a sessioncontroller to downcase the email:
class SessionsController < Devise::SessionsController
def create
params[:user][:email].downcase!
super
logger.debug "Errors: #{resource.errors}"
end
A login with good credentials happens fine.
With wrong credentials, It redirects to the sign-in page with this log:
Started POST "/users/sign_in" for 127.0.0.1 at 2013-01-10 09:59:44 +0100
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"8eytQkr20JOOOdDvpCWakbmUzNoaHMxK9/BSEVxETik=", "user"=>{"email"=>"nicolas#demoreau.be", "password"=>"[FILTERED]", "remember_me"=>"0"}, "after_sign_in_page"=>"", "commit"=>"Sign in"}
Time zone: (GMT+00:00) UTC, current area: , user to register: , current controller: sessions
Completed 401 Unauthorized in 69ms
Processing by SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"8eytQkr20JOOOdDvpCWakbmUzNoaHMxK9/BSEVxETik=", "user"=>{"email"=>"nicolas#demoreau.be", "password"=>"[FILTERED]", "remember_me"=>"0"}, "after_sign_in_page"=>"", "commit"=>"Sign in"}
Rendered devise/sessions/_new.html.erb (17.8ms)
Rendered devise/sessions/new.html.erb within layouts/application (19.7ms)
Rendered layouts/_header.html.erb (66.1ms)
Completed 200 OK in 173ms (Views: 98.3ms | ActiveRecord: 0.9ms)
Apparently the 401 is dropped by Warden but I couldn't figure out why.
The user is correctly redirected back to the login page but there is no error message displayed (which is normal as they are wiped out by the redirect)
What am I doing wrong?
thanks!
EDIT 1:
For now, I found a quick hack. I added this in SessionsController#new
if params[:user]
flash[:alert] = "Incorrect login or password"
end
Not very elegant but at least, I have something.
First of all, let me advice you against overriding Devise controllers:
In this case, Devise takes care of transforming the email to lower
case for you, so there's really no need to overwrite the create method.
Your app will support Devise updates seamlessly if you stick to the
standard.
Also, Devise should set a flash error automatically, make sure you're displaying it in your view.
The status code 401 is just a standard response for unauthorized requests.
401 Unauthorized is similar to 403 Forbidden, but specifically for use
when authentication is required and has failed or has not yet been
provided
http://en.wikipedia.org/wiki/List_of_HTTP_status_codes
You should definitely consider dropping your custom controller,
Cheers
Your flash message is not going to be set because Devise::SessionsController#create calls warden for the authentication which, in case of failures, will call Devise::FailureApp. Your controller never handles the failure scenarios.
If you want a custom message, you can customize the failure app for that, there are some articles in the Devise wiki explaining how to do so.
But in general, you can customize your failure messages via I18n and there is probably a better way to achieve what you want without a need to override Devise controllers.
I agree with jassa, just update your Devise version (with bundle update devise).
Case insensitive emails are already present in Devise, just make sure you have this config:
# devise.rb
Devise.setup do |config|
config.case_insensitive_keys = [:email ]
end
In any case, since you seem to be missing some flash messages and this config, perhaps it would better if you just re-ran the generator:
rails generate devise:install
You should then let Devise overwrite some files, just make sure you backup yours first.

Rails 3 Occasional Routing Error

I'm running Rails 3.1.1 and getting an odd bug. In development (haven't yet tried pushing to production with it) I'm occasionally getting routing errors in my controller or in my mailer template when it tries to generate a url for a newly created record. This happens even though the record is created successfully and appears to have nothing to do with the record properties (I can recreate a record with the exact same params right after and not get the error, it seems totally random when it happens).
It seems to happen maybe one in 10 times, though I can't say I ever saw an incident of it happening before I added the mailer action.
There's one more potentially complicating factor: I'm using an encryption method to obfuscate the record's id in its URL, but this is otherwise working without a hitch. To do this I adapted the method discussed here
It seems to me like the URL's not generated in time for the link_to call some of the time... But that doesn't make much sense to me. I didn't think race conditions were something I needed to worry about here.
Here are my error logs when this happens in the controller (when the params don't call for an email to be generated):
ActionController::RoutingError (No route matches {:action=>"show", :controller=>"watch_lists", :id=>#<WatchList id: 195, title: "sfdsfd", created_at: "2012-03-19 05:18:46", updated_at: "2012-03-19 05:18:46", public_list: false>}):
app/controllers/watch_lists_controller.rb:72:in `block (2 levels) in create'
app/controllers/watch_lists_controller.rb:56:in `create'
And here's when it happens in the mailer template (when the params do call for an email to be generated before the render command):
Rendered watch_list_mailer/share_notification.html.erb (3.2ms)
Completed 500 Internal Server Error in 113ms
ActionView::Template::Error (No route matches {:action=>"show", :controller=>"watch_lists", :id=>#<WatchList id: 210, title: "sdggsgsg", created_at: "2012-03-19 05:47:17", updated_at: "2012-03-19 05:47:17", public_list: true>}):
20: <% end %>
21: <% end %><br>
22: <br>
23: Here's a link to your WatchList: <%= link_to #wl.title, watch_list_url(#wl) %><br>
24: <br>
25: Enjoy!
26: </p>
app/views/watch_list_mailer/share_notification.html.erb:23:in `_app_views_watch_list_mailer_share_notification_html_erb___1391186431365383285_70156615518000'
app/mailers/watch_list_mailer.rb:12:in `share_notification'
app/controllers/watch_lists_controller.rb:124:in `share_notification'
app/controllers/watch_lists_controller.rb:68:in `block (2 levels) in create'
app/controllers/watch_lists_controller.rb:63:in `each'
app/controllers/watch_lists_controller.rb:63:in `block in create'
app/controllers/watch_lists_controller.rb:56:in `create'
EDIT: Upon further testing, this appears to happen regardless of whether I include the mail task. It seems most likely spurred by the obfuscation of the links. It's possible that the encoding of the links has something to do with it (I had to make sure to URI-escape them to prevent slashes in the wrong places elsewhere in my code). I'll investigate this futher and report back.
It was a problem with the id encryption creating invalid links occasionally and me failing to account for that in early enough in the process.
In lib/obfuscate.rb
def uri_encrypt(value)
URI.escape(self.encrypt(value), Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
end
In my model
def to_param
uri_encrypt(id)
end

Resources