uclibs · crowesn · Oct 5, 2023 · Sep 27, 2023 · Sep 27, 2023 · Sep 29, 2023
diff --git a/app/controllers/errors_controller.rb b/app/controllers/errors_controller.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+# app/controllers/errors_controller.rb
+class ErrorsController < ApplicationController
+  # Per Infosec, all errors should route to the 404 page, not the 422 or 500 pages.
+  def not_found
+    render template: 'errors/404', layout: 'application', status: :not_found
+  end
+end
diff --git a/app/controllers/pages_controller.rb b/app/controllers/pages_controller.rb
@@ -9,7 +9,7 @@ def show
     if valid_page?
       render template: "pages/#{safe_page}"
     else
-      render file: 'public/404.html', status: :not_found
+      render template: 'errors/404', status: :not_found
     end
   end
 

diff --git a/public/404.html → app/views/errors/404.html.erb b/public/404.html → app/views/errors/404.html.erb
diff --git a/config/application.rb b/config/application.rb
@@ -13,6 +13,7 @@ module Aaec
   class Application < Rails::Application
     # Initialize configuration defaults for originally generated Rails version.
     config.load_defaults 6.1
+    config.exceptions_app = routes
 
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration can go into files in config/initializers

diff --git a/config/routes.rb b/config/routes.rb
@@ -1,29 +1,43 @@
 # frozen_string_literal: true
 
 Rails.application.routes.draw do
-  resources :colleges
+  # Resource routes
   resources :artworks
-  resources :books
   resources :book_chapters
+  resources :books
+  resources :colleges
   resources :digital_projects
   resources :editings
   resources :films
   resources :journal_articles
   resources :musical_scores
+  resources :other_publications
   resources :photographies
   resources :physical_media
   resources :plays
   resources :public_performances
-  resources :other_publications
   resources :submitters
+
+  # Admin-related routes
   get 'citations', to: 'admin#citations'
   get 'toggle_links', to: 'admin#toggle_links'
-  get 'publications', to: 'publications#index'
-  get 'publications/:id', to: 'publications#index'
   get 'manage', to: 'admin#login'
   post 'manage/validate', to: 'admin#validate'
+  get '/csv/:controller_name', to: 'admin#csv', as: 'controller_name'
+
+  # Publications and submission routes
+  get 'publications', to: 'publications#index'
+  get 'publications/:id', to: 'publications#index'
   get 'finished', to: 'submitters#finished'
+
+  # Dynamic pages
   get '/pages/:page' => 'pages#show'
-  get '/csv/:controller_name', to: 'admin#csv', as: 'controller_name'
+
+  # Root URL
   root 'submitters#new'
+
+  # Custom Error Pages
+  match '/404', to: 'errors#not_found', via: :all
+  match '/500', to: 'errors#not_found', via: :all
+  match '/422', to: 'errors#not_found', via: :all
 end
diff --git a/public/422.html b/public/422.html
diff --git a/public/500.html b/public/500.html
diff --git a/spec/controllers/admin_controller/admin_controller_csv_spec.rb b/spec/controllers/admin_controller/admin_controller_csv_spec.rb
@@ -3,20 +3,39 @@
 require 'rails_helper'
 
 RSpec.describe AdminController, type: :controller do
+  let(:common_params) { { 'controller_name' => 'other_publications' } }
+  let(:admin_session) { { 'admin' => true } }
+
   describe 'GET #csv' do
-    it 'returns a csv when admin' do
-      get(:csv, params: { :format => 'csv', 'controller_name' => 'other_publications' }, session: { 'admin' => true })
-      expect(response.status).to eq 200
-    end
+    context 'when the user is an admin' do
+      it 'returns a 200 status when requesting a CSV format' do
+        get(:csv, params: common_params.merge({ format: 'csv' }), session: admin_session)
+        expect(response.status).to eq(200)
+      end
+
+      it 'redirects when an invalid format is provided' do
+        get(:csv, params: common_params.merge({ format: 'html' }), session: admin_session)
+        expect(response).to redirect_to('/publications')
+      end
+
+      context 'when a StandardError is raised' do
+        before do
+          allow(OtherPublication).to receive(:to_csv).and_raise(StandardError)
+        end
 
-    it 'redirects when invalid format and admin' do
-      get(:csv, params: { :format => 'html', 'controller_name' => 'other_publications' }, session: { 'admin' => true })
-      expect(response).to redirect_to('/publications')
+        it 'redirects with a notice' do
+          get(:csv, params: common_params.merge({ format: 'csv' }), session: admin_session)
+          expect(response).to redirect_to('/publications')
+          expect(flash[:notice]).to eq('Something went wrong while generating the CSV.')
+        end
+      end
     end
 
-    it 'redirects when not admin but valid' do
-      get(:csv, params: { :format => 'csv', 'controller_name' => 'other_publications' })
-      expect(response).to redirect_to('/publications')
+    context 'when the user is not an admin' do
+      it 'redirects even if a valid format is provided' do
+        get(:csv, params: common_params.merge({ format: 'csv' }))
+        expect(response).to redirect_to('/publications')
+      end
     end
   end
 end
diff --git a/...ontrollers/application_controller_spec.rb → ...application_controller_check_date_spec.rb b/...ontrollers/application_controller_spec.rb → ...application_controller_check_date_spec.rb
@@ -5,13 +5,18 @@
 RSpec.describe ApplicationController, type: :controller do
   include ApplicationHelper
 
-  controller do
+  controller(ApplicationController) do
     def index
       render plain: 'Hello, world!'
     end
   end
 
   describe 'before_action :check_date' do
+    it 'should be called before every action' do
+      expect(controller).to receive(:check_date)
+      get :index
+    end
+
     context 'when EXPIRATION_DATE is in the past and user is not admin' do
       it 'redirects to the closed page' do
         allow(ENV).to receive(:fetch).with('EXPIRATION_DATE').and_return('2000-01-01')
@@ -39,7 +44,9 @@ def index
 
     context 'when EXPIRATION_DATE is missing' do
       it 'raises a KeyError' do
+        # Stub ENV to simulate KeyError
         allow(ENV).to receive(:fetch).with('EXPIRATION_DATE').and_raise(KeyError)
+
         expect { get :index }.to raise_error(KeyError)
       end
     end

diff --git a/spec/controllers/errors_controller_spec.rb b/spec/controllers/errors_controller_spec.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+# spec/controllers/errors_controller_spec.rb
+
+require 'rails_helper'
+
+RSpec.describe ErrorsController, type: :controller do
+  describe 'GET #not_found' do
+    before do
+      get :not_found
+    end
+    it 'renders the not_found template' do
+      expect(response).to render_template('errors/404')
+      expect(response).to render_template('layouts/application')
+    end
+
+    it 'returns HTTP status 404' do
+      expect(response).to have_http_status(404)
+    end
+  end
+end
diff --git a/spec/controllers/pages_controller_spec.rb b/spec/controllers/pages_controller_spec.rb
@@ -15,10 +15,14 @@
     end
 
     context 'when page is invalid' do
-      it 'with invalid params' do
+      it 'returns a 404 status' do
         get :show, params: { page: 'bad' }
         expect(response.status).to eq(404)
-        expect(response.body).to have_text('The page you requested cannot be found')
+      end
+
+      it 'renders the 404 template' do
+        get :show, params: { page: 'bad' }
+        expect(response).to render_template('errors/404')
       end
     end
   end

diff --git a/spec/routing/admin_routing_spec.rb b/spec/routing/admin_routing_spec.rb
@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+# spec/routes/admin_routes_spec.rb
+
+require 'rails_helper'
+
+RSpec.describe 'Admin Routes', type: :routing do
+  describe 'GET #citations' do
+    it 'routes to admin#citations' do
+      expect(get: '/citations').to route_to('admin#citations')
+    end
+  end
+
+  describe 'GET #toggle_links' do
+    it 'routes to admin#toggle_links' do
+      expect(get: '/toggle_links').to route_to('admin#toggle_links')
+    end
+  end
+
+  describe 'GET #manage' do
+    it 'routes to admin#login' do
+      expect(get: '/manage').to route_to('admin#login')
+    end
+  end
+
+  describe 'POST #manage/validate' do
+    it 'routes to admin#validate' do
+      expect(post: '/manage/validate').to route_to('admin#validate')
+    end
+  end
+
+  describe 'GET #csv/:controller_name' do
+    it 'routes to admin#csv' do
+      expect(get: '/csv/example_controller').to route_to('admin#csv', controller_name: 'example_controller')
+    end
+  end
+end
diff --git a/spec/routing/dynamic_pages_routing_spec.rb b/spec/routing/dynamic_pages_routing_spec.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe PagesController, type: :routing do
+  describe 'routing' do
+    it 'routes to #show with about as parameter' do
+      expect(get: '/pages/about').to route_to('pages#show', page: 'about')
+    end
+
+    it 'routes to #show with contact as parameter' do
+      expect(get: '/pages/contact').to route_to('pages#show', page: 'contact')
+    end
+
+    it 'routes to #show with faq as parameter' do
+      expect(get: '/pages/faq').to route_to('pages#show', page: 'faq')
+    end
+
+    it 'does not route to #show without a page parameter' do
+      expect(get: '/pages/').not_to be_routable
+    end
+  end
+end