From d1c063d37cf1b001bc51a33e928ea0933b189e82 Mon Sep 17 00:00:00 2001
From: Diego Basterrech <diegobasterrech@hotmail.com>
Date: Tue, 10 Dec 2024 17:10:58 -0300
Subject: [PATCH] Fix tests

---
 app/controllers/application_controller.rb     | 50 ++++++++++++++++---
 app/views/errors/forbidden.html.erb           |  2 +-
 config/routes.rb                              |  1 +
 ...ice_policies_controller_shared_examples.rb |  2 +-
 .../bulk_email/bulk_email_controller_spec.rb  |  6 +--
 5 files changed, 48 insertions(+), 13 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1f58fdf93f..f66a8f4291 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -118,6 +118,48 @@ def acting_as?
     acting_user.object_id != session_user.object_id
   end
 
+  # Global exception handlers
+  rescue_from ActiveRecord::RecordNotFound do |exception|
+    Rails.logger.debug("#{exception.message}: #{exception.backtrace.join("\n")}") unless Rails.env.production?
+    render_404(exception)
+  end
+
+  rescue_from ActionController::RoutingError do |exception|
+    Rails.logger.debug("#{exception.message}: #{exception.backtrace.join("\n")}") unless Rails.env.production?
+    render_404(exception)
+  end
+
+  def render_404(_exception)
+    # Add html fallback in case the 404 is a PDF or XML so the view can be found
+    render "errors/not_found", status: 404, layout: "application", formats: formats_with_html_fallback
+  end
+
+  rescue_from NUCore::PermissionDenied, CanCan::AccessDenied, with: :render_403
+  def render_403(_exception)
+    # if current_user is nil, the user should be redirected to login
+    if current_user
+      render "errors/forbidden", status: 403, layout: "application", formats: formats_with_html_fallback
+    else
+      store_location_for(:user, request.fullpath)
+      redirect_to new_user_session_path
+    end
+  end
+
+  rescue_from NUCore::NotPermittedWhileActingAs, with: :render_acting_error
+  def render_acting_error
+    render "error/acting_error", status: 403, layout: "application", formats: formats_with_html_fallback
+  end
+
+  rescue_from NUCore::PermissionDenied, CanCan::AccessDenied, with: :render_403
+  def render_403(_exception)
+    if current_user
+      render "errors/forbidden", status: 403, layout: "application", formats: formats_with_html_fallback
+    else
+      store_location_for(:user, request.fullpath)
+      redirect_to new_user_session_path
+    end
+  end
+
   def after_sign_out_path_for(_)
     if current_facility.present?
       facility_path(current_facility)
@@ -151,14 +193,6 @@ def current_ability
     @current_ability ||= Ability.new(current_user, ability_resource, self)
   end
 
-  rescue_from CanCan::AccessDenied do |exception|
-    if current_user.nil?
-      redirect_to new_user_session_path, alert: "You need to log in to access this page."
-    else
-      render "errors/forbidden", status: :forbidden
-    end
-  end
-
   private
 
   #
diff --git a/app/views/errors/forbidden.html.erb b/app/views/errors/forbidden.html.erb
index 0ba1d1064e..bbc7a7ec42 100644
--- a/app/views/errors/forbidden.html.erb
+++ b/app/views/errors/forbidden.html.erb
@@ -1,2 +1,2 @@
 <% content_for :h1 do %>403 &ndash; Permission Denied<% end %>
-<p class="notice"><%= @error_message %></p>
+Sorry, you don't have permission to access this page.
diff --git a/config/routes.rb b/config/routes.rb
index 55825991d7..73b1d0529f 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -455,3 +455,4 @@
   match "/404", to: "errors#not_found", via: :all
   match "/500", to: "errors#internal_server_error", via: :all
 end
+
diff --git a/spec/price_policies_controller_shared_examples.rb b/spec/price_policies_controller_shared_examples.rb
index df54d04e06..9e41a00185 100644
--- a/spec/price_policies_controller_shared_examples.rb
+++ b/spec/price_policies_controller_shared_examples.rb
@@ -211,7 +211,7 @@
         do_request
         expect(assigns[:start_date]).to eq(Time.zone.parse(@params[:id]))
         expect(assigns[:price_policies]).to be_empty
-        is_expected.to render_template "404"
+        is_expected.to render_template "errors/not_found"
       end
     end
 
diff --git a/vendor/engines/bulk_email/spec/controllers/bulk_email/bulk_email_controller_spec.rb b/vendor/engines/bulk_email/spec/controllers/bulk_email/bulk_email_controller_spec.rb
index da1ae24ab4..05c158a524 100644
--- a/vendor/engines/bulk_email/spec/controllers/bulk_email/bulk_email_controller_spec.rb
+++ b/vendor/engines/bulk_email/spec/controllers/bulk_email/bulk_email_controller_spec.rb
@@ -118,12 +118,12 @@
 
       context "as an unprivileged user" do
         let(:user) { FactoryBot.create(:user) }
-        it { is_expected.to render_template("403") }
+        it { is_expected.to render_template("errors/forbidden") }
       end
 
       context "when logged in as facility staff" do
         let(:user) { FactoryBot.create(:user, :staff, facility: facility) }
-        it { is_expected.to render_template("403") }
+        it { is_expected.to render_template("errors/forbidden") }
       end
 
       context "when logged in as senior facility staff" do
@@ -136,7 +136,7 @@
 
         context "in a cross-facility context" do
           let(:facility) { Facility.cross_facility }
-          it { is_expected.to render_template("403") }
+          it { is_expected.to render_template("errors/forbidden") }
         end
       end