From: Alexander Ebert <ebert@woltlab.com>
Date: Thu, 3 May 2012 12:59:38 +0000 (+0200)
Subject: Improved exceptions to be more specific
X-Git-Tag: 2.0.0_Beta_1~1127
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=3900ef8aa8622fa917f7189d0b72edfb8bb248f2;p=GitHub%2FWoltLab%2FWCF.git

Improved exceptions to be more specific

Depending on exception type, different error codes will be sent to distinguish between soft-errors (e.g. bad parameter) or those where something is pretty screwed up.
---

diff --git a/wcfsetup/install/files/lib/action/AJAXProxyAction.class.php b/wcfsetup/install/files/lib/action/AJAXProxyAction.class.php
index 140d90af34..e8ba240d33 100644
--- a/wcfsetup/install/files/lib/action/AJAXProxyAction.class.php
+++ b/wcfsetup/install/files/lib/action/AJAXProxyAction.class.php
@@ -1,7 +1,14 @@
 <?php
 namespace wcf\action;
+use wcf\system\exception\IllegalLinkException;
+
+use wcf\system\WCF;
+
+use wcf\system\exception\PermissionDeniedException;
+
 use wcf\system\exception\AJAXException;
 use wcf\system\exception\SystemException;
+use wcf\system\exception\UserInputException;
 use wcf\system\exception\ValidateActionException;
 use wcf\util\ArrayUtil;
 use wcf\util\ClassUtil;
@@ -113,6 +120,9 @@ class AJAXProxyAction extends AbstractSecureAction {
 		try {
 			$this->objectAction->validateAction();
 		}
+		catch (UserInputException $e) {
+			$this->throwException($e);
+		}
 		catch (ValidateActionException $e) {
 			$this->throwException($e);
 		}
@@ -138,11 +148,20 @@ class AJAXProxyAction extends AbstractSecureAction {
 	 * @param	\Exception	$e
 	 */
 	protected function throwException(\Exception $e) {
-		if ($e instanceof SystemException) {
-			throw new AJAXException($e->getMessage(), $e->__getTraceAsString());
+		if ($e instanceof IllegalLinkException) {
+			throw new AJAXException(WCF::getLanguage()->get('wcf.global.error.sessionExpired'), AJAXException::SESSION_EXPIRED);
+		}
+		else if ($e instanceof PermissionDeniedException) {
+			throw new AJAXException(WCF::getLanguage()->get('wcf.global.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS);
+		}
+		else if ($e instanceof SystemException) {
+			throw new AJAXException($e->getMessage(), AJAXException::INTERNAL_ERROR, $e->__getTraceAsString());
+		}
+		else if ($e instanceof UserInputException) {
+			throw new AJAXException($e->getMessage(), AJAXException::BAD_PARAMETERS);
 		}
 		else {
-			throw new AJAXException($e->getMessage(), $e->getTraceAsString());
+			throw new AJAXException($e->getMessage(), AJAXException::INTERNAL_ERROR, $e->getTraceAsString());
 		}
 	}
 }
diff --git a/wcfsetup/install/files/lib/system/exception/AJAXException.class.php b/wcfsetup/install/files/lib/system/exception/AJAXException.class.php
index c67afd64cc..6be6ad065b 100644
--- a/wcfsetup/install/files/lib/system/exception/AJAXException.class.php
+++ b/wcfsetup/install/files/lib/system/exception/AJAXException.class.php
@@ -14,13 +14,44 @@ use wcf\util\JSON;
  * @category 	Community Framework
  */
 class AJAXException extends LoggedException {
+	/**
+	 * missing parameters
+	 * @var	integer
+	 */
+	const MISSING_PARAMETERS = 400;
+	
+	/**
+	 * session expired
+	 * @var	integer
+	 */
+	const SESSION_EXPIRED = 401;
+	
+	/**
+	 * insufficient permissions
+	 * @var	integer
+	 */
+	const INSUFFICIENT_PERMISSIONS = 403;
+	
+	/**
+	 * bad parameters
+	 * @var	integer
+	 */
+	const BAD_PARAMETERS = 412;
+	
+	/**
+	 * internal server error
+	 * @var	integer
+	 */
+	const INTERNAL_ERROR = 503;
+	
 	/**
 	 * Throws a JSON-encoded error message
 	 * 
 	 * @param	string		$message
+	 * @param	boolean		$isDoomsday
 	 * @param	string		$stacktrace
 	 */
-	public function __construct($message, $stacktrace = null) {
+	public function __construct($message, $errorType = self::INTERNAL_ERROR, $stacktrace = null) {
 		if ($stacktrace === null) $stacktrace = $this->getTraceAsString();
 		
 		if (WCF::debugModeIsEnabled()) {
@@ -35,11 +66,39 @@ class AJAXException extends LoggedException {
 			);
 		}
 		
-		// log error
-		$this->logError();
+		$responseData['code'] = $errorType;
+		$statusHeader = '';
+		switch ($errorType) {
+			case self::MISSING_PARAMETERS:
+				$statusHeader = 'HTTP/1.0 400 Bad Request';
+				
+				$this->logError();
+			break;
+			
+			case self::SESSION_EXPIRED:
+				$statusHeader = 'HTTP/1.0 401 Unauthorized';
+			break;
+			
+			case self::INSUFFICIENT_PERMISSIONS:
+				$statusHeader = 'HTTP/1.0 403 Forbidden';
+			break;
+			
+			case self::BAD_PARAMETERS:
+				$statusHeader = 'HTTP/1.0 412 Precondition Failed';
+			break;
+			
+			default:
+			case self::INTERNAL_ERROR:
+				//header('HTTP/1.0 418 I\'m a Teapot');
+				header('HTTP/1.0 503 Service Unavailable');
+				
+				$responseData['code'] = self::INTERNAL_ERROR;
+				
+				$this->logError();
+			break;
+		}
 		
-		//header('HTTP/1.0 418 I\'m a Teapot');
-		header('HTTP/1.0 503 Service Unavailable');
+		header($statusHeader);
 		header('Content-type: application/json');
 		echo JSON::encode($responseData);
 		exit;