hide error details from serialization when debug is off (#109)

cnizzardini · web-flow · commit 667d75e88d6e · 2022-07-23T11:03:21.000-04:00
diff --git a/plugins/exception-render/src/MixerApiExceptionRenderer.php b/plugins/exception-render/src/MixerApiExceptionRenderer.php
@@ -75,8 +75,8 @@ public function render(): ResponseInterface
             'exception' => (new ReflectionClass($exception))->getShortName(),
             'message' => $message,
             'url' => h($url),
-            'error' => $exception,
             'code' => $code,
+            'error' => $exception,
         ];
 
         if ($this->error instanceof ValidationException) {
@@ -128,6 +128,8 @@ public function getError(): Throwable
     private function debugViewVars($exception, array $viewVars): array
     {
         if (!Configure::read('debug')) {
+            unset($viewVars['error']);
+
             return $viewVars;
         }
 
diff --git a/plugins/exception-render/tests/TestCase/ControllerTest.php b/plugins/exception-render/tests/TestCase/ControllerTest.php
@@ -60,6 +60,9 @@ public function test_validation_exception(): void
         $message = reset($violation->messages);
         $this->assertEquals('_empty', $message->rule);
         $this->assertEquals('This field cannot be left empty', $message->message);
+
+        $this->assertTrue(isset($object->trace));
+        $this->assertTrue(isset($object->error));
     }
 
     public function test_validation_exception_with_cakephp_debug_off(): void
@@ -77,5 +80,6 @@ public function test_validation_exception_with_cakephp_debug_off(): void
         $object = json_decode($body);
 
         $this->assertFalse(isset($object->trace));
+        $this->assertFalse(isset($object->error));
     }
 }
diff --git a/plugins/exception-render/tests/test_app/src/Controller/ActorsController.php b/plugins/exception-render/tests/test_app/src/Controller/ActorsController.php
@@ -3,6 +3,8 @@
 
 namespace MixerApi\ExceptionRender\Test\App\Controller;
 
+use Cake\Http\Exception\InternalErrorException;
+
 class ActorsController extends AppController
 {
     /**
@@ -106,4 +108,9 @@ public function delete($id = null)
         }
         throw new \Exception("Record not deleted");
     }
+
+    public function exception()
+    {
+        throw new InternalErrorException('testing');
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -60,6 +60,9 @@ public function test_validation_exception(): void`
`60`	`60`	`$message = reset($violation->messages);`
`61`	`61`	`$this->assertEquals('_empty', $message->rule);`
`62`	`62`	`$this->assertEquals('This field cannot be left empty', $message->message);`
	`63`	`+`
	`64`	`+ $this->assertTrue(isset($object->trace));`
	`65`	`+ $this->assertTrue(isset($object->error));`
`63`	`66`	`}`
`64`	`67`
`65`	`68`	`public function test_validation_exception_with_cakephp_debug_off(): void`
`@@ -77,5 +80,6 @@ public function test_validation_exception_with_cakephp_debug_off(): void`
`77`	`80`	`$object = json_decode($body);`
`78`	`81`
`79`	`82`	`$this->assertFalse(isset($object->trace));`
	`83`	`+ $this->assertFalse(isset($object->error));`
`80`	`84`	`}`
`81`	`85`	`}`
Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,8 @@`
`3`	`3`
`4`	`4`	`namespace MixerApi\ExceptionRender\Test\App\Controller;`
`5`	`5`
	`6`	`+use Cake\Http\Exception\InternalErrorException;`
	`7`	`+`
`6`	`8`	`class ActorsController extends AppController`
`7`	`9`	`{`
`8`	`10`	`/**`
`@@ -106,4 +108,9 @@ public function delete($id = null)`
`106`	`108`	`}`
`107`	`109`	`throw new \Exception("Record not deleted");`
`108`	`110`	`}`
	`111`	`+`
	`112`	`+ public function exception()`
	`113`	`+ {`
	`114`	`+ throw new InternalErrorException('testing');`
	`115`	`+ }`
`109`	`116`	`}`