00dbc10b-d747-4ad7-b211-7b26d753abbb

Committed 14 Aug 2025 01:25PM UTC coverage: 0.483% (-94.9%) from 95.343%

Build # 00dbc10b-d747-4ad7-b211-7b26d753abbb

Build Type

push

circleci

Committed by

web-flow

Commit Message

Merge pull request #5181 from pulibrary/dependabot/bundler/activestorage-7.2.2.2

Bump activestorage from 7.2.2.1 to 7.2.2.2

Run Details

47 of 9721 relevant lines covered (0.48%)

0.01 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/app/controllers/requests/form_controller.rb

# frozen_string_literal: true
require 'faraday'

include Requests::ApplicationHelper

module Requests
  class FormController < ApplicationController
    before_action :authenticate_user!, except: [:index], unless: -> { aeon? }

    def index
      redirect_to('/')
    end

    def generate
      system_id = sanitize(params[:system_id])
      mfhd = sanitize(params[:mfhd])
      params.require(:mfhd) unless system_id.starts_with?("SCSB") # there are not multiple locations for shared items so no MFHD is passed
      @back_to_record_url = BackToRecordUrl.new(params)

      @user = current_or_guest_user

      @patron = Patron.authorize(user: @user)
      patron_errors = @patron.errors
      flash.now[:error] = patron_errors.join(", ") if patron_errors.present?

      @title = "Request ID: #{system_id}"

      # needed to see if we can suppress login for this item
      @request = FormDecorator.new(Requests::Form.new(system_id:, mfhd:, patron: @patron), view_context, @back_to_record_url)
    rescue ActionController::ParameterMissing
      render 'requests/form/no_location_specified'
    end

    def aeon?
      return true if params["aeon"] == 'true'

      false
    end

    # will post and a JSON document of selected "requestable" objects with selection parameters and
    # user information for further processing and distribution to various request endpoints.
    def submit
      @submission = Requests::Submission.new(sanitize_submission(params), Patron.new(user: current_or_guest_user))
      respond_to do |format|
        format.js do
          valid = @submission.valid?
          @services = @submission.process_submission if valid
          if valid && @submission.service_errors.blank?
            respond_to_submit_success(@submission)
          elsif valid # submission was valid, but service failed
            respond_to_service_error(@services)
          else
            respond_to_validation_error(@submission)
          end
        end
      end
    end

    private

      def mode
        return 'standard' if params[:mode].nil?
        sanitize(params[:mode])
      end

      # trusted params
      def request_params
        params.permit(:id, :system_id, :mfhd, :user_name, :email, :loc_code, :user, :requestable, :request, :barcode, :isbns).permit!
      end

      def sanitize_submission(params)
        params[:requestable].each do |requestable|
          params['user_supplied_enum'] = sanitize(requestable['user_supplied_enum']) if requestable.key? 'user_supplied_enum'
        end
        lparams = params.permit(bib: [:id, :title, :author, :isbn, :date])
        lparams[:requestable] = params[:requestable].map do |requestable|
          json_pick_up = requestable[:pick_up]
          requestable = requestable.merge(JSON.parse(json_pick_up)) if json_pick_up.present?
          requestable.permit!
        end
        lparams
      end

      def respond_to_submit_success(submission)
        flash.now[:success] = submission.success_messages.join(' ')
        # TODO: Why does this go into an infinite loop
        # logger.info "#Request Submission - #{submission.as_json}"
        logger.info "Request Sent"
      end

      def respond_to_service_error(services)
        errors = services.map(&:errors).flatten
        error_types = errors.pluck(:type).uniq
        flash.now[:error] = if error_types.include?("digitize")
                              errors[error_types.index("digitize")][:error]
                            else
                              I18n.t('requests.submit.service_error')
                            end
        logger.error "Request Service Error"
        service_errors = services.map(&:error_hash).inject(:merge)
        send_error_email(service_errors, @submission)
      end

      def respond_to_validation_error(submission)
        flash.now[:error] = I18n.t('requests.submit.error')
        logger.error "Request Submission #{submission.errors.messages.as_json}"
      end

      def sanitize(str)
        str.gsub(/[^A-Za-z0-9@\-_\.]/, '') if str.is_a? String
        str
      end

      # This has to be a utility function to prevent ActiveJob from trying to serialize too many objects
      # :reek:UtilityFunction
      def send_error_email(errors, submission)
        Requests::RequestMailer.send("service_error_email", errors, submission.to_h).deliver_later
      end
  end
end

1	# frozen_string_literal: true
2	require 'faraday'	×
3
4	include Requests::ApplicationHelper	×
5
6	module Requests	×
7	class FormController < ApplicationController	×
8	before_action :authenticate_user!, except: [:index], unless: -> { aeon? }	×
9
10	def index	×
11	redirect_to('/')	×
12	end	×
13
14	def generate	×
15	system_id = sanitize(params[:system_id])	×
16	mfhd = sanitize(params[:mfhd])	×
17	params.require(:mfhd) unless system_id.starts_with?("SCSB") # there are not multiple locations for shared items so no MFHD is passed	×
18	@back_to_record_url = BackToRecordUrl.new(params)	×
19
20	@user = current_or_guest_user	×
21
22	@patron = Patron.authorize(user: @user)	×
23	patron_errors = @patron.errors	×
24	flash.now[:error] = patron_errors.join(", ") if patron_errors.present?	×
25
26	@title = "Request ID: #{system_id}"	×
27
28	# needed to see if we can suppress login for this item
29	@request = FormDecorator.new(Requests::Form.new(system_id:, mfhd:, patron: @patron), view_context, @back_to_record_url)	×
30	rescue ActionController::ParameterMissing	×
31	render 'requests/form/no_location_specified'	×
32	end	×
33
34	def aeon?	×
35	return true if params["aeon"] == 'true'	×
36
37	false	×
38	end	×
39
40	# will post and a JSON document of selected "requestable" objects with selection parameters and
41	# user information for further processing and distribution to various request endpoints.
42	def submit	×
43	@submission = Requests::Submission.new(sanitize_submission(params), Patron.new(user: current_or_guest_user))	×
44	respond_to do \|format\|	×
45	format.js do	×
46	valid = @submission.valid?	×
47	@services = @submission.process_submission if valid	×
48	if valid && @submission.service_errors.blank?	×
49	respond_to_submit_success(@submission)	×
50	elsif valid # submission was valid, but service failed	×
51	respond_to_service_error(@services)	×
52	else	×
53	respond_to_validation_error(@submission)	×
54	end	×
55	end	×
56	end	×
57	end	×
58
59	private	×
60
61	def mode	×
62	return 'standard' if params[:mode].nil?	×
63	sanitize(params[:mode])	×
64	end	×
65
66	# trusted params
67	def request_params	×
68	params.permit(:id, :system_id, :mfhd, :user_name, :email, :loc_code, :user, :requestable, :request, :barcode, :isbns).permit!	×
69	end	×
70
71	def sanitize_submission(params)	×
72	params[:requestable].each do \|requestable\|	×
73	params['user_supplied_enum'] = sanitize(requestable['user_supplied_enum']) if requestable.key? 'user_supplied_enum'	×
74	end	×
75	lparams = params.permit(bib: [:id, :title, :author, :isbn, :date])	×
76	lparams[:requestable] = params[:requestable].map do \|requestable\|	×
77	json_pick_up = requestable[:pick_up]	×
78	requestable = requestable.merge(JSON.parse(json_pick_up)) if json_pick_up.present?	×
79	requestable.permit!	×
80	end	×
81	lparams	×
82	end	×
83
84	def respond_to_submit_success(submission)	×
85	flash.now[:success] = submission.success_messages.join(' ')	×
86	# TODO: Why does this go into an infinite loop
87	# logger.info "#Request Submission - #{submission.as_json}"
88	logger.info "Request Sent"	×
89	end	×
90
91	def respond_to_service_error(services)	×
92	errors = services.map(&:errors).flatten	×
93	error_types = errors.pluck(:type).uniq	×
94	flash.now[:error] = if error_types.include?("digitize")	×
95	errors[error_types.index("digitize")][:error]	×
96	else	×
97	I18n.t('requests.submit.service_error')	×
98	end	×
99	logger.error "Request Service Error"	×
100	service_errors = services.map(&:error_hash).inject(:merge)	×
101	send_error_email(service_errors, @submission)	×
102	end	×
103
104	def respond_to_validation_error(submission)	×
105	flash.now[:error] = I18n.t('requests.submit.error')	×
106	logger.error "Request Submission #{submission.errors.messages.as_json}"	×
107	end	×
108
109	def sanitize(str)	×
110	str.gsub(/[^A-Za-z0-9@\-_\.]/, '') if str.is_a? String	×
111	str	×
112	end	×
113
114	# This has to be a utility function to prevent ActiveJob from trying to serialize too many objects
115	# :reek:UtilityFunction
116	def send_error_email(errors, submission)	×
117	Requests::RequestMailer.send("service_error_email", errors, submission.to_h).deliver_later	×
118	end	×
119	end	×
120	end	×

pulibrary / orangelight / 00dbc10b-d747-4ad7-b211-7b26d753abbb

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous