From 50b19f8d3af259b0a24f5e6e761fdadac39e2231 Mon Sep 17 00:00:00 2001 From: John Niang Date: Tue, 14 Jul 2020 00:57:24 +0800 Subject: [PATCH] pref: make some unnecessary error detail hide (#962) --- .../content/ContentFeedController.java | 10 +++---- .../app/core/ControllerExceptionHandler.java | 27 ++++++++--------- .../DefaultAuthenticationFailureHandler.java | 5 ++-- .../app/service/impl/AdminServiceImpl.java | 29 ++++++++++--------- .../java/run/halo/app/utils/GitUtils.java | 14 ++++----- 5 files changed, 43 insertions(+), 42 deletions(-) diff --git a/src/main/java/run/halo/app/controller/content/ContentFeedController.java b/src/main/java/run/halo/app/controller/content/ContentFeedController.java index 33aafb054..685ba036d 100644 --- a/src/main/java/run/halo/app/controller/content/ContentFeedController.java +++ b/src/main/java/run/halo/app/controller/content/ContentFeedController.java @@ -44,7 +44,7 @@ public class ContentFeedController { private final static String UTF_8_SUFFIX = ";charset=UTF-8"; - private final static String XML_INVAID_CHAR = "[\\x00-\\x1F\\x7F]"; + private final static String XML_INVALID_CHAR = "[\\x00-\\x1F\\x7F]"; private final static String XML_MEDIA_TYPE = MediaType.APPLICATION_XML_VALUE + UTF_8_SUFFIX; @@ -210,8 +210,8 @@ public class ContentFeedController { Page postPage = postService.pageBy(PostStatus.PUBLISHED, pageable); Page posts = postService.convertToDetailVo(postPage); posts.getContent().forEach(postDetailVO -> { - postDetailVO.setFormatContent(RegExUtils.replaceAll(postDetailVO.getFormatContent(), XML_INVAID_CHAR, "")); - postDetailVO.setSummary(RegExUtils.replaceAll(postDetailVO.getSummary(), XML_INVAID_CHAR, "")); + postDetailVO.setFormatContent(RegExUtils.replaceAll(postDetailVO.getFormatContent(), XML_INVALID_CHAR, "")); + postDetailVO.setSummary(RegExUtils.replaceAll(postDetailVO.getSummary(), XML_INVALID_CHAR, "")); }); return posts.getContent(); } @@ -230,8 +230,8 @@ public class ContentFeedController { Page postPage = postCategoryService.pagePostBy(category.getId(), PostStatus.PUBLISHED, pageable); Page posts = postService.convertToDetailVo(postPage); posts.getContent().forEach(postDetailVO -> { - postDetailVO.setFormatContent(RegExUtils.replaceAll(postDetailVO.getFormatContent(), XML_INVAID_CHAR, "")); - postDetailVO.setSummary(RegExUtils.replaceAll(postDetailVO.getSummary(), XML_INVAID_CHAR, "")); + postDetailVO.setFormatContent(RegExUtils.replaceAll(postDetailVO.getFormatContent(), XML_INVALID_CHAR, "")); + postDetailVO.setSummary(RegExUtils.replaceAll(postDetailVO.getSummary(), XML_INVALID_CHAR, "")); }); return posts.getContent(); } diff --git a/src/main/java/run/halo/app/core/ControllerExceptionHandler.java b/src/main/java/run/halo/app/core/ControllerExceptionHandler.java index 0962d2a89..b196a778a 100644 --- a/src/main/java/run/halo/app/core/ControllerExceptionHandler.java +++ b/src/main/java/run/halo/app/core/ControllerExceptionHandler.java @@ -33,7 +33,7 @@ public class ControllerExceptionHandler { @ExceptionHandler(DataIntegrityViolationException.class) @ResponseStatus(HttpStatus.BAD_REQUEST) - public BaseResponse handleDataIntegrityViolationException(DataIntegrityViolationException e) { + public BaseResponse handleDataIntegrityViolationException(DataIntegrityViolationException e) { BaseResponse baseResponse = handleBaseException(e); if (e.getCause() instanceof org.hibernate.exception.ConstraintViolationException) { baseResponse = handleBaseException(e.getCause()); @@ -44,7 +44,7 @@ public class ControllerExceptionHandler { @ExceptionHandler(MissingServletRequestParameterException.class) @ResponseStatus(HttpStatus.BAD_REQUEST) - public BaseResponse handleMissingServletRequestParameterException(MissingServletRequestParameterException e) { + public BaseResponse handleMissingServletRequestParameterException(MissingServletRequestParameterException e) { BaseResponse baseResponse = handleBaseException(e); baseResponse.setMessage(String.format("请求字段缺失, 类型为 %s,名称为 %s", e.getParameterType(), e.getParameterName())); return baseResponse; @@ -52,7 +52,7 @@ public class ControllerExceptionHandler { @ExceptionHandler(ConstraintViolationException.class) @ResponseStatus(HttpStatus.BAD_REQUEST) - public BaseResponse handleConstraintViolationException(ConstraintViolationException e) { + public BaseResponse handleConstraintViolationException(ConstraintViolationException e) { BaseResponse> baseResponse = handleBaseException(e); baseResponse.setStatus(HttpStatus.BAD_REQUEST.value()); baseResponse.setMessage("字段验证错误,请完善后重试!"); @@ -62,7 +62,7 @@ public class ControllerExceptionHandler { @ExceptionHandler(MethodArgumentNotValidException.class) @ResponseStatus(HttpStatus.BAD_REQUEST) - public BaseResponse handleMethodArgumentNotValidException(MethodArgumentNotValidException e) { + public BaseResponse handleMethodArgumentNotValidException(MethodArgumentNotValidException e) { BaseResponse> baseResponse = handleBaseException(e); baseResponse.setStatus(HttpStatus.BAD_REQUEST.value()); baseResponse.setMessage("字段验证错误,请完善后重试!"); @@ -73,7 +73,7 @@ public class ControllerExceptionHandler { @ExceptionHandler(HttpRequestMethodNotSupportedException.class) @ResponseStatus(HttpStatus.BAD_REQUEST) - public BaseResponse handleHttpRequestMethodNotSupportedException(HttpRequestMethodNotSupportedException e) { + public BaseResponse handleHttpRequestMethodNotSupportedException(HttpRequestMethodNotSupportedException e) { BaseResponse baseResponse = handleBaseException(e); baseResponse.setStatus(HttpStatus.BAD_REQUEST.value()); return baseResponse; @@ -81,7 +81,7 @@ public class ControllerExceptionHandler { @ExceptionHandler(HttpMediaTypeNotAcceptableException.class) @ResponseStatus(HttpStatus.NOT_ACCEPTABLE) - public BaseResponse handleHttpMediaTypeNotAcceptableException(HttpMediaTypeNotAcceptableException e) { + public BaseResponse handleHttpMediaTypeNotAcceptableException(HttpMediaTypeNotAcceptableException e) { BaseResponse baseResponse = handleBaseException(e); baseResponse.setStatus(HttpStatus.NOT_ACCEPTABLE.value()); return baseResponse; @@ -89,7 +89,7 @@ public class ControllerExceptionHandler { @ExceptionHandler(HttpMessageNotReadableException.class) @ResponseStatus(HttpStatus.BAD_REQUEST) - public BaseResponse handleHttpMessageNotReadableException(HttpMessageNotReadableException e) { + public BaseResponse handleHttpMessageNotReadableException(HttpMessageNotReadableException e) { BaseResponse baseResponse = handleBaseException(e); baseResponse.setStatus(HttpStatus.BAD_REQUEST.value()); baseResponse.setMessage("缺失请求主体"); @@ -98,7 +98,7 @@ public class ControllerExceptionHandler { @ExceptionHandler(NoHandlerFoundException.class) @ResponseStatus(HttpStatus.BAD_GATEWAY) - public BaseResponse handleNoHandlerFoundException(NoHandlerFoundException e) { + public BaseResponse handleNoHandlerFoundException(NoHandlerFoundException e) { BaseResponse baseResponse = handleBaseException(e); HttpStatus status = HttpStatus.BAD_GATEWAY; baseResponse.setStatus(status.value()); @@ -107,7 +107,7 @@ public class ControllerExceptionHandler { } @ExceptionHandler(AbstractHaloException.class) - public ResponseEntity handleHaloException(AbstractHaloException e) { + public ResponseEntity> handleHaloException(AbstractHaloException e) { BaseResponse baseResponse = handleBaseException(e); baseResponse.setStatus(e.getStatus().value()); baseResponse.setData(e.getErrorData()); @@ -116,8 +116,8 @@ public class ControllerExceptionHandler { @ExceptionHandler(Exception.class) @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR) - public BaseResponse handleGlobalException(Exception e) { - BaseResponse baseResponse = handleBaseException(e); + public BaseResponse handleGlobalException(Exception e) { + BaseResponse baseResponse = handleBaseException(e); HttpStatus status = HttpStatus.INTERNAL_SERVER_ERROR; baseResponse.setStatus(status.value()); baseResponse.setMessage(status.getReasonPhrase()); @@ -127,13 +127,14 @@ public class ControllerExceptionHandler { private BaseResponse handleBaseException(Throwable t) { Assert.notNull(t, "Throwable must not be null"); - log.error("Captured an exception", t); - BaseResponse baseResponse = new BaseResponse<>(); baseResponse.setMessage(t.getMessage()); if (log.isDebugEnabled()) { + log.error("Captured an exception:", t); baseResponse.setDevMessage(ExceptionUtils.getStackTrace(t)); + } else { + log.error("Captured an exception: [{}]", t.getMessage()); } return baseResponse; diff --git a/src/main/java/run/halo/app/security/handler/DefaultAuthenticationFailureHandler.java b/src/main/java/run/halo/app/security/handler/DefaultAuthenticationFailureHandler.java index 8cc0bd442..f0153325b 100644 --- a/src/main/java/run/halo/app/security/handler/DefaultAuthenticationFailureHandler.java +++ b/src/main/java/run/halo/app/security/handler/DefaultAuthenticationFailureHandler.java @@ -10,7 +10,6 @@ import run.halo.app.model.support.BaseResponse; import run.halo.app.utils.ExceptionUtils; import run.halo.app.utils.JsonUtils; -import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @@ -32,9 +31,9 @@ public class DefaultAuthenticationFailureHandler implements AuthenticationFailur } @Override - public void onFailure(HttpServletRequest request, HttpServletResponse response, AbstractHaloException exception) throws IOException, ServletException { + public void onFailure(HttpServletRequest request, HttpServletResponse response, AbstractHaloException exception) throws IOException { log.warn("Handle unsuccessful authentication, ip: [{}]", ServletUtil.getClientIP(request)); - log.error("Authentication failure", exception); + log.error("Authentication failure: [{}], status: [{}], data: [{}]", exception.getMessage(), exception.getStatus(), exception.getErrorData()); BaseResponse errorDetail = new BaseResponse<>(); diff --git a/src/main/java/run/halo/app/service/impl/AdminServiceImpl.java b/src/main/java/run/halo/app/service/impl/AdminServiceImpl.java index 0e8942c15..07c54347f 100644 --- a/src/main/java/run/halo/app/service/impl/AdminServiceImpl.java +++ b/src/main/java/run/halo/app/service/impl/AdminServiceImpl.java @@ -128,7 +128,8 @@ public class AdminServiceImpl implements AdminService { @Override - public User authenticate(LoginParam loginParam) { + @NonNull + public User authenticate(@NonNull LoginParam loginParam) { Assert.notNull(loginParam, "Login param must not be null"); String username = loginParam.getUsername(); @@ -142,7 +143,7 @@ public class AdminServiceImpl implements AdminService { user = Validator.isEmail(username) ? userService.getByEmailOfNonNull(username) : userService.getByUsernameOfNonNull(username); } catch (NotFoundException e) { - log.error("Failed to find user by name: " + username, e); + log.error("Failed to find user by name: " + username); eventPublisher.publishEvent(new LogEvent(this, loginParam.getUsername(), LogType.LOGIN_FAILED, loginParam.getUsername())); throw new BadRequestException(mismatchTip); @@ -161,7 +162,8 @@ public class AdminServiceImpl implements AdminService { } @Override - public AuthToken authCodeCheck(LoginParam loginParam) { + @NonNull + public AuthToken authCodeCheck(@NonNull final LoginParam loginParam) { // get user final User user = this.authenticate(loginParam); @@ -228,7 +230,7 @@ public class AdminServiceImpl implements AdminService { // Gets random code. String code = RandomUtil.randomNumbers(6); - log.info("Get reset password code:{}", code); + log.info("Got reset password code:{}", code); // Cache code. cacheStore.putAny("code", code, 5, TimeUnit.MINUTES); @@ -277,6 +279,7 @@ public class AdminServiceImpl implements AdminService { } @Override + @NonNull public StatisticDTO getCount() { StatisticDTO statisticDTO = new StatisticDTO(); statisticDTO.setPostCount(postService.countByStatus(PostStatus.PUBLISHED) + sheetService.countByStatus(PostStatus.PUBLISHED)); @@ -302,6 +305,7 @@ public class AdminServiceImpl implements AdminService { } @Override + @NonNull public EnvironmentDTO getEnvironments() { EnvironmentDTO environmentDTO = new EnvironmentDTO(); @@ -318,7 +322,8 @@ public class AdminServiceImpl implements AdminService { } @Override - public AuthToken refreshToken(String refreshToken) { + @NonNull + public AuthToken refreshToken(@NonNull String refreshToken) { Assert.hasText(refreshToken, "Refresh token must not be blank"); Integer userId = cacheStore.getAny(SecurityUtils.buildTokenRefreshKey(refreshToken), Integer.class) @@ -343,9 +348,7 @@ public class AdminServiceImpl implements AdminService { // Request github api ResponseEntity responseEntity = restTemplate.getForEntity(HaloConst.HALO_ADMIN_RELEASES_LATEST, Map.class); - if (responseEntity == null || - responseEntity.getStatusCode().isError() || - responseEntity.getBody() == null) { + if (responseEntity.getStatusCode().isError() || responseEntity.getBody() == null) { log.debug("Failed to request remote url: [{}]", HALO_ADMIN_RELEASES_LATEST); throw new ServiceException("系统无法访问到 Github 的 API").setErrorData(HALO_ADMIN_RELEASES_LATEST); } @@ -357,7 +360,7 @@ public class AdminServiceImpl implements AdminService { } try { - List assets = (List) assetsObject; + List assets = (List) assetsObject; Map assetMap = (Map) assets.stream() .filter(assetPredicate()) .findFirst() @@ -367,9 +370,7 @@ public class AdminServiceImpl implements AdminService { // Download the assets ResponseEntity downloadResponseEntity = restTemplate.getForEntity(browserDownloadUrl.toString(), byte[].class); - if (downloadResponseEntity == null || - downloadResponseEntity.getStatusCode().isError() || - downloadResponseEntity.getBody() == null) { + if (downloadResponseEntity.getStatusCode().isError() || downloadResponseEntity.getBody() == null) { throw new ServiceException("Failed to request remote url: " + browserDownloadUrl.toString()).setErrorData(browserDownloadUrl.toString()); } @@ -470,7 +471,7 @@ public class AdminServiceImpl implements AdminService { } @Override - public void updateApplicationConfig(String content) { + public void updateApplicationConfig(@NonNull String content) { Assert.notNull(content, "Content must not be null"); Path path = Paths.get(haloProperties.getWorkDir(), APPLICATION_CONFIG_NAME); @@ -482,7 +483,7 @@ public class AdminServiceImpl implements AdminService { } @Override - public String getLogFiles(Long lines) { + public String getLogFiles(@NonNull Long lines) { Assert.notNull(lines, "Lines must not be null"); File file = new File(haloProperties.getWorkDir(), LOG_PATH); diff --git a/src/main/java/run/halo/app/utils/GitUtils.java b/src/main/java/run/halo/app/utils/GitUtils.java index 7db0b92b4..fafea5d70 100644 --- a/src/main/java/run/halo/app/utils/GitUtils.java +++ b/src/main/java/run/halo/app/utils/GitUtils.java @@ -56,7 +56,7 @@ public class GitUtils { try { git = Git.open(repoPath.toFile()); } catch (RepositoryNotFoundException e) { - log.warn("Git repository may not exist, we will try to initialize an empty repository", e); + log.warn("Git repository may not exist, we will try to initialize an empty repository: [{}]", e.getMessage()); git = Git.init().setDirectory(repoPath.toFile()).call(); } @@ -72,7 +72,7 @@ public class GitUtils { git = Git.cloneRepository() .setURI(repoUrl) .setDirectory(targetPath.toFile()) - .setBranchesToClone(Arrays.asList("refs/heads/" + branchName)) + .setBranchesToClone(Collections.singletonList("refs/heads/" + branchName)) .setBranch("refs/heads/" + branchName) .call(); } finally { @@ -81,21 +81,21 @@ public class GitUtils { } public static List getAllBranches(@NonNull String repoUrl) { - List branches = new ArrayList(); + List branches = new ArrayList<>(); try { Collection refs = Git.lsRemoteRepository() .setHeads(true) .setRemote(repoUrl) .call(); for (Ref ref : refs) { - branches.add(ref.getName().substring(ref.getName().lastIndexOf("/") + 1, ref.getName().length())); + branches.add(ref.getName().substring(ref.getName().lastIndexOf("/") + 1)); } } catch (InvalidRemoteException e) { - log.warn("Git url is not valid", e); + log.warn("Git url is not valid: [{}]", e.getMessage()); } catch (TransportException e) { - log.warn("Transport exception", e); + log.warn("Transport exception: [{}]", e.getMessage()); } catch (GitAPIException e) { - log.warn("Git api exception", e); + log.warn("Git api exception: [{}]", e.getMessage()); } return branches; }