Fixed error logging and refactored ErrorController to get invoked

correctly when using API key authentication

* Along with the bugfixes, backported improved ErrorController from upstream branch,
  including style improvements.

airtime_mvc/application/Bootstrap.php

@@ -52,6 +52,7 @@ Application_Model_Auth::pinSessionToClient(Zend_Auth::getInstance());
 
 $front = Zend_Controller_Front::getInstance();
 $front->registerPlugin(new RabbitMqPlugin());
+$front->throwExceptions(false);
 
 //localization configuration
 Application_Model_Locale::configureLocalization();

airtime_mvc/application/controllers/ErrorController.php

@@ -1,26 +1,40 @@
 <?php
+class ErrorController extends Zend_Controller_Action {
 
-class ErrorController extends Zend_Controller_Action
-{
-
-    public function errorAction()
+    public function init()
     {
+        //The default layout includes the Dashboard header, which may contain private information.
+        //We cannot show that.
+        $this->view->layout()->disableLayout();
+        $this->setupCSS();
+
+    }
+
+    public function errorAction() {
         $errors = $this->_getParam('error_handler');
 
-        switch ($errors->type) {
-            case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ROUTE:
-            case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_CONTROLLER:
-            case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ACTION:
+        if ($errors) {
+            // log error message and stack trace
+            Logging::error($errors->exception->getMessage());
+            Logging::error($errors->exception->getTraceAsString());
 
-                // 404 error -- controller or action not found
-                $this->getResponse()->setHttpResponseCode(404);
-                $this->view->message = _('Page not found');
-                break;
-            default:
-                // application error
-                $this->getResponse()->setHttpResponseCode(500);
-                $this->view->message = _('Application error');
-                break;
+            switch ($errors->type) {
+                case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ROUTE :
+                case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_CONTROLLER :
+                    $this->error404Action();
+                    break;
+                case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ACTION :
+                    $this->error400Action();
+                    break;
+                default :
+                    $this->error500Action();
+                    break;
+            }
+        } else {
+            $exceptions = $this->_getAllParams();
+            Logging::error($exceptions);
+            $this->error500Action();
+            return;
         }
 
         // Log exception, if logger available
@@ -33,11 +47,17 @@ class ErrorController extends Zend_Controller_Action
             $this->view->exception = $errors->exception;
         }
 
-        $this->view->request   = $errors->request;
+        $this->view->request = $errors->request;
     }
 
-    public function getLog()
+    private function setupCSS()
     {
+        $CC_CONFIG = Config::getConfig();
+        $staticBaseDir = Application_Common_OsPath::formatDirectoryWithDirectorySeparators($CC_CONFIG['staticBaseDir']);
+        $this->view->headLink()->appendStylesheet($staticBaseDir . 'css/styles.css?' . $CC_CONFIG['airtime_version']);
+    }
+
+    public function getLog() {
         $bootstrap = $this->getInvokeArg('bootstrap');
         if (!$bootstrap->hasPluginResource('Log')) {
             return false;
@@ -47,9 +67,43 @@ class ErrorController extends Zend_Controller_Action
         return $log;
     }
 
-    public function deniedAction()
-    {
-        // action body
+    /**
+     * 404 error - route or controller
+     */
+    public function error404Action() {
+        $this->_helper->viewRenderer('error-404');
+        $this->getResponse()->setHttpResponseCode(404);
+        $this->view->message = _('Page not found.');
     }
 
+    /**
+     * 400 error - no such action
+     */
+    public function error400Action() {
+        $this->_helper->viewRenderer('error-400');
+        $this->getResponse()->setHttpResponseCode(400);
+        $this->view->message = _('The requested action is not supported.');
+
+    }
+
+    /**
+     * 403 error - permission denied
+     */
+    public function error403Action() {
+
+        $this->_helper->viewRenderer('error-403');
+        $this->getResponse()->setHttpResponseCode(403);
+        $this->view->message = _('You do not have permission to access this resource.');
+    }
+
+    /**
+     * 500 error - internal server error
+     */
+    public function error500Action() {
+
+        $this->_helper->viewRenderer('error-500');
+
+        $this->getResponse()->setHttpResponseCode(500);
+        $this->view->message = _('An internal application error has occurred.');
+    }
 }

airtime_mvc/application/controllers/ProvisioningController.php

@@ -26,7 +26,7 @@ class ProvisioningController extends Zend_Controller_Action
         $this->view->layout()->disableLayout();
         $this->_helper->viewRenderer->setNoRender(true);
 
-        if (!RestAuth::verifyAuth(true, true, $this)) {
+        if (!RestAuth::verifyAuth(true, false, $this)) {
             return;
         }
 
@@ -65,12 +65,12 @@ class ProvisioningController extends Zend_Controller_Action
         }
         
         $CC_CONFIG = Config::getConfig();
-        
+
         foreach ($CC_CONFIG["supportedStorageBackends"] as $storageBackend) {
             $proxyStorageBackend = new ProxyStorageBackend($storageBackend);
             $proxyStorageBackend->deleteAllCloudFileObjects();
         }
-        
+
         $this->getResponse()
             ->setHttpResponseCode(200)
             ->appendBody("OK");

airtime_mvc/application/controllers/plugins/Acl_plugin.php

@@ -28,7 +28,7 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
     {
         $this->_errorPage = array('module' => 'default',
                                   'controller' => 'error',
-                                  'action' => 'denied');
+                                  'action' => 'error');
 
         $this->_roleName = $roleName;
 
@@ -111,7 +111,16 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
         $controller = strtolower($request->getControllerName());
         Application_Model_Auth::pinSessionToClient(Zend_Auth::getInstance());
 
-        if (in_array($controller, array("api", "auth", "locale", "upgrade", 'whmcs-login', "provisioning"))) {
+        if (in_array($controller, array(
+                "api",
+                "auth",
+                "error",
+                "locale",
+                "upgrade",
+                'whmcs-login',
+                "provisioning"
+            )))
+        {
             $this->setRoleName("G");
         } elseif (!Zend_Auth::getInstance()->hasIdentity()) {
 

airtime_mvc/application/views/scripts/error/error-400.phtml

@@ -0,0 +1,18 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN";
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+  <title><?php echo _("An error has occurred.") ?></title>
+  <?php echo $this->headLink(); ?>
+</head>
+<body>
+    <div class="error-content" id="error-400">
+        <h2><?php echo _("Bad Request!")?></h2>
+        <p><?php echo _("The requested action is not supported!")?></p>
+        <div class="button-bar">
+            <a class="toggle-button" href="<?php echo $this->baseUrl('dashboard/help'); ?>"><?php echo _("Help") ?></a>
+        </div>
+    </div>
+</body>
+</html>

airtime_mvc/application/views/scripts/error/error-403.phtml

@@ -0,0 +1,18 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN";
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+  <title><?php echo _("An error has occurred.") ?></title>
+  <?php echo $this->headLink(); ?>
+</head>
+<body>
+    <div class="error-content" id="error-403">
+        <h2><?php echo _("Access Denied!")?></h2>
+        <p><?php echo _("You do not have permission to access this page!")?></p>
+        <div class="button-bar">
+            <a class="toggle-button" href="<?php echo $this->baseUrl('dashboard/help'); ?>"><?php echo _("Help") ?></a>
+        </div>
+    </div>
+</body>
+</html>

airtime_mvc/application/views/scripts/error/error-500.phtml

@@ -0,0 +1,18 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN";
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+  <title><?php echo _("An error has occurred.") ?></title>
+  <?php echo $this->headLink(); ?>
+</head>
+<body>
+    <div class="error-content" id="error-500">
+        <h2><?php echo _("Oops!")?></h2>
+        <p><?php echo _("Something went wrong!")?></p>
+        <div class="button-bar">
+            <a class="toggle-button" href="<?php echo $this->baseUrl('dashboard/help'); ?>"><?php echo _("Help") ?></a>
+        </div>
+    </div>
+</body>
+</html>

airtime_mvc/application/views/scripts/error/error.phtml

@@ -3,7 +3,8 @@
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-  <title><?php echo _("Zend Framework Default Application") ?></title>
+  <title><?php echo _("An error has occurred.") ?></title>
+  <?php echo $this->headLink(); ?>
 </head>
 <body>
     <div class="error-content">