Merge pull request #1353 from operable/peck/password-reset-graceful-fail

fail more gracefully when smtp isn't configured properly

Author: mpeck

lib/cog/repository/groups.ex

@@ -19,7 +19,8 @@ defmodule Cog.Repository.Groups do
   alias Cog.Models.Role
   import Ecto.Query, only: [from: 2]
 
-  @preloads [:users, :roles]
+  @preloads [[users: from(u in User, order_by: u.username)],
+             [roles: from(r in Role, order_by: r.name)]]
 
   @doc """
   Creates a new user group given a map of attributes

lib/cog/repository/users.ex

@@ -165,10 +165,36 @@ defmodule Cog.Repository.Users do
       password_reset = PasswordReset.changeset(%PasswordReset{}, %{user_id: user_id})
       |> Repo.insert!
 
-      Cog.Email.reset_password(email_address, password_reset.id)
-      |> Cog.Mailer.deliver_later
-
-      password_reset
+      try do
+        Cog.Email.reset_password(email_address, password_reset.id)
+        |> Cog.Mailer.deliver_later()
+
+        password_reset
+      rescue
+        # Raised when bamboo is not properly configured
+        # We try to be helpful and give a more informative error message,
+        # but since we just get a generic ArgumentError back we include
+        # the original error just in case there is another issue.
+        error in ArgumentError ->
+          msg = """
+          SMTP may not be configured. You must set 'COG_SMTP_SERVER', \
+          'COG_SMTP_PORT', 'COG_SMTP_USERNAME', 'COG_SMTP_PASSWORD' and \
+          'COG_EMAIL_FROM' to enable email support. See the documentation \
+          for 'Configuring Password Resets' for more information.
+          Original error: #{inspect error}
+          """
+          Repo.rollback({:not_configured, msg})
+        # Raised when the from address is not set
+        Bamboo.EmptyFromAddressError ->
+          msg = """
+          You must set 'COG_EMAIL_FROM' to enable email support. \
+          See the documentation for 'Configuring Password Resets' \
+          for more information.
+          """
+          Repo.rollback({:not_configured, msg})
+        error ->
+          Repo.rollback(error)
+      end
     end)
   end
 

web/controllers/v1/password_reset_controller.ex

@@ -15,6 +15,11 @@ defmodule Cog.V1.PasswordResetController do
         # We don't want folks spamming this endpoint to find valid email
         # addresses.
         send_resp(conn, :no_content, "")
+      {:error, {:not_configured, error}} ->
+        Logger.warn("Email support has not been properly configured: #{inspect error}")
+        conn
+        |> put_status(:internal_server_error)
+        |> json(%{errors: ["Password resets have been disabled or are not properly configured."]})
       {:error, error} ->
         Logger.warn("Failed to generate password reset: #{inspect error}")
         send_resp(conn, :internal_server_error, "")
@@ -28,7 +33,7 @@ defmodule Cog.V1.PasswordResetController do
       {:error, :not_found} ->
         conn
         |> put_status(:not_found)
-        |> json(%{errors: "Invalid password reset token."})
+        |> json(%{errors: ["Invalid password reset token."]})
       {:error, changeset} ->
         conn
         |> put_status(:unprocessable_entity)