2017-03-16 05:10:09 +00:00
|
|
|
//! Types representing various errors that can occur in a Rocket application.
|
|
|
|
|
|
|
|
use std::{io, fmt};
|
|
|
|
use std::sync::atomic::{Ordering, AtomicBool};
|
|
|
|
|
2017-08-19 01:37:25 +00:00
|
|
|
use yansi::Paint;
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
use figment::Profile;
|
2017-08-19 01:37:25 +00:00
|
|
|
|
2017-06-12 22:08:34 +00:00
|
|
|
/// An error that occurs during launch.
|
2017-03-16 05:10:09 +00:00
|
|
|
///
|
2020-09-03 05:41:31 +00:00
|
|
|
/// An `Error` is returned by [`launch()`](crate::Rocket::launch()) when
|
|
|
|
/// launching an application fails or, more rarely, when the runtime fails after
|
|
|
|
/// lauching.
|
2017-03-16 05:10:09 +00:00
|
|
|
///
|
|
|
|
/// # Panics
|
|
|
|
///
|
|
|
|
/// A value of this type panics if it is dropped without first being inspected.
|
|
|
|
/// An _inspection_ occurs when any method is called. For instance, if
|
2020-09-03 05:41:31 +00:00
|
|
|
/// `println!("Error: {}", e)` is called, where `e: Error`, the `Display::fmt`
|
|
|
|
/// method being called by `println!` results in `e` being marked as inspected;
|
|
|
|
/// a subsequent `drop` of the value will _not_ result in a panic. The following
|
|
|
|
/// snippet illustrates this:
|
2017-03-16 05:10:09 +00:00
|
|
|
///
|
2019-09-08 20:53:53 +00:00
|
|
|
/// ```rust
|
2020-06-14 15:57:55 +00:00
|
|
|
/// # let _ = async {
|
2021-04-08 08:07:52 +00:00
|
|
|
/// if let Err(error) = rocket::build().launch().await {
|
2020-09-03 05:41:31 +00:00
|
|
|
/// // This println "inspects" the error.
|
|
|
|
/// println!("Launch failed! Error: {}", error);
|
2017-03-16 05:10:09 +00:00
|
|
|
///
|
2020-09-03 05:41:31 +00:00
|
|
|
/// // This call to drop (explicit here for demonstration) will do nothing.
|
|
|
|
/// drop(error);
|
2019-09-08 20:53:53 +00:00
|
|
|
/// }
|
2020-06-14 15:57:55 +00:00
|
|
|
/// # };
|
2017-03-16 05:10:09 +00:00
|
|
|
/// ```
|
|
|
|
///
|
|
|
|
/// When a value of this type panics, the corresponding error message is pretty
|
2017-06-12 22:08:34 +00:00
|
|
|
/// printed to the console. The following illustrates this:
|
2017-03-16 05:10:09 +00:00
|
|
|
///
|
|
|
|
/// ```rust
|
2020-06-14 15:57:55 +00:00
|
|
|
/// # let _ = async {
|
2021-04-08 08:07:52 +00:00
|
|
|
/// let error = rocket::build().launch().await;
|
2017-03-16 05:10:09 +00:00
|
|
|
///
|
|
|
|
/// // This call to drop (explicit here for demonstration) will result in
|
|
|
|
/// // `error` being pretty-printed to the console along with a `panic!`.
|
|
|
|
/// drop(error);
|
2020-06-14 15:57:55 +00:00
|
|
|
/// # };
|
2017-03-16 05:10:09 +00:00
|
|
|
/// ```
|
2017-06-12 22:08:34 +00:00
|
|
|
///
|
|
|
|
/// # Usage
|
|
|
|
///
|
2020-09-03 05:41:31 +00:00
|
|
|
/// An `Error` value should usually be allowed to `drop` without inspection.
|
|
|
|
/// There are at least two exceptions:
|
2017-06-12 22:08:34 +00:00
|
|
|
///
|
|
|
|
/// 1. If you are writing a library or high-level application on-top of
|
|
|
|
/// Rocket, you likely want to inspect the value before it drops to avoid a
|
|
|
|
/// Rocket-specific `panic!`. This typically means simply printing the
|
|
|
|
/// value.
|
|
|
|
///
|
|
|
|
/// 2. You want to display your own error messages.
|
2020-09-03 05:41:31 +00:00
|
|
|
pub struct Error {
|
2017-03-16 05:10:09 +00:00
|
|
|
handled: AtomicBool,
|
2020-09-03 05:41:31 +00:00
|
|
|
kind: ErrorKind
|
|
|
|
}
|
|
|
|
|
|
|
|
/// The kind error that occurred.
|
|
|
|
///
|
|
|
|
/// In almost every instance, a launch error occurs because of an I/O error;
|
|
|
|
/// this is represented by the `Io` variant. A launch error may also occur
|
|
|
|
/// because of ill-defined routes that lead to collisions or because a fairing
|
|
|
|
/// encountered an error; these are represented by the `Collision` and
|
|
|
|
/// `FailedFairing` variants, respectively.
|
|
|
|
#[derive(Debug)]
|
Introduce sentinels: auto-discovered launch abort.
Sentinels resolve a long-standing usability and functional correctness
issue in Rocket: starting an application with guards and/or responders
that depend on state that isn't available. The canonical example is the
'State' guard. Prior to this commit, an application with routes that
queried unmanaged state via 'State' would fail at runtime. With this
commit, the application refuses to launch with a detailed error message.
The 'Sentinel' docs explains it as:
A sentinel, automatically run on ignition, can trigger a launch
abort should an instance fail to meet arbitrary conditions. Every
type that appears in a mounted route's type signature is eligible to
be a sentinel. Of these, those that implement 'Sentinel' have their
'abort()' method invoked automatically, immediately after ignition,
once for each unique type. Sentinels inspect the finalized instance
of 'Rocket' and can trigger a launch abort by returning 'true'.
The following types are now sentinels:
* 'contrib::databases::Connection' (any '#[database]' type)
* 'contrib::templates::Metadata'
* 'contrib::templates::Template'
* 'core::State'
The following are "specialized" sentinels, which allow sentinel
discovery even through type aliases:
* 'Option<T>', 'Debug<T>' if 'T: Sentinel'
* 'Result<T, E>', 'Either<T, E>' if 'T: Sentinel', 'E: Sentinel'
Closes #464.
2021-04-16 08:23:15 +00:00
|
|
|
#[non_exhaustive]
|
2020-09-03 05:41:31 +00:00
|
|
|
pub enum ErrorKind {
|
|
|
|
/// Binding to the provided address/port failed.
|
|
|
|
Bind(io::Error),
|
|
|
|
/// An I/O error occurred during launch.
|
|
|
|
Io(io::Error),
|
|
|
|
/// An I/O error occurred in the runtime.
|
|
|
|
Runtime(Box<dyn std::error::Error + Send + Sync>),
|
Introduce statically-enforced 'Rocket' phasing.
The core 'Rocket' type is parameterized: 'Rocket<P: Phase>', where
'Phase' is a newly introduced, sealed marker trait. The trait is
implemented by three new marker types representing the three launch
phases: 'Build', 'Ignite', and 'Orbit'. Progression through these three
phases, in order, is enforced, as are the invariants guaranteed by each
phase. In particular, an instance of 'Rocket' is guaranteed to be in its
final configuration after the 'Build' phase and represent a running
local or public server in the 'Orbit' phase. The 'Ignite' phase serves
as an intermediate, enabling inspection of a finalized but stationary
instance. Transition between phases validates the invariants required
by the transition.
All APIs have been adjusted appropriately, requiring either an instance
of 'Rocket' in a particular phase ('Rocket<Build>', 'Rocket<Ignite>', or
'Rocket<Orbit>') or operating generically on a 'Rocket<P>'.
Documentation is also updated and substantially improved to mention
required and guaranteed invariants.
Additionally, this commit makes the following relevant changes:
* 'Rocket::ignite()' is now a public interface.
* 'Rocket::{build,custom}' methods can no longer panic.
* 'Launch' fairings are now 'ignite' fairings.
* 'Liftoff' fairings are always run, even in local mode.
* All 'ignite' fairings run concurrently at ignition.
* Launch logging occurs on launch, not any point prior.
* Launch log messages have improved formatting.
* A new launch error kind, 'Config', was added.
* A 'fairing::Result' type alias was introduced.
* 'Shutdown::shutdown()' is now 'Shutdown::notify()'.
Some internal changes were also introduced:
* Fairing 'Info' name for 'Templates' is now 'Templating'.
* Shutdown is implemented using 'tokio::sync::Notify'.
* 'Client::debug()' is used nearly universally in tests.
Resolves #1154.
Resolves #1136.
2021-04-14 02:26:45 +00:00
|
|
|
/// A valid [`Config`](crate::Config) could not be extracted from the
|
|
|
|
/// configured figment.
|
|
|
|
Config(figment::Error),
|
2020-09-03 05:41:31 +00:00
|
|
|
/// Route collisions were detected.
|
2021-03-26 04:36:00 +00:00
|
|
|
Collisions(crate::router::Collisions),
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
/// Launch fairing(s) failed.
|
|
|
|
FailedFairings(Vec<crate::fairing::Info>),
|
Introduce sentinels: auto-discovered launch abort.
Sentinels resolve a long-standing usability and functional correctness
issue in Rocket: starting an application with guards and/or responders
that depend on state that isn't available. The canonical example is the
'State' guard. Prior to this commit, an application with routes that
queried unmanaged state via 'State' would fail at runtime. With this
commit, the application refuses to launch with a detailed error message.
The 'Sentinel' docs explains it as:
A sentinel, automatically run on ignition, can trigger a launch
abort should an instance fail to meet arbitrary conditions. Every
type that appears in a mounted route's type signature is eligible to
be a sentinel. Of these, those that implement 'Sentinel' have their
'abort()' method invoked automatically, immediately after ignition,
once for each unique type. Sentinels inspect the finalized instance
of 'Rocket' and can trigger a launch abort by returning 'true'.
The following types are now sentinels:
* 'contrib::databases::Connection' (any '#[database]' type)
* 'contrib::templates::Metadata'
* 'contrib::templates::Template'
* 'core::State'
The following are "specialized" sentinels, which allow sentinel
discovery even through type aliases:
* 'Option<T>', 'Debug<T>' if 'T: Sentinel'
* 'Result<T, E>', 'Either<T, E>' if 'T: Sentinel', 'E: Sentinel'
Closes #464.
2021-04-16 08:23:15 +00:00
|
|
|
/// Sentinels requested abort.
|
|
|
|
SentinelAborts(Vec<crate::sentinel::Sentry>),
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
/// The configuration profile is not debug but not secret key is configured.
|
|
|
|
InsecureSecretKey(Profile),
|
2017-03-16 05:10:09 +00:00
|
|
|
}
|
|
|
|
|
2020-09-03 05:41:31 +00:00
|
|
|
impl From<ErrorKind> for Error {
|
|
|
|
fn from(kind: ErrorKind) -> Self {
|
|
|
|
Error::new(kind)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl Error {
|
2017-03-16 05:10:09 +00:00
|
|
|
#[inline(always)]
|
2020-09-03 05:41:31 +00:00
|
|
|
pub(crate) fn new(kind: ErrorKind) -> Error {
|
|
|
|
Error { handled: AtomicBool::new(false), kind }
|
2017-03-16 05:10:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[inline(always)]
|
|
|
|
fn was_handled(&self) -> bool {
|
|
|
|
self.handled.load(Ordering::Acquire)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[inline(always)]
|
|
|
|
fn mark_handled(&self) {
|
|
|
|
self.handled.store(true, Ordering::Release)
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Retrieve the `kind` of the launch error.
|
|
|
|
///
|
|
|
|
/// # Example
|
|
|
|
///
|
|
|
|
/// ```rust
|
2020-09-03 05:41:31 +00:00
|
|
|
/// use rocket::error::ErrorKind;
|
|
|
|
///
|
2020-06-14 15:57:55 +00:00
|
|
|
/// # let _ = async {
|
2021-04-08 08:07:52 +00:00
|
|
|
/// if let Err(error) = rocket::build().launch().await {
|
2020-09-03 05:41:31 +00:00
|
|
|
/// match error.kind() {
|
|
|
|
/// ErrorKind::Io(e) => println!("found an i/o launch error: {}", e),
|
|
|
|
/// e => println!("something else happened: {}", e)
|
2019-08-25 02:19:11 +00:00
|
|
|
/// }
|
|
|
|
/// }
|
2020-06-14 15:57:55 +00:00
|
|
|
/// # };
|
2017-03-16 05:10:09 +00:00
|
|
|
/// ```
|
|
|
|
#[inline]
|
2020-09-03 05:41:31 +00:00
|
|
|
pub fn kind(&self) -> &ErrorKind {
|
2017-03-16 05:10:09 +00:00
|
|
|
self.mark_handled();
|
|
|
|
&self.kind
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-10-27 23:04:25 +00:00
|
|
|
impl std::error::Error for Error { }
|
|
|
|
|
2020-09-03 05:41:31 +00:00
|
|
|
impl fmt::Display for ErrorKind {
|
2017-04-13 07:18:31 +00:00
|
|
|
#[inline]
|
2019-06-13 01:48:02 +00:00
|
|
|
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
2020-09-03 05:41:31 +00:00
|
|
|
match self {
|
|
|
|
ErrorKind::Bind(e) => write!(f, "binding failed: {}", e),
|
|
|
|
ErrorKind::Io(e) => write!(f, "I/O error: {}", e),
|
2021-03-26 04:36:00 +00:00
|
|
|
ErrorKind::Collisions(_) => "collisions detected".fmt(f),
|
Introduce sentinels: auto-discovered launch abort.
Sentinels resolve a long-standing usability and functional correctness
issue in Rocket: starting an application with guards and/or responders
that depend on state that isn't available. The canonical example is the
'State' guard. Prior to this commit, an application with routes that
queried unmanaged state via 'State' would fail at runtime. With this
commit, the application refuses to launch with a detailed error message.
The 'Sentinel' docs explains it as:
A sentinel, automatically run on ignition, can trigger a launch
abort should an instance fail to meet arbitrary conditions. Every
type that appears in a mounted route's type signature is eligible to
be a sentinel. Of these, those that implement 'Sentinel' have their
'abort()' method invoked automatically, immediately after ignition,
once for each unique type. Sentinels inspect the finalized instance
of 'Rocket' and can trigger a launch abort by returning 'true'.
The following types are now sentinels:
* 'contrib::databases::Connection' (any '#[database]' type)
* 'contrib::templates::Metadata'
* 'contrib::templates::Template'
* 'core::State'
The following are "specialized" sentinels, which allow sentinel
discovery even through type aliases:
* 'Option<T>', 'Debug<T>' if 'T: Sentinel'
* 'Result<T, E>', 'Either<T, E>' if 'T: Sentinel', 'E: Sentinel'
Closes #464.
2021-04-16 08:23:15 +00:00
|
|
|
ErrorKind::FailedFairings(_) => "launch fairing(s) failed".fmt(f),
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
ErrorKind::Runtime(e) => write!(f, "runtime error: {}", e),
|
|
|
|
ErrorKind::InsecureSecretKey(_) => "insecure secret key config".fmt(f),
|
Introduce statically-enforced 'Rocket' phasing.
The core 'Rocket' type is parameterized: 'Rocket<P: Phase>', where
'Phase' is a newly introduced, sealed marker trait. The trait is
implemented by three new marker types representing the three launch
phases: 'Build', 'Ignite', and 'Orbit'. Progression through these three
phases, in order, is enforced, as are the invariants guaranteed by each
phase. In particular, an instance of 'Rocket' is guaranteed to be in its
final configuration after the 'Build' phase and represent a running
local or public server in the 'Orbit' phase. The 'Ignite' phase serves
as an intermediate, enabling inspection of a finalized but stationary
instance. Transition between phases validates the invariants required
by the transition.
All APIs have been adjusted appropriately, requiring either an instance
of 'Rocket' in a particular phase ('Rocket<Build>', 'Rocket<Ignite>', or
'Rocket<Orbit>') or operating generically on a 'Rocket<P>'.
Documentation is also updated and substantially improved to mention
required and guaranteed invariants.
Additionally, this commit makes the following relevant changes:
* 'Rocket::ignite()' is now a public interface.
* 'Rocket::{build,custom}' methods can no longer panic.
* 'Launch' fairings are now 'ignite' fairings.
* 'Liftoff' fairings are always run, even in local mode.
* All 'ignite' fairings run concurrently at ignition.
* Launch logging occurs on launch, not any point prior.
* Launch log messages have improved formatting.
* A new launch error kind, 'Config', was added.
* A 'fairing::Result' type alias was introduced.
* 'Shutdown::shutdown()' is now 'Shutdown::notify()'.
Some internal changes were also introduced:
* Fairing 'Info' name for 'Templates' is now 'Templating'.
* Shutdown is implemented using 'tokio::sync::Notify'.
* 'Client::debug()' is used nearly universally in tests.
Resolves #1154.
Resolves #1136.
2021-04-14 02:26:45 +00:00
|
|
|
ErrorKind::Config(_) => "failed to extract configuration".fmt(f),
|
Introduce sentinels: auto-discovered launch abort.
Sentinels resolve a long-standing usability and functional correctness
issue in Rocket: starting an application with guards and/or responders
that depend on state that isn't available. The canonical example is the
'State' guard. Prior to this commit, an application with routes that
queried unmanaged state via 'State' would fail at runtime. With this
commit, the application refuses to launch with a detailed error message.
The 'Sentinel' docs explains it as:
A sentinel, automatically run on ignition, can trigger a launch
abort should an instance fail to meet arbitrary conditions. Every
type that appears in a mounted route's type signature is eligible to
be a sentinel. Of these, those that implement 'Sentinel' have their
'abort()' method invoked automatically, immediately after ignition,
once for each unique type. Sentinels inspect the finalized instance
of 'Rocket' and can trigger a launch abort by returning 'true'.
The following types are now sentinels:
* 'contrib::databases::Connection' (any '#[database]' type)
* 'contrib::templates::Metadata'
* 'contrib::templates::Template'
* 'core::State'
The following are "specialized" sentinels, which allow sentinel
discovery even through type aliases:
* 'Option<T>', 'Debug<T>' if 'T: Sentinel'
* 'Result<T, E>', 'Either<T, E>' if 'T: Sentinel', 'E: Sentinel'
Closes #464.
2021-04-16 08:23:15 +00:00
|
|
|
ErrorKind::SentinelAborts(_) => "sentinel(s) aborted".fmt(f),
|
2017-03-16 05:10:09 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-09-03 05:41:31 +00:00
|
|
|
impl fmt::Debug for Error {
|
2017-04-13 07:18:31 +00:00
|
|
|
#[inline]
|
2019-06-13 01:48:02 +00:00
|
|
|
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
2017-03-16 05:10:09 +00:00
|
|
|
self.mark_handled();
|
2019-09-14 04:07:19 +00:00
|
|
|
self.kind().fmt(f)
|
2017-03-16 05:10:09 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-09-03 05:41:31 +00:00
|
|
|
impl fmt::Display for Error {
|
2017-04-13 07:18:31 +00:00
|
|
|
#[inline]
|
2019-06-13 01:48:02 +00:00
|
|
|
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
2017-03-16 05:10:09 +00:00
|
|
|
self.mark_handled();
|
|
|
|
write!(f, "{}", self.kind())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-09-03 05:41:31 +00:00
|
|
|
impl Drop for Error {
|
2017-03-16 05:10:09 +00:00
|
|
|
fn drop(&mut self) {
|
2021-05-22 05:24:22 +00:00
|
|
|
// Don't panic if the message has been seen. Don't double-panic.
|
|
|
|
if self.was_handled() || std::thread::panicking() {
|
2017-03-16 05:10:09 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
match self.kind() {
|
2020-09-03 05:41:31 +00:00
|
|
|
ErrorKind::Bind(ref e) => {
|
2018-04-09 00:38:25 +00:00
|
|
|
error!("Rocket failed to bind network socket to given address/port.");
|
2020-09-03 05:41:31 +00:00
|
|
|
info_!("{}", e);
|
UTF-8 routes. Forms revamp. Temp files. Capped.
So. Many. Changes.
This is an insane commit: simultaneously one of the best (because of all
the wonderful improvements!) and one of the worst (because it is just
massive) in the project's history.
Routing:
* All UTF-8 characters are accepted everywhere in route paths. (#998)
* `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
becomes `#[route(GET, uri = "..")]`.
Forms Revamp
* All form related types now reside in a new `form` module.
* Multipart forms are supported. (resolves #106)
* Collections are supported in forms and queries. (resolves #205)
* Nested structures in forms and queries are supported. (resolves #313)
* Form fields can be ad-hoc validated with `#[field(validate = expr)]`.
* `FromFormValue` is now `FromFormField`, blanket implements `FromForm`.
* Form field values are always percent-decoded apriori.
Temporary Files
* A new `TempFile` data and form guard allows streaming data directly to a
file which can then be persisted.
* A new `temp_dir` config parameter specifies where to store `TempFile`.
* The limits `file` and `file/$ext`, where `$ext` is the file extension,
determines the data limit for a `TempFile`.
Capped
* A new `Capped` type is used to indicate when data has been truncated due to
incoming data limits. It allows checking whether data is complete or
truncated.
* `DataStream` methods return `Capped` types.
* `DataStream` API has been revamped to account for `Capped` types.
* Several `Capped<T>` types implement `FromData`, `FromForm`.
* HTTP 413 (Payload Too Large) errors are now returned when data limits are
exceeded. (resolves #972)
Hierarchical Limits
* Data limits are now hierarchical, delimited with `/`. A limit of `a/b/c`
falls back to `a/b` then `a`.
Core
* `&RawStr` no longer implements `FromParam`.
* `&str` implements `FromParam`, `FromData`, `FromForm`.
* `FromTransformedData` was removed.
* `FromData` gained a lifetime for use with request-local data.
* The default error HTML is more compact.
* `&Config` is a request guard.
* The `DataStream` interface was entirely revamped.
* `State` is only exported via `rocket::State`.
* A `request::local_cache!()` macro was added for storing values in
request-local cache without consideration for type uniqueness by using a
locally generated anonymous type.
* `Request::get_param()` is now `Request::param()`.
* `Request::get_segments()` is now `Request::segments()`, takes a range.
* `Request::get_query_value()` is now `Request::query_value()`, can parse any
`FromForm` including sequences.
* `std::io::Error` implements `Responder` like `Debug<std::io::Error>`.
* `(Status, R)` where `R: Responder` implements `Responder` by overriding the
`Status` of `R`.
* The name of a route is printed first during route matching.
* `FlashMessage` now only has one lifetime generic.
HTTP
* `RawStr` implements `serde::{Serialize, Deserialize}`.
* `RawStr` implements _many_ more methods, in particular, those related to the
`Pattern` API.
* `RawStr::from_str()` is now `RawStr::new()`.
* `RawStr::url_decode()` and `RawStr::url_decode_lossy()` only allocate as
necessary, return `Cow`.
* `Status` implements `Default` with `Status::Ok`.
* `Status` implements `PartialEq`, `Eq`, `Hash`, `PartialOrd`, `Ord`.
* Authority and origin part of `Absolute` can be modified with new
`Absolute::{with,set}_authority()`, `Absolute::{with,set}_origin()` methods.
* `Origin::segments()` was removed in favor of methods split into query and
path parts and into raw and decoded versions.
* The `Segments` iterator is smarter, returns decoded `&str` items.
* `Segments::into_path_buf()` is now `Segments::to_path_buf()`.
* A new `QuerySegments` is the analogous query segment iterator.
* Once set, `expires` on private cookies is not overwritten. (resolves #1506)
* `Origin::path()` and `Origin::query()` return `&RawStr`, not `&str`.
Codegen
* Preserve more spans in `uri!` macro.
* Preserve spans `FromForm` field types.
* All dynamic parameters in a query string must typecheck as `FromForm`.
* `FromFormValue` derive removed; `FromFormField` added.
* The `form` `FromForm` and `FromFormField` field attribute is now named
`field`. `#[form(field = ..)]` is now `#[field(name = ..)]`.
Contrib
* `Json` implements `FromForm`.
* `MsgPack` implements `FromForm`.
* The `json!` macro is exported as `rocket_contrib::json::json!`.
* Added clarifying docs to `StaticFiles`.
Examples
* `form_validation` and `form_kitchen_sink` removed in favor of `forms`.
* The `hello_world` example uses unicode in paths.
* The `json` example only allocates as necessary.
Internal
* Codegen uses new `exports` module with the following conventions:
- Locals starts with `__` and are lowercased.
- Rocket modules start with `_` and are lowercased.
- `std` types start with `_` and are titlecased.
- Rocket types are titlecased.
* A `header` module was added to `http`, contains header types.
* `SAFETY` is used as doc-string keyword for `unsafe` related comments.
* The `Uri` parser no longer recognizes Rocket route URIs.
2020-10-30 03:50:06 +00:00
|
|
|
panic!("aborting due to socket bind error");
|
2018-02-01 20:26:02 +00:00
|
|
|
}
|
2020-09-03 05:41:31 +00:00
|
|
|
ErrorKind::Io(ref e) => {
|
2017-03-16 05:10:09 +00:00
|
|
|
error!("Rocket failed to launch due to an I/O error.");
|
2020-09-03 05:41:31 +00:00
|
|
|
info_!("{}", e);
|
|
|
|
panic!("aborting due to i/o error");
|
2017-03-16 05:10:09 +00:00
|
|
|
}
|
2021-03-26 04:36:00 +00:00
|
|
|
ErrorKind::Collisions(ref collisions) => {
|
|
|
|
fn log_collisions<T: fmt::Display>(kind: &str, collisions: &[(T, T)]) {
|
|
|
|
if collisions.is_empty() { return }
|
|
|
|
|
|
|
|
error!("Rocket failed to launch due to the following {} collisions:", kind);
|
|
|
|
for &(ref a, ref b) in collisions {
|
|
|
|
info_!("{} {} {}", a, Paint::red("collides with").italic(), b)
|
|
|
|
}
|
2017-08-19 01:37:25 +00:00
|
|
|
}
|
|
|
|
|
2021-03-26 04:36:00 +00:00
|
|
|
log_collisions("route", &collisions.routes);
|
|
|
|
log_collisions("catcher", &collisions.catchers);
|
|
|
|
|
|
|
|
info_!("Note: Route collisions can usually be resolved by ranking routes.");
|
|
|
|
panic!("routing collisions detected");
|
2017-04-19 00:42:44 +00:00
|
|
|
}
|
2020-09-03 05:41:31 +00:00
|
|
|
ErrorKind::FailedFairings(ref failures) => {
|
2018-02-21 11:08:54 +00:00
|
|
|
error!("Rocket failed to launch due to failing fairings:");
|
|
|
|
for fairing in failures {
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
info_!("{}", fairing.name);
|
2018-02-21 11:08:54 +00:00
|
|
|
}
|
|
|
|
|
Introduce sentinels: auto-discovered launch abort.
Sentinels resolve a long-standing usability and functional correctness
issue in Rocket: starting an application with guards and/or responders
that depend on state that isn't available. The canonical example is the
'State' guard. Prior to this commit, an application with routes that
queried unmanaged state via 'State' would fail at runtime. With this
commit, the application refuses to launch with a detailed error message.
The 'Sentinel' docs explains it as:
A sentinel, automatically run on ignition, can trigger a launch
abort should an instance fail to meet arbitrary conditions. Every
type that appears in a mounted route's type signature is eligible to
be a sentinel. Of these, those that implement 'Sentinel' have their
'abort()' method invoked automatically, immediately after ignition,
once for each unique type. Sentinels inspect the finalized instance
of 'Rocket' and can trigger a launch abort by returning 'true'.
The following types are now sentinels:
* 'contrib::databases::Connection' (any '#[database]' type)
* 'contrib::templates::Metadata'
* 'contrib::templates::Template'
* 'core::State'
The following are "specialized" sentinels, which allow sentinel
discovery even through type aliases:
* 'Option<T>', 'Debug<T>' if 'T: Sentinel'
* 'Result<T, E>', 'Either<T, E>' if 'T: Sentinel', 'E: Sentinel'
Closes #464.
2021-04-16 08:23:15 +00:00
|
|
|
panic!("aborting due to fairing failure(s)");
|
2020-09-03 05:41:31 +00:00
|
|
|
}
|
|
|
|
ErrorKind::Runtime(ref err) => {
|
2021-06-07 22:59:40 +00:00
|
|
|
error!("An error occurred in the runtime:");
|
2020-09-03 05:41:31 +00:00
|
|
|
info_!("{}", err);
|
|
|
|
panic!("aborting due to runtime failure");
|
2017-04-20 20:43:01 +00:00
|
|
|
}
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
ErrorKind::InsecureSecretKey(profile) => {
|
|
|
|
error!("secrets enabled in non-debug without `secret_key`");
|
Introduce sentinels: auto-discovered launch abort.
Sentinels resolve a long-standing usability and functional correctness
issue in Rocket: starting an application with guards and/or responders
that depend on state that isn't available. The canonical example is the
'State' guard. Prior to this commit, an application with routes that
queried unmanaged state via 'State' would fail at runtime. With this
commit, the application refuses to launch with a detailed error message.
The 'Sentinel' docs explains it as:
A sentinel, automatically run on ignition, can trigger a launch
abort should an instance fail to meet arbitrary conditions. Every
type that appears in a mounted route's type signature is eligible to
be a sentinel. Of these, those that implement 'Sentinel' have their
'abort()' method invoked automatically, immediately after ignition,
once for each unique type. Sentinels inspect the finalized instance
of 'Rocket' and can trigger a launch abort by returning 'true'.
The following types are now sentinels:
* 'contrib::databases::Connection' (any '#[database]' type)
* 'contrib::templates::Metadata'
* 'contrib::templates::Template'
* 'core::State'
The following are "specialized" sentinels, which allow sentinel
discovery even through type aliases:
* 'Option<T>', 'Debug<T>' if 'T: Sentinel'
* 'Result<T, E>', 'Either<T, E>' if 'T: Sentinel', 'E: Sentinel'
Closes #464.
2021-04-16 08:23:15 +00:00
|
|
|
info_!("selected profile: {}", Paint::default(profile).bold());
|
Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.
This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.
The summary of changes in this commit are:
* Config 'secret_key' success and failure are now tested.
* 'secret_key' validation was moved to pre-launch from 'Config:from()'.
* 'Config::from()' only extracts the config.
* Added 'Config::try_from()' for non-panicking extraction.
* 'Config' now knows the profile it was extracted from.
* The 'Config' provider sets a profile of 'Config.profile'.
* 'Rocket', 'Client', 'Fairings', implement 'Debug'.
* 'fairing::Info' implements 'Copy', 'Clone'.
* 'Fairings' keeps track of, logs attach fairings.
* 'Rocket::reconfigure()' was added to allow modifying a config.
Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.
Resolves #1543.
Fixes #1564.
2021-03-09 08:07:43 +00:00
|
|
|
info_!("disable `secrets` feature or configure a `secret_key`");
|
|
|
|
panic!("aborting due to insecure configuration")
|
|
|
|
}
|
Introduce statically-enforced 'Rocket' phasing.
The core 'Rocket' type is parameterized: 'Rocket<P: Phase>', where
'Phase' is a newly introduced, sealed marker trait. The trait is
implemented by three new marker types representing the three launch
phases: 'Build', 'Ignite', and 'Orbit'. Progression through these three
phases, in order, is enforced, as are the invariants guaranteed by each
phase. In particular, an instance of 'Rocket' is guaranteed to be in its
final configuration after the 'Build' phase and represent a running
local or public server in the 'Orbit' phase. The 'Ignite' phase serves
as an intermediate, enabling inspection of a finalized but stationary
instance. Transition between phases validates the invariants required
by the transition.
All APIs have been adjusted appropriately, requiring either an instance
of 'Rocket' in a particular phase ('Rocket<Build>', 'Rocket<Ignite>', or
'Rocket<Orbit>') or operating generically on a 'Rocket<P>'.
Documentation is also updated and substantially improved to mention
required and guaranteed invariants.
Additionally, this commit makes the following relevant changes:
* 'Rocket::ignite()' is now a public interface.
* 'Rocket::{build,custom}' methods can no longer panic.
* 'Launch' fairings are now 'ignite' fairings.
* 'Liftoff' fairings are always run, even in local mode.
* All 'ignite' fairings run concurrently at ignition.
* Launch logging occurs on launch, not any point prior.
* Launch log messages have improved formatting.
* A new launch error kind, 'Config', was added.
* A 'fairing::Result' type alias was introduced.
* 'Shutdown::shutdown()' is now 'Shutdown::notify()'.
Some internal changes were also introduced:
* Fairing 'Info' name for 'Templates' is now 'Templating'.
* Shutdown is implemented using 'tokio::sync::Notify'.
* 'Client::debug()' is used nearly universally in tests.
Resolves #1154.
Resolves #1136.
2021-04-14 02:26:45 +00:00
|
|
|
ErrorKind::Config(error) => {
|
|
|
|
crate::config::pretty_print_error(error.clone());
|
|
|
|
panic!("aborting due to invalid configuration")
|
|
|
|
}
|
Introduce sentinels: auto-discovered launch abort.
Sentinels resolve a long-standing usability and functional correctness
issue in Rocket: starting an application with guards and/or responders
that depend on state that isn't available. The canonical example is the
'State' guard. Prior to this commit, an application with routes that
queried unmanaged state via 'State' would fail at runtime. With this
commit, the application refuses to launch with a detailed error message.
The 'Sentinel' docs explains it as:
A sentinel, automatically run on ignition, can trigger a launch
abort should an instance fail to meet arbitrary conditions. Every
type that appears in a mounted route's type signature is eligible to
be a sentinel. Of these, those that implement 'Sentinel' have their
'abort()' method invoked automatically, immediately after ignition,
once for each unique type. Sentinels inspect the finalized instance
of 'Rocket' and can trigger a launch abort by returning 'true'.
The following types are now sentinels:
* 'contrib::databases::Connection' (any '#[database]' type)
* 'contrib::templates::Metadata'
* 'contrib::templates::Template'
* 'core::State'
The following are "specialized" sentinels, which allow sentinel
discovery even through type aliases:
* 'Option<T>', 'Debug<T>' if 'T: Sentinel'
* 'Result<T, E>', 'Either<T, E>' if 'T: Sentinel', 'E: Sentinel'
Closes #464.
2021-04-16 08:23:15 +00:00
|
|
|
ErrorKind::SentinelAborts(ref failures) => {
|
|
|
|
error!("Rocket failed to launch due to aborting sentinels:");
|
|
|
|
for sentry in failures {
|
|
|
|
let name = Paint::default(sentry.type_name).bold();
|
|
|
|
let (file, line, col) = sentry.location;
|
|
|
|
info_!("{} ({}:{}:{})", name, file, line, col);
|
|
|
|
}
|
|
|
|
|
|
|
|
panic!("aborting due to sentinel-triggered abort(s)");
|
|
|
|
}
|
2017-03-16 05:10:09 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|