ejdraper / chameleon Goto Github PK

By possibly determining format from URI widget_name.json?key=blah and having XML as default.

When an error is raised in the chameleon controller, raise is used with a string, which never gets caught and leads to a 500 error and (by default) rails will return a html error page of some sort, which geckoboard cannot understand. Geckoboard then shows the user the error "Sorry, server error", which makes it difficult to know what has gone wrong.

In the geckoboard documentation it's possible to return an xml document on 403, 404 and 500 errors, that looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<root>
    <error>Access denied.</error>
</root>

Which (I believe) geckoboard can understand and give a human-readable answer to the end user, when combined with the appropriate status code.

When adding a custom widget on the geckoboard website, there is an API key field in the form. According to the geckoboard developer docs this is passed via HTTP basic auth as the username. However, chameleon only checks params[:key] (or params[key_parameter]) for the key, meaning that to use chameleon you have to do a workaround of using a GET request and entering the key as a query string parameter.

Ideally chameleon should support both methods. It wouldn't be hard to check the HTTP basic auth by using authenticate_or_request_with_http_basic from the controller.

Chameleon uses "match" when routing, which has been removed from rails4.