Only set the warden scope if there's a user object

This prevents having a user object that only contains the scope with no other information
bugsnag · May 17, 2024 · 5be33d4 · 5be33d4
1 parent d0b34ea
commit 5be33d4
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 1 deletion.
diff --git a/lib/bugsnag/middleware/warden_user.rb b/lib/bugsnag/middleware/warden_user.rb
@@ -21,9 +21,12 @@ def call(report)
           best_scope = warden_scopes.include?("user") ? "user" : warden_scopes.first
 
           # Extract useful user information
-          user = { :warden_scope => best_scope }
+          user = {}
           user_object = env["warden"].user({:scope => best_scope, :run_callbacks => false}) rescue nil
+
           if user_object
+            user[:warden_scope] = best_scope
+
             # Build the user info for this scope
             COMMON_USER_FIELDS.each do |field|
               user[field] = user_object.send(field) if user_object.respond_to?(field)

diff --git a/spec/integrations/warden_user_spec.rb b/spec/integrations/warden_user_spec.rb
@@ -78,4 +78,31 @@
     middleware = Bugsnag::Middleware::WardenUser.new(callback)
     middleware.call(report)
   end
+
+  it "doesn't set the user if the user object is empty" do
+    callback = double
+
+    warden = double
+    allow(warden).to receive(:user).with({
+      scope: "user",
+      run_callbacks: false,
+    }).and_return(nil)
+
+    report = double("Bugsnag::Report")
+    expect(report).to receive(:request_data).exactly(3).times.and_return({
+      :rack_env => {
+        "warden" => warden,
+        "rack.session" => {
+          "warden.user.user.key" => "TEST_USER"
+        }
+      }
+    })
+
+    expect(report).not_to receive(:user=)
+
+    expect(callback).to receive(:call).with(report)
+
+    middleware = Bugsnag::Middleware::WardenUser.new(callback)
+    middleware.call(report)
+  end
 end