[#55581] user generic error message for missing users

app/components/users/hover_card_component.html.erb

@@ -79,7 +79,8 @@ See COPYRIGHT and LICENSE files for more details.
     else
       render Primer::Beta::Blankslate.new(border: false, narrow: true) do |component|
         component.with_visual_icon(icon: "x-circle")
-        component.with_heading(tag: :h3).with_content(I18n.t("api_v3.errors.not_found.user"))
+        # Show a generic error message to avoid leaking information
+        component.with_heading(tag: :h3).with_content(I18n.t("http.response.unexpected"))
       end
     end
 %>

app/components/users/hover_card_component.rb

@@ -35,7 +35,7 @@ def initialize(id:)
     super
 
     @id = id
-    @user = User.find(@id)
+    @user = User.find_by(id: @id)
   end
 
   def show_email?

config/locales/en.yml

@@ -4136,7 +4136,6 @@ en:
       code_500_missing_enterprise_token: "The request can not be handled due to invalid or missing Enterprise token."
       not_found:
         work_package: "The work package you are looking for cannot be found or has been deleted."
-        user: "The user you are looking for cannot be found or has been deleted."
       expected:
         date: "YYYY-MM-DD (ISO 8601 date only)"
         datetime: "YYYY-MM-DDThh:mm:ss[.lll][+hh:mm] (any compatible ISO 8601 datetime)"

spec/components/users/hover_card_component_spec.rb

@@ -53,6 +53,14 @@
     page.find_test_selector("user-hover-card-name", text: user.name)
   end
 
+  context "when the user does not exist" do
+    let(:user) { instance_double(User, id: 9000) }
+
+    it "renders a generic error message" do
+      expect(page).to have_text(I18n.t("http.response.unexpected"))
+    end
+  end
+
   context "when displaying email addresses" do
     it "hides the email address of a user" do
       expect(page).not_to have_test_selector("user-hover-card-email")