Initial commit

app/Exceptions/Handler.php

@@ -0,0 +1,107 @@
+<?php
+
+namespace App\Exceptions;
+
+use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
+use Symfony\Component\HttpKernel\Exception\HttpException;
+use Throwable;
+
+class Handler extends ExceptionHandler
+{
+    /**
+     * A list of the exception types that are not reported.
+     *
+     * @var array<int, class-string<Throwable>>
+     */
+    protected $dontReport = [
+        //
+    ];
+
+    /**
+     * A list of the inputs that are never flashed for validation exceptions.
+     *
+     * @var array<int, string>
+     */
+    protected $dontFlash = [
+        'current_password',
+        'password',
+        'password_confirmation',
+    ];
+
+    /**
+     * Register the exception handling callbacks for the application.
+     *
+     * @return void
+     */
+    public function register()
+    {
+        $this->reportable(function (Throwable $e) {
+            //
+        });
+    }
+
+    /**
+     * Determine if the exception should use our custom rendering
+     * even in debug mode.
+     */
+    protected function shouldRenderCustom403(Throwable $e): bool
+    {
+        if ($e instanceof HttpException && $e->getStatusCode() === 403) {
+            $message = $e->getMessage();
+            return str_contains($message, 'Unauthorized:');
+        }
+        return false;
+    }
+
+    /**
+     * Determine if exception should be reported.
+     * We don't report ProfileAuthorizationHelper exceptions as they are expected security blocks.
+     */
+    public function shouldReport(Throwable $e)
+    {
+        // Don't report ProfileAuthorizationHelper 403s - they're expected security blocks
+        if ($this->shouldRenderCustom403($e)) {
+            return false;
+        }
+
+        return parent::shouldReport($e);
+    }
+
+    /**
+     * Prepare exception for rendering - override to prevent Whoops in debug mode
+     * for ProfileAuthorizationHelper exceptions.
+     */
+    protected function prepareException(Throwable $e): Throwable
+    {
+        // For our custom 403s, don't use parent preparation which might add Whoops
+        if ($this->shouldRenderCustom403($e)) {
+            return $e;
+        }
+
+        return parent::prepareException($e);
+    }
+
+    /**
+     * Render an exception into an HTTP response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Throwable  $e
+     * @return \Symfony\Component\HttpFoundation\Response
+     *
+     * @throws \Throwable
+     */
+    public function render($request, Throwable $e)
+    {
+        // Handle ProfileAuthorizationHelper 403 exceptions even in debug mode
+        // This ensures users see friendly error pages instead of stack traces
+        if ($this->shouldRenderCustom403($e)) {
+            $message = $e->getMessage();
+            return response()->view('errors.403-profile-mismatch', [
+                'exception' => $e,
+                'message' => $message
+            ], 403);
+        }
+
+        return parent::render($request, $e);
+    }
+}