Merge pull request #331 from stim371/bounty_454

BUG: ActiveRecord::StatementInvalid: PG::NumericValueOutOfRange

Author: seuros

app/controllers/teams_controller.rb

@@ -256,10 +256,18 @@ def team_from_params(opts)
     if opts[:slug].present?
       Team.where(slug: opts[:slug].downcase).first
     else
-      Team.find(opts[:id])
+      if valid_id?(opts[:id])
+        Team.find(opts[:id])
+      else
+        nil
+      end
     end
   end
 
+  def valid_id?(id)
+    id.to_i.to_s == id && id.to_i < 2147483647
+  end
+
   def replace_section(section_name)
     section_name = section_name.tr('-', '_')
     "$('##{section_name}').replaceWith('#{escape_javascript(render(:partial => section_name))}');"

spec/controllers/teams_controller_spec.rb

@@ -59,6 +59,13 @@
       get :show, slug: team.slug, job_id: 'not-a-real-job-slug'
       expect(assigns(:job_page)).to eq(false)
     end
+
+    context 'when searching by an out of bounds or non-integer id' do
+      it 'should render 404' do
+        get :show, id: '54209333547a9e5'
+        expect(response).to have_http_status(404)
+      end
+    end
   end
 
   describe '#create' do