Emit CSV error when no header row has been written

If a csv page errored before its first data row, columns was empty and
write_record produced an empty record, dropping the error message. Emit a
single-field record in that case. Adds a regression test.

Author: lovasoa

src/render.rs

@@ -713,15 +713,22 @@ impl CsvBodyRenderer {
 
     pub async fn handle_error(&mut self, error: &anyhow::Error) -> anyhow::Result<()> {
         let err_str = error_message(error, self.is_prod);
-        self.writer
-            .write_record(
-                self.columns
-                    .iter()
-                    .enumerate()
-                    .map(|(i, _)| if i == 0 { err_str.as_str() } else { "" })
-                    .collect::<Vec<_>>(),
-            )
-            .await?;
+        if self.columns.is_empty() {
+            // The error happened before any header row was written, so there are
+            // no columns to align with. Emit a single-field record so the error
+            // is still reported instead of an empty record.
+            self.writer.write_record([err_str.as_str()]).await?;
+        } else {
+            self.writer
+                .write_record(
+                    self.columns
+                        .iter()
+                        .enumerate()
+                        .map(|(i, _)| if i == 0 { err_str.as_str() } else { "" })
+                        .collect::<Vec<_>>(),
+                )
+                .await?;
+        }
         Ok(())
     }
 

tests/data_formats/csv_error_no_rows.sql

@@ -0,0 +1,4 @@
+select 'csv' as component;
+-- Error before any data row: the CSV header is never written, so columns is
+-- empty when handle_error runs.
+select * from definitely_missing_table_xyz;

tests/data_formats/mod.rs

@@ -312,6 +312,33 @@ async fn test_prod_csv_error_does_not_leak_sql() {
     assert_no_sql_leak(&body, "csv error");
 }
 
+/// A CSV page can hit an error before its first data row (so no header has been
+/// written and `columns` is empty). The generic error message must still be
+/// emitted instead of an empty record.
+#[actix_web::test]
+async fn test_prod_csv_error_before_any_row_still_reports() {
+    let app_data = make_prod_app_data().await;
+    if matches!(
+        app_data.db.info.database_type,
+        sqlpage::webserver::database::SupportedDatabase::Oracle
+    ) {
+        return;
+    }
+    let req = TestRequest::get()
+        .uri("/tests/data_formats/csv_error_no_rows.sql")
+        .insert_header((header::ACCEPT, "text/csv"))
+        .app_data(app_data)
+        .to_srv_request();
+    let resp = main_handler(req).await.expect("handler should not fail");
+    let body = test::read_body(resp).await;
+    let body = String::from_utf8(body.to_vec()).unwrap();
+    assert!(
+        body.to_lowercase().contains("administrator"),
+        "csv error before the first row must still emit the generic error message: {body:?}"
+    );
+    assert_no_sql_leak(&body, "csv error before any row");
+}
+
 /// An author may only intend a page to be served as HTML, but a client can
 /// request it with `Accept: application/json` and pick the JSON renderer.
 /// In production that path must not leak SQL text either.