Api::V1::ContactCompaniesController#create and
#destroy call error_response with keyword
arguments (code:, message:), but the method
signature in
app/controllers/concerns/api_response_helper.rb:82
expects positional args. Any validation failure
from LinkCompanyService / UnlinkCompanyService
crashes with ArgumentError instead of returning a
clean 400.
Affected files
app/controllers/api/v1/contact_companies_controller .rb (around line 34):
error_response(
code: ApiErrorCodes::BUSINESS_RULE_VIOLATION,
message: service_result[:error]
)
app/controllers/concerns/api_response_helper.rb:82
:
def error_response(code, message, details: nil,
status: :bad_request)
# positional code, message
end
Reproduction
Once [issue #1] is fixed (the
must_belong_to_same_account problem), try to create
a duplicate link:
curl -X POST "https://api-crm.example.com/api/v1/con
tacts/<c>/companies" \
-H "api_access_token: ..." \
-H "Content-Type: application/json" \
-d '{"company_id":"<co>"}' # first call: 200
curl -X POST "https://api-crm.example.com/api/v1/con
tacts/<c>/companies" \
-H "api_access_token: ..." \
-H "Content-Type: application/json" \
-d '{"company_id":"<co>"}' # second call: 500
(should be 400)Expected
400 with body:
{"success":false,"error":{"code":"BUSINESS_RULE_VIOL
ATION","message":"Already linked"}}Actual
500 with log:
ArgumentError - wrong number of arguments (given 0,
expected 2)
app/controllers/concerns/api_response_helper.rb:82
:in 'error_response'
app/controllers/api/v1/contact_companies_controlle
r.rb:34:in 'create'
Proposed fix
Change kwargs to positional in both create and
destroy methods:
error_response(
ApiErrorCodes::BUSINESS_RULE_VIOLATION,
service_result[:error]
)
Version
Image evoapicloud/evo-ai-crm-community:latest as
of 2026-04-19.
Contexto pra incluir no primeiro comentário se for
um issue consolidado (opcional):
▎ Discovered while running a migration of ~12k
▎ contacts, 240 companies and ~1k pipeline items
▎ from Kommo to a fresh EVO CRM Community install.
▎ All three bugs are reproducible on an untouched
▎ deployment of the current latest image. We've
▎ patched them locally via a Rails initializer
▎ monkey-patch — can share the patch file if useful.
Api::V1::ContactCompaniesController#createand#destroycallerror_responsewith keywordarguments (
code:,message:), but the methodsignature in
app/controllers/concerns/api_response_helper.rb:82expects positional args. Any validation failure
from
LinkCompanyService/UnlinkCompanyServicecrashes with
ArgumentErrorinstead of returning aclean 400.
Affected files
app/controllers/api/v1/contact_companies_controller .rb(around line 34):app/controllers/concerns/api_response_helper.rb:82:
Reproduction
Once [issue #1] is fixed (the
must_belong_to_same_account problem), try to create
a duplicate link:
Expected
400with body:{"success":false,"error":{"code":"BUSINESS_RULE_VIOL ATION","message":"Already linked"}}Actual
500with log:Proposed fix
Change kwargs to positional in both
createanddestroymethods:Version
Image
evoapicloud/evo-ai-crm-community:latestasof 2026-04-19.
Contexto pra incluir no primeiro comentário se for
um issue consolidado (opcional):
▎ Discovered while running a migration of ~12k
▎ contacts, 240 companies and ~1k pipeline items
▎ from Kommo to a fresh EVO CRM Community install.
▎ All three bugs are reproducible on an untouched
▎ deployment of the current latest image. We've
▎ patched them locally via a Rails initializer
▎ monkey-patch — can share the patch file if useful.