diff options
| author | jessib <jessib@riseup.net> | 2013-11-25 11:31:33 -0800 |
|---|---|---|
| committer | jessib <jessib@riseup.net> | 2013-11-25 11:31:33 -0800 |
| commit | 299dfdf4164ee10de63aa2543935eeed65437b3f (patch) | |
| tree | 13f878e171d1cbbbcc82f5e40c91db145017efb2 | |
| parent | d82ea5da2aa705bcfa74f2a8b42a197883b694e3 (diff) | |
Give 404 error if one goes to /key/user for non-existing user.
| -rw-r--r-- | users/app/controllers/keys_controller.rb | 6 | ||||
| -rw-r--r-- | users/test/functional/keys_controller_test.rb | 9 |
2 files changed, 9 insertions, 6 deletions
diff --git a/users/app/controllers/keys_controller.rb b/users/app/controllers/keys_controller.rb index 9a39fc4..949f2c0 100644 --- a/users/app/controllers/keys_controller.rb +++ b/users/app/controllers/keys_controller.rb @@ -3,8 +3,10 @@ class KeysController < ApplicationController def show user = User.find_by_login(params[:login]) # layout won't be included if we render text - # we will show blank page if user doesn't have key or user doesn't exist - render text: user ? user.public_key : '' + # we will show blank page if user doesn't have key (which shouldn't generally occur) + # and a 404 error if user doesn't exist + user ? (render text: user.public_key) : (raise ActionController::RoutingError.new('Not Found')) + end end diff --git a/users/test/functional/keys_controller_test.rb b/users/test/functional/keys_controller_test.rb index 9cc88d1..b69cbc0 100644 --- a/users/test/functional/keys_controller_test.rb +++ b/users/test/functional/keys_controller_test.rb @@ -13,6 +13,7 @@ class KeysControllerTest < ActionController::TestCase end test "get non-existing public key for user" do + # this isn't a scenerio that should generally occur. @user = stub_record :user User.stubs(:find_by_login).with(@user.login).returns(@user) get :show, :login => @user.login @@ -22,10 +23,10 @@ class KeysControllerTest < ActionController::TestCase end test "get public key for non-existing user" do - get :show, :login => 'asdkljslksjfdlskfj' - assert_response :success - assert_equal "text/html", response.content_type - assert_equal '', response.body.strip + # raise 404 error if user doesn't exist (doesn't need to be this routing error, but seems fine to assume for now): + assert_raise(ActionController::RoutingError) { + get :show, :login => 'asdkljslksjfdlskfj' + } end end |