diff options
author | azul <azul@leap.se> | 2014-07-17 12:16:07 +0200 |
---|---|---|
committer | azul <azul@leap.se> | 2014-07-17 12:16:07 +0200 |
commit | ade74d8a9091ae607586d7b287a0579a2ee7af8e (patch) | |
tree | 74273b8ba7e35d0fb3c96aa79e63c93086d15146 /engines | |
parent | 952bc18e8333ca5c3e6e16f8059f84a1414d5f6f (diff) | |
parent | e86cccb4b89540f3bd403110d051b2723be781b9 (diff) |
Merge pull request #176 from azul/feature/api-authenticated-configs
API: Authenticated access to config settings
Diffstat (limited to 'engines')
3 files changed, 15 insertions, 8 deletions
diff --git a/engines/billing/test/functional/customers_controller_test.rb b/engines/billing/test/functional/customers_controller_test.rb index 46c33c9..cc82fc1 100644 --- a/engines/billing/test/functional/customers_controller_test.rb +++ b/engines/billing/test/functional/customers_controller_test.rb @@ -27,11 +27,11 @@ class CustomersControllerTest < ActionController::TestCase test "no access if not logged in" do get :new - assert_access_denied(true, false) + assert_login_required get :show, :id => @customer.braintree_customer_id - assert_access_denied(true, false) + assert_login_required get :edit, :id => @customer.braintree_customer_id - assert_access_denied(true, false) + assert_login_required end diff --git a/engines/support/app/views/tickets/_new_comment_form.html.haml b/engines/support/app/views/tickets/_new_comment_form.html.haml index 711421d..f285b8b 100644 --- a/engines/support/app/views/tickets/_new_comment_form.html.haml +++ b/engines/support/app/views/tickets/_new_comment_form.html.haml @@ -4,10 +4,17 @@ = simple_form_for @ticket, :html => {:class => 'slim'} do |f| = hidden_ticket_fields = f.simple_fields_for :comments, @comment, :wrapper => :none, :html => {:class => 'slim'} do |c| - = c.input :body, :label => false, :as => :text, :input_html => {:class => "full-width", :rows=> 5} + = c.input :body, :label => false, :as => :text, + :input_html => {:class => "full-width", :rows=> 5} - if admin? - = c.input :private, :as => :boolean, :label => false, :inline_label => true - = f.button :loading, t(".post_reply"), class: 'btn-primary', value: 'post_reply' + = c.input :private, + :as => :boolean, + :label => false, + :inline_label => true + = f.button :loading, t(".post_reply", cascade: true), + class: 'btn-primary', + value: 'post_reply' - if logged_in? && @ticket.is_open - = f.button :loading, t(".reply_and_close"), value: 'reply_and_close' + = f.button :loading, t(".reply_and_close", cascade: true), + value: 'reply_and_close' = btn t(".cancel"), auto_tickets_path diff --git a/engines/support/test/functional/tickets_controller_test.rb b/engines/support/test/functional/tickets_controller_test.rb index e36f5f6..a7a2011 100644 --- a/engines/support/test/functional/tickets_controller_test.rb +++ b/engines/support/test/functional/tickets_controller_test.rb @@ -45,7 +45,7 @@ class TicketsControllerTest < ActionController::TestCase user = find_record :user ticket = find_record :ticket, :created_by => user.id get :show, :id => ticket.id - assert_login_required + assert_access_denied end test "user tickets are visible to creator" do |