diff options
| -rw-r--r-- | users/app/controllers/controller_extension/authentication.rb | 1 | ||||
| -rw-r--r-- | users/test/unit/user_test.rb | 11 |
2 files changed, 12 insertions, 0 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index 598d8a9..e27b4da 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -20,6 +20,7 @@ module ControllerExtension::Authentication end def access_denied + # TODO: should we redirect to the root_url in either case, and have the root_url include the login screen (and also ability to create unauthenticated tickets) when no user is logged in? redirect_to login_url, :alert => "Not authorized" if !logged_in? redirect_to root_url, :alert => "Not authorized" if logged_in? end diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb index f057ca7..9977fca 100644 --- a/users/test/unit/user_test.rb +++ b/users/test/unit/user_test.rb @@ -48,4 +48,15 @@ class UserTest < ActiveSupport::TestCase assert_equal client_rnd, srp_session.aa end + test 'is user an admin' do + admin_login = APP_CONFIG['admins'].first + attribs = User.valid_attributes_hash + attribs[:login] = admin_login + admin_user = User.new(attribs) + assert admin_user.is_admin? + assert !@user.is_admin? + + end + + end |