summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
Diffstat (limited to 'users')
-rw-r--r--users/app/controllers/controller_extension/authentication.rb4
-rw-r--r--users/test/functional/application_controller_test.rb2
-rw-r--r--users/test/support/auth_test_helper.rb6
-rw-r--r--users/test/unit/user_test.rb11
4 files changed, 18 insertions, 5 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 6ac7a5b..f2184d9 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -24,7 +24,9 @@ module ControllerExtension::Authentication
end
def access_denied
- redirect_to login_url, :alert => "Not authorized"
+ # TODO: should we redirect to the root_url in either case, and have the root_url include the login screen (and also ability to create unauthenticated tickets) when no user is logged in?
+ redirect_to login_url, :alert => "Not authorized" if !logged_in?
+ redirect_to root_url, :alert => "Not authorized" if logged_in?
end
def admin?
diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb
index 857bae5..94b77bd 100644
--- a/users/test/functional/application_controller_test.rb
+++ b/users/test/functional/application_controller_test.rb
@@ -9,7 +9,7 @@ class ApplicationControllerTest < ActionController::TestCase
def test_authorize_redirect
@controller.send(:authorize)
- assert_access_denied
+ assert_access_denied(true, false)
end
def test_authorized
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
index f3506ae..6a82f24 100644
--- a/users/test/support/auth_test_helper.rb
+++ b/users/test/support/auth_test_helper.rb
@@ -19,10 +19,12 @@ module AuthTestHelper
return @current_user
end
- def assert_access_denied(denied = true)
+ def assert_access_denied(denied = true, logged_in = true)
if denied
assert_equal({:alert => "Not authorized"}, flash.to_hash)
- assert_redirected_to login_path
+ # todo: eventually probably eliminate separate conditions
+ assert_redirected_to login_path if !logged_in
+ assert_redirected_to root_path if logged_in
else
assert flash[:alert].blank?
end
diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb
index 29f6a89..5d2a7ea 100644
--- a/users/test/unit/user_test.rb
+++ b/users/test/unit/user_test.rb
@@ -49,6 +49,16 @@ class UserTest < ActiveSupport::TestCase
assert_equal client_rnd, srp_session.aa
end
+ test 'is user an admin' do
+ admin_login = APP_CONFIG['admins'].first
+ attribs = User.valid_attributes_hash
+ attribs[:login] = admin_login
+ admin_user = User.new(attribs)
+ assert admin_user.is_admin?
+ assert !@user.is_admin?
+
+ end
+
test "find user by email" do
email = "tryto@find.me"
@user.email = email
@@ -57,5 +67,4 @@ class UserTest < ActiveSupport::TestCase
assert_equal @user, User.find_by_email_or_alias(email)
assert_nil User.find_by_email_alias(email)
end
-
end