summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
Diffstat (limited to 'users')
-rw-r--r--users/app/controllers/controller_extension/authentication.rb4
-rw-r--r--users/test/functional/application_controller_test.rb2
-rw-r--r--users/test/support/auth_test_helper.rb6
-rw-r--r--users/test/unit/user_test.rb11
4 files changed, 19 insertions, 4 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 87f7921..1726278 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -20,7 +20,9 @@ module ControllerExtension::Authentication
end
def access_denied
- redirect_to login_url, :alert => "Not authorized"
+ # TODO: should we redirect to the root_url in either case, and have the root_url include the login screen (and also ability to create unauthenticated tickets) when no user is logged in?
+ redirect_to login_url, :alert => "Not authorized" if !logged_in?
+ redirect_to root_url, :alert => "Not authorized" if logged_in?
end
def admin?
diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb
index 857bae5..94b77bd 100644
--- a/users/test/functional/application_controller_test.rb
+++ b/users/test/functional/application_controller_test.rb
@@ -9,7 +9,7 @@ class ApplicationControllerTest < ActionController::TestCase
def test_authorize_redirect
@controller.send(:authorize)
- assert_access_denied
+ assert_access_denied(true, false)
end
def test_authorized
diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb
index f211597..795a977 100644
--- a/users/test/support/auth_test_helper.rb
+++ b/users/test/support/auth_test_helper.rb
@@ -15,10 +15,12 @@ module AuthTestHelper
return @current_user
end
- def assert_access_denied(denied = true)
+ def assert_access_denied(denied = true, logged_in = true)
if denied
assert_equal({:alert => "Not authorized"}, flash.to_hash)
- assert_redirected_to login_path
+ # todo: eventually probably eliminate separate conditions
+ assert_redirected_to login_path if !logged_in
+ assert_redirected_to root_path if logged_in
else
assert flash[:alert].blank?
end
diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb
index f057ca7..9977fca 100644
--- a/users/test/unit/user_test.rb
+++ b/users/test/unit/user_test.rb
@@ -48,4 +48,15 @@ class UserTest < ActiveSupport::TestCase
assert_equal client_rnd, srp_session.aa
end
+ test 'is user an admin' do
+ admin_login = APP_CONFIG['admins'].first
+ attribs = User.valid_attributes_hash
+ attribs[:login] = admin_login
+ admin_user = User.new(attribs)
+ assert admin_user.is_admin?
+ assert !@user.is_admin?
+
+ end
+
+
end