summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
Diffstat (limited to 'users')
-rw-r--r--users/app/controllers/controller_extension/authentication.rb1
-rw-r--r--users/test/unit/user_test.rb11
2 files changed, 12 insertions, 0 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 598d8a9..e27b4da 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -20,6 +20,7 @@ module ControllerExtension::Authentication
end
def access_denied
+ # TODO: should we redirect to the root_url in either case, and have the root_url include the login screen (and also ability to create unauthenticated tickets) when no user is logged in?
redirect_to login_url, :alert => "Not authorized" if !logged_in?
redirect_to root_url, :alert => "Not authorized" if logged_in?
end
diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb
index f057ca7..9977fca 100644
--- a/users/test/unit/user_test.rb
+++ b/users/test/unit/user_test.rb
@@ -48,4 +48,15 @@ class UserTest < ActiveSupport::TestCase
assert_equal client_rnd, srp_session.aa
end
+ test 'is user an admin' do
+ admin_login = APP_CONFIG['admins'].first
+ attribs = User.valid_attributes_hash
+ attribs[:login] = admin_login
+ admin_user = User.new(attribs)
+ assert admin_user.is_admin?
+ assert !@user.is_admin?
+
+ end
+
+
end