From 1fe26385aa31f463289a6901201edf36f8e7b455 Mon Sep 17 00:00:00 2001 From: Larissa Reis Date: Sat, 26 Sep 2015 11:03:17 -0300 Subject: [PATCH] Require login for all pages when environment is private --- app/controllers/application_controller.rb | 7 ++++++- app/controllers/public/account_controller.rb | 2 +- test/functional/account_controller_test.rb | 11 +++++++++++ test/functional/profile_controller_test.rb | 6 ++++++ 4 files changed, 24 insertions(+), 2 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 74a80d0..e40a488 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -7,10 +7,15 @@ class ApplicationController < ActionController::Base before_filter :detect_stuff_by_domain before_filter :init_noosfero_plugins before_filter :allow_cross_domain_access - before_filter :login_required, :if => :private_environment? + before_filter :require_login_for_environment, :if => :private_environment? + before_filter :verify_members_whitelist, :if => [:private_environment?, :user] before_filter :redirect_to_current_user + def require_login_for_environment + login_required + end + def verify_members_whitelist render_access_denied unless user.is_admin? || environment.in_whitelist?(user) end diff --git a/app/controllers/public/account_controller.rb b/app/controllers/public/account_controller.rb index 18f6419..d80c62a 100644 --- a/app/controllers/public/account_controller.rb +++ b/app/controllers/public/account_controller.rb @@ -2,7 +2,7 @@ class AccountController < ApplicationController no_design_blocks - before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise, :change_password] + before_filter :login_required, :require_login_for_environment, :only => [:activation_question, :accept_terms, :activate_enterprise, :change_password] before_filter :redirect_if_logged_in, :only => [:login, :signup] before_filter :protect_from_bots, :only => :signup diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb index e6511b9..8837b91 100644 --- a/test/functional/account_controller_test.rb +++ b/test/functional/account_controller_test.rb @@ -1029,4 +1029,15 @@ class AccountControllerTest < ActionController::TestCase :national_region_type_id => NationalRegionType::CITY, :parent_national_region_code => parent_region.national_region_code) end + + should 'not lock users out of login if environment is restrict to members' do + Environment.default.enable(:restrict_to_members) + get :login + assert_response :success + + post :login, :user => {:login => 'johndoe', :password => 'test'} + assert session[:user] + assert_response :redirect + end + end diff --git a/test/functional/profile_controller_test.rb b/test/functional/profile_controller_test.rb index 5f4a779..43822a7 100644 --- a/test/functional/profile_controller_test.rb +++ b/test/functional/profile_controller_test.rb @@ -1748,4 +1748,10 @@ class ProfileControllerTest < ActionController::TestCase assert_no_tag :tag => 'td', :descendant => { :tag => 'a', :content => /#{person.enterprises.count}/, :attributes => { :href => /profile\/#{person.identifier}\/enterprises$/ }} end + should 'redirect to login if environment is restrict to members' do + Environment.default.enable(:restrict_to_members) + get :index + assert_redirected_to :controller => 'account', :action => 'login' + end + end -- libgit2 0.21.2