Download as
Browse Code »

Commit 226e4e287669e2245d3a3fcd552f7460dcd495cc

Authored by Moises Machado
Committed by Antonio Terceiro
1 parent 7e5e9579
Exists in master and in 22 other branches angular_poc, api-article-archived, article-readonly, backup-7-jan-2016, captcha_serpro_plugin, content-manager-hostspot, export-comment-paragraph, fix_event_date_issue, login-captcha, master_rails3, new_video_plugin, pg_search_rank, production, refactor_with_role, refactor_with_role_scope, remove_profile_cat_icons, resend_confirmation_email, staging, staging_rails3, tasks_keep_filter_params, theme-brasil-digital-from-staging, travis

ActionItem905: avoid ssl in public articles

Showing 2 changed files with 11 additions and 0 deletions   Show diff stats
app/controllers/public/content_viewer_controller.rb
  Diff comments   View file @226e4e2
@@ -44,6 +44,10 @@ class ContentViewerController < ApplicationController @@ -44,6 +44,10 @@ class ContentViewerController < ApplicationController
44 return if redirect_to_ssl 44 return if redirect_to_ssl
45 end 45 end
46 46
  47 + if @page.public?
  48 + return unless avoid_ssl
  49 + end
  50 +
47 if !@page.display_to?(user) 51 if !@page.display_to?(user)
48 # FIXME find a nice "access denied" layout 52 # FIXME find a nice "access denied" layout
49 render :action => 'access_denied', :status => 403, :layout => false 53 render :action => 'access_denied', :status => 403, :layout => false
test/functional/content_viewer_controller_test.rb
  Diff comments   View file @226e4e2
@@ -460,6 +460,13 @@ class ContentViewerControllerTest < Test::Unit::TestCase @@ -460,6 +460,13 @@ class ContentViewerControllerTest < Test::Unit::TestCase
460 assert_redirected_to :protocol => 'https://', :profile => 'testinguser', :page => [ 'myarticle' ] 460 assert_redirected_to :protocol => 'https://', :profile => 'testinguser', :page => [ 'myarticle' ]
461 end 461 end
462 462
  463 + should 'avoid SSL for viewing public articles' do
  464 + @request.expects(:ssl?).returns(true).at_least_once
  465 + page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => true)
  466 + get :view_page, :profile => 'testinguser', :page => [ 'myarticle' ]
  467 + assert_redirected_to :protocol => 'http://', :profile => 'testinguser', :page => [ 'myarticle' ]
  468 + end
  469 +
463 should 'not redirect to SSL if already on SSL' do 470 should 'not redirect to SSL if already on SSL' do
464 @request.expects(:ssl?).returns(true).at_least_once 471 @request.expects(:ssl?).returns(true).at_least_once
465 page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => false) 472 page = profile.articles.create!(:name => 'myarticle', :body => 'top secret', :public_article => false)