ActionItem618: redirecting to login before giving "access denied"

Antonio Terceiro
1 parent 43c3c5f7
Showing 3 changed files with 14 additions and 1 deletions Show diff stats
app/controllers/my_profile_controller.rb
lib/authenticated_system.rb
test/integration/login_to_the_application_test.rb
@@ -4,6 +4,8 @@ class MyProfileController &lt; ApplicationController
   require_ssl
+  before_filter :login_required
+
   # declares that the controller needs an specific type of profile. Example:
   #
   #  class PersonDetailControlles < ProfileAdminController
@@ -86,7 +86,7 @@ module AuthenticatedSystem
     # Redirect to the URI stored by the most recent store_location call or
     # to the passed default.
     def redirect_back_or_default(default)
-      session[:return_to] ? redirect_to_url(session[:return_to]) : redirect_to(default)
+      session[:return_to] ? redirect_to(session[:return_to]) : redirect_to(default)
       session[:return_to] = nil
     end
@@ -18,4 +18,15 @@ class LoginToTheApplicationTest &lt; ActionController::IntegrationTest
   end
+  def test_unauthenticated_user_tries_to_access_his_control_panel
+    Environment.any_instance.stubs(:disable_ssl).returns(true) # ignore SSL for this test 
+
+    get '/myprofile/ze'
+    assert_redirected_to '/account/login'
+
+    post '/account/login', :user => { :login => 'ze', :password => "test" }
+
+    assert_redirected_to '/myprofile/ze'
+  end
+
 end
	@@ -4,6 +4,8 @@ class MyProfileController < ApplicationController		@@ -4,6 +4,8 @@ class MyProfileController < ApplicationController
4		4
5	require_ssl	5	require_ssl
6		6
		7	+ before_filter :login_required
		8	+
7	# declares that the controller needs an specific type of profile. Example:	9	# declares that the controller needs an specific type of profile. Example:
8	#	10	#
9	# class PersonDetailControlles < ProfileAdminController	11	# class PersonDetailControlles < ProfileAdminController
	@@ -86,7 +86,7 @@ module AuthenticatedSystem		@@ -86,7 +86,7 @@ module AuthenticatedSystem
86	# Redirect to the URI stored by the most recent store_location call or	86	# Redirect to the URI stored by the most recent store_location call or
87	# to the passed default.	87	# to the passed default.
88	def redirect_back_or_default(default)	88	def redirect_back_or_default(default)
89	- session[:return_to] ? redirect_to_url(session[:return_to]) : redirect_to(default)	89	+ session[:return_to] ? redirect_to(session[:return_to]) : redirect_to(default)
90	session[:return_to] = nil	90	session[:return_to] = nil
91	end	91	end
92		92
	@@ -18,4 +18,15 @@ class LoginToTheApplicationTest < ActionController::IntegrationTest		@@ -18,4 +18,15 @@ class LoginToTheApplicationTest < ActionController::IntegrationTest
18		18
19	end	19	end
20		20
		21	+ def test_unauthenticated_user_tries_to_access_his_control_panel
		22	+ Environment.any_instance.stubs(:disable_ssl).returns(true) # ignore SSL for this test
		23	+
		24	+ get '/myprofile/ze'
		25	+ assert_redirected_to '/account/login'
		26	+
		27	+ post '/account/login', :user => { :login => 'ze', :password => "test" }
		28	+
		29	+ assert_redirected_to '/myprofile/ze'
		30	+ end
		31	+
21	end	32	end