Fix 404 on project page for unauthenticated user

Eliminate a 404 error when user is not logged in and attempts to visit a project page. The 404 page will still show up when user is logged in and the project doesn’t exist or the user doesn’t have access.

Fix 404 on project page for unauthenticated user
Eliminate a 404 error when user is not logged in and attempts to visit a project page. The 404 page will still show up when user is logged in and the project doesn’t exist or the user doesn’t have access.
Jason Hollingsworth
1 parent 23d180f5
Showing 7 changed files with 71 additions and 6 deletions Show diff stats
CHANGELOG
app/controllers/application_controller.rb
features/project/redirects.feature
features/public/public_projects.feature
features/steps/profile/profile.rb
features/steps/project/redirects.rb
features/steps/shared/authentication.rb
@@ -8,6 +8,7 @@ v 6.4.0
   - Internal projects (Jason Hollingsworth)
   - Allow removal of avatar (Drew Blessing)
   - Project web hooks now support issues and merge request events
+  - Visiting project page while not logged in will redirect to sign-in instead of 404 (Jason Hollingsworth)
 v 6.3.0
   - API for adding gitlab-ci service
@@ -81,6 +81,9 @@ class ApplicationController &lt; ActionController::Base
     if @project and can?(current_user, :read_project, @project)
       @project
+    elsif current_user.nil?
+      @project = nil
+      authenticate_user!
     else
       @project = nil
       render_404 and return
@@ -0,0 +1,26 @@
+Feature: Project Redirects
+  Background:
+    Given public project "Community"
+    And private project "Enterprise"
+
+  Scenario: I visit public project page
+    When I visit project "Community" page
+    Then I should see project "Community" home page
+
+  Scenario: I visit private project page
+    When I visit project "Enterprise" page
+    Then I should be redirected to sign in page
+
+  Scenario: I visit a non-existent project page
+    When I visit project "CommunityDoesNotExist" page
+    Then I should be redirected to sign in page
+
+  Scenario: I visit a non-existent project page as user
+    Given I sign in as a user
+    When I visit project "CommunityDoesNotExist" page
+    Then page status code should be 404
+
+  Scenario: I visit unauthorized project page as user
+    Given I sign in as a user
+    When I visit project "Enterprise" page
+    Then page status code should be 404
@@ -16,11 +16,11 @@ Feature: Public Projects Feature
   Scenario: I visit internal project page
     When I visit project "Internal" page
-    Then page status code should be 404
+    Then I should be redirected to sign in page
   Scenario: I visit private project page
     When I visit project "Enterprise" page
-    Then page status code should be 404
+    Then I should be redirected to sign in page
   Scenario: I visit an empty public project page
     Given public empty project "Empty Public Project"
@@ -88,10 +88,6 @@ class Profile &lt; Spinach::FeatureSteps
     page.should have_content "Password doesn't match confirmation"
   end
-  step 'I should be redirected to sign in page' do
-    current_path.should == new_user_session_path
-  end
-
   step 'I reset my token' do
     within '.update-token' do
       @old_token = @user.private_token
@@ -0,0 +1,35 @@
+class Spinach::Features::ProjectRedirects < Spinach::FeatureSteps
+  include SharedAuthentication
+  include SharedPaths
+  include SharedProject
+
+  step 'public project "Community"' do
+    create :project_with_code, name: 'Community', visibility_level: Gitlab::VisibilityLevel::PUBLIC
+  end
+
+  step 'private project "Enterprise"' do
+    create :project, name: 'Enterprise'
+  end
+
+  step 'I visit project "Community" page' do
+    project = Project.find_by_name('Community')
+    visit project_path(project)
+  end
+
+  step 'I should see project "Community" home page' do
+    within '.project-home-title' do
+      page.should have_content 'Community'
+    end
+  end
+
+  step 'I visit project "Enterprise" page' do
+    project = Project.find_by_name('Enterprise')
+    visit project_path(project)
+  end
+
+  step 'I visit project "CommunityDoesNotExist" page' do
+    project = Project.find_by_name('Community')
+    visit project_path(project) + 'DoesNotExist'
+  end
+end
+
@@ -12,6 +12,10 @@ module SharedAuthentication
     login_as :admin
   end
+  step 'I should be redirected to sign in page' do
+    current_path.should == new_user_session_path
+  end
+
   def current_user
     @user || User.first
   end
	@@ -8,6 +8,7 @@ v 6.4.0		@@ -8,6 +8,7 @@ v 6.4.0
8	- Internal projects (Jason Hollingsworth)	8	- Internal projects (Jason Hollingsworth)
9	- Allow removal of avatar (Drew Blessing)	9	- Allow removal of avatar (Drew Blessing)
10	- Project web hooks now support issues and merge request events	10	- Project web hooks now support issues and merge request events
		11	+ - Visiting project page while not logged in will redirect to sign-in instead of 404 (Jason Hollingsworth)
11		12
12	v 6.3.0	13	v 6.3.0
13	- API for adding gitlab-ci service	14	- API for adding gitlab-ci service
@@ -0,0 +1,26 @@		@@ -0,0 +1,26 @@
	1	+Feature: Project Redirects
	2	+ Background:
	3	+ Given public project "Community"
	4	+ And private project "Enterprise"
	5	+
	6	+ Scenario: I visit public project page
	7	+ When I visit project "Community" page
	8	+ Then I should see project "Community" home page
	9	+
	10	+ Scenario: I visit private project page
	11	+ When I visit project "Enterprise" page
	12	+ Then I should be redirected to sign in page
	13	+
	14	+ Scenario: I visit a non-existent project page
	15	+ When I visit project "CommunityDoesNotExist" page
	16	+ Then I should be redirected to sign in page
	17	+
	18	+ Scenario: I visit a non-existent project page as user
	19	+ Given I sign in as a user
	20	+ When I visit project "CommunityDoesNotExist" page
	21	+ Then page status code should be 404
	22	+
	23	+ Scenario: I visit unauthorized project page as user
	24	+ Given I sign in as a user
	25	+ When I visit project "Enterprise" page
	26	+ Then page status code should be 404
	@@ -16,11 +16,11 @@ Feature: Public Projects Feature		@@ -16,11 +16,11 @@ Feature: Public Projects Feature
16		16
17	Scenario: I visit internal project page	17	Scenario: I visit internal project page
18	When I visit project "Internal" page	18	When I visit project "Internal" page
19	- Then page status code should be 404	19	+ Then I should be redirected to sign in page
20		20
21	Scenario: I visit private project page	21	Scenario: I visit private project page
22	When I visit project "Enterprise" page	22	When I visit project "Enterprise" page
23	- Then page status code should be 404	23	+ Then I should be redirected to sign in page
24		24
25	Scenario: I visit an empty public project page	25	Scenario: I visit an empty public project page
26	Given public empty project "Empty Public Project"	26	Given public empty project "Empty Public Project"
@@ -0,0 +1,35 @@		@@ -0,0 +1,35 @@
	1	+class Spinach::Features::ProjectRedirects < Spinach::FeatureSteps
	2	+ include SharedAuthentication
	3	+ include SharedPaths
	4	+ include SharedProject
	5	+
	6	+ step 'public project "Community"' do
	7	+ create :project_with_code, name: 'Community', visibility_level: Gitlab::VisibilityLevel::PUBLIC
	8	+ end
	9	+
	10	+ step 'private project "Enterprise"' do
	11	+ create :project, name: 'Enterprise'
	12	+ end
	13	+
	14	+ step 'I visit project "Community" page' do
	15	+ project = Project.find_by_name('Community')
	16	+ visit project_path(project)
	17	+ end
	18	+
	19	+ step 'I should see project "Community" home page' do
	20	+ within '.project-home-title' do
	21	+ page.should have_content 'Community'
	22	+ end
	23	+ end
	24	+
	25	+ step 'I visit project "Enterprise" page' do
	26	+ project = Project.find_by_name('Enterprise')
	27	+ visit project_path(project)
	28	+ end
	29	+
	30	+ step 'I visit project "CommunityDoesNotExist" page' do
	31	+ project = Project.find_by_name('Community')
	32	+ visit project_path(project) + 'DoesNotExist'
	33	+ end
	34	+end
	35	+