Download as
Browse Code »

Commit 403fa5effb8154d7ed342c152507d1641eb145a1

Authored by Antonio Terceiro
1 parent 43c3c5f7
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

ActionItem618: redirecting to login before giving "access denied"

Showing 3 changed files with 14 additions and 1 deletions   Show diff stats
app/controllers/my_profile_controller.rb
  Diff comments   View file @403fa5e
@@ -4,6 +4,8 @@ class MyProfileController < ApplicationController @@ -4,6 +4,8 @@ class MyProfileController < ApplicationController
4 4
5 require_ssl 5 require_ssl
6 6
  7 + before_filter :login_required
  8 +
7 # declares that the controller needs an specific type of profile. Example: 9 # declares that the controller needs an specific type of profile. Example:
8 # 10 #
9 # class PersonDetailControlles < ProfileAdminController 11 # class PersonDetailControlles < ProfileAdminController
lib/authenticated_system.rb
  Diff comments   View file @403fa5e
@@ -86,7 +86,7 @@ module AuthenticatedSystem @@ -86,7 +86,7 @@ module AuthenticatedSystem
86 # Redirect to the URI stored by the most recent store_location call or 86 # Redirect to the URI stored by the most recent store_location call or
87 # to the passed default. 87 # to the passed default.
88 def redirect_back_or_default(default) 88 def redirect_back_or_default(default)
89 - session[:return_to] ? redirect_to_url(session[:return_to]) : redirect_to(default) 89 + session[:return_to] ? redirect_to(session[:return_to]) : redirect_to(default)
90 session[:return_to] = nil 90 session[:return_to] = nil
91 end 91 end
92 92
test/integration/login_to_the_application_test.rb
  Diff comments   View file @403fa5e
@@ -18,4 +18,15 @@ class LoginToTheApplicationTest &lt; ActionController::IntegrationTest @@ -18,4 +18,15 @@ class LoginToTheApplicationTest &lt; ActionController::IntegrationTest
18 18
19 end 19 end
20 20
  21 + def test_unauthenticated_user_tries_to_access_his_control_panel
  22 + Environment.any_instance.stubs(:disable_ssl).returns(true) # ignore SSL for this test
  23 +
  24 + get '/myprofile/ze'
  25 + assert_redirected_to '/account/login'
  26 +
  27 + post '/account/login', :user => { :login => 'ze', :password => "test" }
  28 +
  29 + assert_redirected_to '/myprofile/ze'
  30 + end
  31 +
21 end 32 end