Download as
Browse Code »

Commit b4dca3f2ab6a72d0b7ee92b046b4de715d461de2

Authored by Arthur Esposte
1 parent 9e0361b9
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

remote_user_plugin: loggout the current user if no remote_user is received

Showing 2 changed files with 17 additions and 1 deletions   Show diff stats
plugins/remote_user/lib/remote_user_plugin.rb
  Diff comments   View file @b4dca3f
... ... @@ -14,7 +14,7 @@ class RemoteUserPlugin < Noosfero::Plugin
14 14 begin
15 15 remote_user = request.headers["HTTP_REMOTE_USER"]
16 16  
17   - if remote_user.nil?
  17 + if remote_user.blank?
18 18 if logged_in?
19 19 self.current_user.forget_me
20 20 reset_session
... ...
plugins/remote_user/test/functional/remote_user_plugin_test.rb
  Diff comments   View file @b4dca3f
... ... @@ -71,4 +71,20 @@ class AccountControllerTest < ActionController::TestCase
71 71 assert_equal true, User.last.activated?
72 72 assert_equal User.last.id, session[:user]
73 73 end
  74 +
  75 + should 'logout if there is a current logged user but not a remote user' do
  76 + user1 = create_user('testuser', :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test')
  77 + user1.activate
  78 +
  79 + login_as user1.login
  80 +
  81 + get :index
  82 +
  83 + assert session[:user].blank?
  84 +
  85 + @request.env["HTTP_REMOTE_USER"] = ""
  86 + get :index
  87 +
  88 + assert session[:user].blank?
  89 + end
74 90 end
... ...