diff --git a/plugins/remote_user/lib/remote_user_plugin.rb b/plugins/remote_user/lib/remote_user_plugin.rb index ffcf1fc..c8a0cf2 100644 --- a/plugins/remote_user/lib/remote_user_plugin.rb +++ b/plugins/remote_user/lib/remote_user_plugin.rb @@ -14,7 +14,7 @@ class RemoteUserPlugin < Noosfero::Plugin begin remote_user = request.headers["HTTP_REMOTE_USER"] - if remote_user.nil? + if remote_user.blank? if logged_in? self.current_user.forget_me reset_session diff --git a/plugins/remote_user/test/functional/remote_user_plugin_test.rb b/plugins/remote_user/test/functional/remote_user_plugin_test.rb index 5b3647a..13f25ef 100644 --- a/plugins/remote_user/test/functional/remote_user_plugin_test.rb +++ b/plugins/remote_user/test/functional/remote_user_plugin_test.rb @@ -71,4 +71,20 @@ class AccountControllerTest < ActionController::TestCase assert_equal true, User.last.activated? assert_equal User.last.id, session[:user] end + + should 'logout if there is a current logged user but not a remote user' do + user1 = create_user('testuser', :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test') + user1.activate + + login_as user1.login + + get :index + + assert session[:user].blank? + + @request.env["HTTP_REMOTE_USER"] = "" + get :index + + assert session[:user].blank? + end end -- libgit2 0.21.2