Commit ea121f37f2ce66c963f8e005440e513bce48a86d
1 parent
5a1eee95
Exists in
master
and in
14 other branches
profile-roles: answer not found when accessing person profile
Showing
2 changed files
with
13 additions
and
0 deletions
Show diff stats
app/controllers/my_profile/profile_roles_controller.rb
| 1 | class ProfileRolesController < MyProfileController | 1 | class ProfileRolesController < MyProfileController |
| 2 | 2 | ||
| 3 | protect 'manage_custom_roles', :profile | 3 | protect 'manage_custom_roles', :profile |
| 4 | + before_filter :ensure_organization | ||
| 4 | 5 | ||
| 5 | def index | 6 | def index |
| 6 | @roles = profile.custom_roles | 7 | @roles = profile.custom_roles |
| @@ -113,4 +114,8 @@ class ProfileRolesController < MyProfileController | @@ -113,4 +114,8 @@ class ProfileRolesController < MyProfileController | ||
| 113 | end | 114 | end |
| 114 | end | 115 | end |
| 115 | 116 | ||
| 117 | + def ensure_organization | ||
| 118 | + render_not_found unless profile.organization? | ||
| 119 | + end | ||
| 120 | + | ||
| 116 | end | 121 | end |
test/functional/profile_roles_controller_test.rb
| @@ -103,4 +103,12 @@ class ProfileRolesControllerTest < ActionController::TestCase | @@ -103,4 +103,12 @@ class ProfileRolesControllerTest < ActionController::TestCase | ||
| 103 | assert_not_includes community.members_by_role(role), moderator | 103 | assert_not_includes community.members_by_role(role), moderator |
| 104 | assert_not_includes community.members_by_role(moderator_role), moderator | 104 | assert_not_includes community.members_by_role(moderator_role), moderator |
| 105 | end | 105 | end |
| 106 | + | ||
| 107 | + should 'avoid access with person profile' do | ||
| 108 | + person = create_user('sample_user').person | ||
| 109 | + login_as person.identifier | ||
| 110 | + get :index , :profile => person.identifier | ||
| 111 | + | ||
| 112 | + assert_response 404 | ||
| 113 | + end | ||
| 106 | end | 114 | end |