Created
March 12, 2012 19:03
-
-
Save ogredude/2024001 to your computer and use it in GitHub Desktop.
Spec fails, expected response to be a <:redirect> but was <200>. Trying to fetch from browser, we clearly see a redirect request in the server log. WTF?
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ApplicationController < ActionController::Base | |
protect_from_forgery | |
before_filter :find_states | |
helper_method :current_user | |
rescue_from CanCan::AccessDenied do |exception| | |
flash[:error] = exception.message | |
redirect_to root_url | |
end | |
private | |
def current_user_session | |
return @current_user_session if defined?(@current_user_session) | |
@current_user_session = UserSession.find | |
end | |
def current_user | |
@current_user = current_user_session && current_user_session.record | |
end | |
def require_user | |
unless current_user | |
render :nothing => true, :status => 401 and return if request.xhr? | |
store_location | |
flash[:error] = "You must be logged in to access this page." | |
redirect_to login_url | |
return false | |
end | |
end | |
def require_no_user | |
if current_user | |
store_location | |
flash[:error] = "You must be logged out to access this page" | |
redirect_to user_url(:current) | |
end | |
end | |
def authorize_admin! | |
store_location | |
unless current_user.admin? | |
flash[:alert] = "You must be an admin to do that." | |
redirect_back_or_default | |
end | |
end | |
def store_location | |
session[:return_to] = request.fullpath | |
end | |
def redirect_back_or_default(default) | |
redirect_to(session[:return_to] || default) | |
session[:return_to] = nil | |
end | |
def find_states | |
@states = State.all | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class FilesController < ApplicationController | |
before_filter :require_user | |
def show | |
asset = Asset.find(params[:id]) | |
send_file asset.asset.path, :filename => asset.asset_file_name, :content_type => asset.asset_content_type | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'spec_helper' | |
describe FilesController do | |
let(:ticket) { Fabricate(:ticket) } | |
let(:user) { Fabricate(:user) } | |
let(:path) { Rails.root + "spec/fixtures/speed.txt" } | |
let(:asset) { ticket.assets.create(:asset => File.open(path)) } | |
before(:each) do | |
activate_authlogic | |
end | |
context "logged out user" do | |
it "cannot access assets in a ticket" do | |
get "show", :id => asset.id | |
response.should redirect_to(login_path) | |
flash[:error].should eql("You must be logged in to access this page.") | |
end | |
end | |
context "logged in user" do | |
before(:each) do | |
sign_in user | |
end | |
it "can access assets in a ticket" do | |
get "show", :id => asset.id | |
response.body.should eql(File.read(path)) | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment