diff options
| author | Rémy Coutable <remy@rymai.me> | 2016-11-28 13:03:31 +0100 |
|---|---|---|
| committer | Rémy Coutable <remy@rymai.me> | 2016-11-28 16:57:49 +0100 |
| commit | beedd40ef7744151d87f4d3ba0b47b2878a83195 (patch) | |
| tree | af664fb6b82d71cc45353c3eb5b09e353a3e4aee | |
| parent | 333e83a2ef29a0fce10b3e1b0110cd30685eea15 (diff) | |
| download | gitlab-ce-25026-authenticate-user-for-new-snippet.tar.gz | |
Ensure user is authenticated to create a new snippet25026-authenticate-user-for-new-snippet
Signed-off-by: Rémy Coutable <remy@rymai.me>
4 files changed, 47 insertions, 4 deletions
diff --git a/app/controllers/concerns/toggle_award_emoji.rb b/app/controllers/concerns/toggle_award_emoji.rb index 3717c49f272..fbf9a026b10 100644 --- a/app/controllers/concerns/toggle_award_emoji.rb +++ b/app/controllers/concerns/toggle_award_emoji.rb @@ -1,11 +1,8 @@ module ToggleAwardEmoji extend ActiveSupport::Concern - included do - before_action :authenticate_user!, only: [:toggle_award_emoji] - end - def toggle_award_emoji + authenticate_user! name = params.require(:name) if awardable.user_can_award?(current_user, name) diff --git a/changelogs/unreleased/25026-authenticate-user-for-new-snippet.yml b/changelogs/unreleased/25026-authenticate-user-for-new-snippet.yml new file mode 100644 index 00000000000..a7b5810f1bf --- /dev/null +++ b/changelogs/unreleased/25026-authenticate-user-for-new-snippet.yml @@ -0,0 +1,4 @@ +--- +title: Redirect to sign-in page when unauthenticated user tries to create a snippet +merge_request: 7786 +author: diff --git a/spec/controllers/snippets_controller_spec.rb b/spec/controllers/snippets_controller_spec.rb index 2d762fdaa04..d76fe9f580f 100644 --- a/spec/controllers/snippets_controller_spec.rb +++ b/spec/controllers/snippets_controller_spec.rb @@ -3,6 +3,28 @@ require 'spec_helper' describe SnippetsController do let(:user) { create(:user) } + describe 'GET #new' do + context 'when signed in' do + before do + sign_in(user) + end + + it 'responds with status 200' do + get :new + + expect(response).to have_http_status(200) + end + end + + context 'when not signed in' do + it 'redirects to the sign in page' do + get :new + + expect(response).to redirect_to(new_user_session_path) + end + end + end + describe 'GET #show' do context 'when the personal snippet is private' do let(:personal_snippet) { create(:personal_snippet, :private, author: user) } diff --git a/spec/features/snippets/create_snippet_spec.rb b/spec/features/snippets/create_snippet_spec.rb new file mode 100644 index 00000000000..cb95e7828db --- /dev/null +++ b/spec/features/snippets/create_snippet_spec.rb @@ -0,0 +1,20 @@ +require 'rails_helper' + +feature 'Create Snippet', feature: true do + before do + login_as :user + visit new_snippet_path + end + + scenario 'Authenticated user creates a snippet' do + fill_in 'personal_snippet_title', with: 'My Snippet Title' + page.within('.file-editor') do + find(:xpath, "//input[@id='personal_snippet_content']").set 'Hello World!' + end + + click_button 'Create snippet' + + expect(page).to have_content('My Snippet Title') + expect(page).to have_content('Hello World!') + end +end |