diff options
author | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-04-11 18:57:18 -0300 |
---|---|---|
committer | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-04-11 20:50:26 -0300 |
commit | bee28e1785ad7844bd518c19106beee7d8a4c560 (patch) | |
tree | 8f5d96c3c79c6b560d97952ed6059bdc74080669 | |
parent | 93a10f17e0c84074580eaf1b101af2a0fffd19ed (diff) | |
download | gitlab-ce-bee28e1785ad7844bd518c19106beee7d8a4c560.tar.gz |
Requires user to be signed in when changing notification settings
4 files changed, 52 insertions, 0 deletions
diff --git a/app/controllers/groups/notification_settings_controller.rb b/app/controllers/groups/notification_settings_controller.rb index 1b46f26a378..de13b16ccf2 100644 --- a/app/controllers/groups/notification_settings_controller.rb +++ b/app/controllers/groups/notification_settings_controller.rb @@ -1,4 +1,6 @@ class Groups::NotificationSettingsController < Groups::ApplicationController + before_action :authenticate_user! + def update notification_setting = current_user.notification_settings_for(group) saved = notification_setting.update_attributes(notification_setting_params) diff --git a/app/controllers/projects/notification_settings_controller.rb b/app/controllers/projects/notification_settings_controller.rb index 90d294a4624..e536725c5b1 100644 --- a/app/controllers/projects/notification_settings_controller.rb +++ b/app/controllers/projects/notification_settings_controller.rb @@ -1,4 +1,6 @@ class Projects::NotificationSettingsController < Projects::ApplicationController + before_action :authenticate_user! + def create notification_setting = current_user.notification_settings_for(project) saved = notification_setting.update_attributes(notification_setting_params) diff --git a/spec/controllers/groups/notification_settings_controller_spec.rb b/spec/controllers/groups/notification_settings_controller_spec.rb new file mode 100644 index 00000000000..3572535d61c --- /dev/null +++ b/spec/controllers/groups/notification_settings_controller_spec.rb @@ -0,0 +1,17 @@ +require 'spec_helper' + +describe Groups::NotificationSettingsController do + let(:group) { create(:group) } + + describe '#update' do + context 'when not authorized' do + it 'redirects to sign in page' do + put :update, + group_id: group.to_param, + notification_setting: { level: NotificationSetting.levels[:participating] } + + expect(response).to redirect_to(new_user_session_path) + end + end + end +end diff --git a/spec/controllers/projects/notification_settings_controller_spec.rb b/spec/controllers/projects/notification_settings_controller_spec.rb new file mode 100644 index 00000000000..7e32a75b812 --- /dev/null +++ b/spec/controllers/projects/notification_settings_controller_spec.rb @@ -0,0 +1,31 @@ +require 'spec_helper' + +describe Projects::NotificationSettingsController do + let(:project) { create(:empty_project) } + + describe '#create' do + context 'when not authorized' do + it 'redirects to sign in page' do + post :create, + namespace_id: project.namespace.to_param, + project_id: project.to_param, + notification_setting: { level: NotificationSetting.levels[:participating] } + + expect(response).to redirect_to(new_user_session_path) + end + end + end + + describe '#update' do + context 'when not authorized' do + it 'redirects to sign in page' do + put :update, + namespace_id: project.namespace.to_param, + project_id: project.to_param, + notification_setting: { level: NotificationSetting.levels[:participating] } + + expect(response).to redirect_to(new_user_session_path) + end + end + end +end |