diff options
| author | Cagdas Gerede <Earth@BlueSky> | 2016-11-15 01:59:11 +0300 |
|---|---|---|
| committer | Cagdas Gerede <Earth@BlueSky> | 2016-11-15 01:59:11 +0300 |
| commit | 5f2d45c956eba7e24f5f8572409230383b663bfe (patch) | |
| tree | 14a4bdf48aeb7bfbb8ee6e9257f6ab3893d484c2 | |
| parent | 37cad72970c1e75f9c63425bba780d7bfe554b95 (diff) | |
| download | gitlab-ce-5f2d45c956eba7e24f5f8572409230383b663bfe.tar.gz | |
Add authentication for for create action. Add more tests for for new and create actions
| -rw-r--r-- | app/controllers/projects/forks_controller.rb | 3 | ||||
| -rw-r--r-- | spec/controllers/projects/forks_controller_spec.rb | 61 |
2 files changed, 56 insertions, 8 deletions
diff --git a/app/controllers/projects/forks_controller.rb b/app/controllers/projects/forks_controller.rb index 5151b7747ce..ba46e2528e6 100644 --- a/app/controllers/projects/forks_controller.rb +++ b/app/controllers/projects/forks_controller.rb @@ -4,6 +4,7 @@ class Projects::ForksController < Projects::ApplicationController # Authorize before_action :require_non_empty_project before_action :authorize_download_code! + before_action :authenticate_user!, only: [:new, :create] def index base_query = project.forks.includes(:creator) @@ -29,8 +30,6 @@ class Projects::ForksController < Projects::ApplicationController end def new - return authenticate_user! unless current_user - @namespaces = current_user.manageable_namespaces @namespaces.delete(@project.namespace) end diff --git a/spec/controllers/projects/forks_controller_spec.rb b/spec/controllers/projects/forks_controller_spec.rb index d29404e4a11..ad1f4b849e5 100644 --- a/spec/controllers/projects/forks_controller_spec.rb +++ b/spec/controllers/projects/forks_controller_spec.rb @@ -69,15 +69,64 @@ describe Projects::ForksController do end describe 'GET new' do - context 'when user is not logged in' do - before { sign_out(user) } + def get_new + get :new, + namespace_id: project.namespace.to_param, + project_id: project.to_param + end + + context 'when user is signed in' do + + it 'responds with status 200' do + sign_in(user) + + get_new + + expect(response).to have_http_status(200) + end + end + + context 'when user is not signed in' do + + it 'redirects to the sign-in page' do + sign_out(user) + + get_new + + expect(response).to redirect_to(new_user_session_path) + end + end + end + + describe 'POST create' do + def post_create + post :create, + namespace_id: project.namespace.to_param, + project_id: project.to_param, + namespace_key: user.namespace.id + end + + context 'when user is signed in' do + + it 'responds with status 302' do + sign_in(user) + + post_create + + expect(response).to have_http_status(302) + expected_import_url = namespace_project_import_url(user.namespace, project) + expect(response.headers['Location']).to eq(expected_import_url) + end + end + + context 'when user is not signed in' do it 'redirects to the sign-in page' do - get :new, - namespace_id: project.namespace.to_param, - project_id: project.to_param + sign_out(user) + + post_create - expect(response).to redirect_to(root_path + 'users/sign_in') + expect(response).to redirect_to(new_user_session_path) end end end |