summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/controllers/concerns/toggle_award_emoji.rb5
-rw-r--r--changelogs/unreleased/25026-authenticate-user-for-new-snippet.yml4
-rw-r--r--spec/controllers/snippets_controller_spec.rb22
-rw-r--r--spec/features/snippets/create_snippet_spec.rb20
4 files changed, 47 insertions, 4 deletions
diff --git a/app/controllers/concerns/toggle_award_emoji.rb b/app/controllers/concerns/toggle_award_emoji.rb
index 3717c49f272..fbf9a026b10 100644
--- a/app/controllers/concerns/toggle_award_emoji.rb
+++ b/app/controllers/concerns/toggle_award_emoji.rb
@@ -1,11 +1,8 @@
module ToggleAwardEmoji
extend ActiveSupport::Concern
- included do
- before_action :authenticate_user!, only: [:toggle_award_emoji]
- end
-
def toggle_award_emoji
+ authenticate_user!
name = params.require(:name)
if awardable.user_can_award?(current_user, name)
diff --git a/changelogs/unreleased/25026-authenticate-user-for-new-snippet.yml b/changelogs/unreleased/25026-authenticate-user-for-new-snippet.yml
new file mode 100644
index 00000000000..a7b5810f1bf
--- /dev/null
+++ b/changelogs/unreleased/25026-authenticate-user-for-new-snippet.yml
@@ -0,0 +1,4 @@
+---
+title: Redirect to sign-in page when unauthenticated user tries to create a snippet
+merge_request: 7786
+author:
diff --git a/spec/controllers/snippets_controller_spec.rb b/spec/controllers/snippets_controller_spec.rb
index 2d762fdaa04..d76fe9f580f 100644
--- a/spec/controllers/snippets_controller_spec.rb
+++ b/spec/controllers/snippets_controller_spec.rb
@@ -3,6 +3,28 @@ require 'spec_helper'
describe SnippetsController do
let(:user) { create(:user) }
+ describe 'GET #new' do
+ context 'when signed in' do
+ before do
+ sign_in(user)
+ end
+
+ it 'responds with status 200' do
+ get :new
+
+ expect(response).to have_http_status(200)
+ end
+ end
+
+ context 'when not signed in' do
+ it 'redirects to the sign in page' do
+ get :new
+
+ expect(response).to redirect_to(new_user_session_path)
+ end
+ end
+ end
+
describe 'GET #show' do
context 'when the personal snippet is private' do
let(:personal_snippet) { create(:personal_snippet, :private, author: user) }
diff --git a/spec/features/snippets/create_snippet_spec.rb b/spec/features/snippets/create_snippet_spec.rb
new file mode 100644
index 00000000000..cb95e7828db
--- /dev/null
+++ b/spec/features/snippets/create_snippet_spec.rb
@@ -0,0 +1,20 @@
+require 'rails_helper'
+
+feature 'Create Snippet', feature: true do
+ before do
+ login_as :user
+ visit new_snippet_path
+ end
+
+ scenario 'Authenticated user creates a snippet' do
+ fill_in 'personal_snippet_title', with: 'My Snippet Title'
+ page.within('.file-editor') do
+ find(:xpath, "//input[@id='personal_snippet_content']").set 'Hello World!'
+ end
+
+ click_button 'Create snippet'
+
+ expect(page).to have_content('My Snippet Title')
+ expect(page).to have_content('Hello World!')
+ end
+end