From 5f2d45c956eba7e24f5f8572409230383b663bfe Mon Sep 17 00:00:00 2001
From: Cagdas Gerede <Earth@BlueSky>
Date: Tue, 15 Nov 2016 01:59:11 +0300
Subject: Add authentication for for create action. Add more tests for for new
 and create actions

---
 app/controllers/projects/forks_controller.rb       |  3 +-
 spec/controllers/projects/forks_controller_spec.rb | 61 +++++++++++++++++++---
 2 files changed, 56 insertions(+), 8 deletions(-)

diff --git a/app/controllers/projects/forks_controller.rb b/app/controllers/projects/forks_controller.rb
index 5151b7747ce..ba46e2528e6 100644
--- a/app/controllers/projects/forks_controller.rb
+++ b/app/controllers/projects/forks_controller.rb
@@ -4,6 +4,7 @@ class Projects::ForksController < Projects::ApplicationController
   # Authorize
   before_action :require_non_empty_project
   before_action :authorize_download_code!
+  before_action :authenticate_user!, only: [:new, :create]
 
   def index
     base_query = project.forks.includes(:creator)
@@ -29,8 +30,6 @@ class Projects::ForksController < Projects::ApplicationController
   end
 
   def new
-    return authenticate_user! unless current_user
-
     @namespaces = current_user.manageable_namespaces
     @namespaces.delete(@project.namespace)
   end
diff --git a/spec/controllers/projects/forks_controller_spec.rb b/spec/controllers/projects/forks_controller_spec.rb
index d29404e4a11..ad1f4b849e5 100644
--- a/spec/controllers/projects/forks_controller_spec.rb
+++ b/spec/controllers/projects/forks_controller_spec.rb
@@ -69,15 +69,64 @@ describe Projects::ForksController do
   end
 
   describe 'GET new' do
-    context 'when user is not logged in' do
-      before { sign_out(user) }
+    def get_new
+      get :new,
+        namespace_id: project.namespace.to_param,
+        project_id: project.to_param
+    end
+
+    context 'when user is signed in' do
+
+      it 'responds with status 200' do
+        sign_in(user)
+
+        get_new
+
+        expect(response).to have_http_status(200)
+      end
+    end
+
+    context 'when user is not signed in' do
+
+      it 'redirects to the sign-in page' do
+        sign_out(user)
+
+        get_new
+
+        expect(response).to redirect_to(new_user_session_path)
+      end
+    end
+  end
+
+  describe 'POST create' do
+    def post_create
+      post :create,
+        namespace_id: project.namespace.to_param,
+        project_id: project.to_param,
+        namespace_key: user.namespace.id
+    end
+
+    context 'when user is signed in' do
+
+      it 'responds with status 302' do
+        sign_in(user)
+
+        post_create
+
+        expect(response).to have_http_status(302)
+        expected_import_url = namespace_project_import_url(user.namespace, project)
+        expect(response.headers['Location']).to eq(expected_import_url)
+      end
+    end
+
+    context 'when user is not signed in' do
 
       it 'redirects to the sign-in page' do
-        get :new,
-          namespace_id: project.namespace.to_param,
-          project_id: project.to_param
+        sign_out(user)
+
+        post_create
 
-        expect(response).to redirect_to(root_path + 'users/sign_in')
+        expect(response).to redirect_to(new_user_session_path)
       end
     end
   end
-- 
cgit v1.2.1