tests

spec/controllers/application_controller_spec.rb

@@ -367,4 +367,27 @@ def show
       expect(response).to render_template(partial: 'about/_accept_tos')
     end
   end
+
+  describe "#check_suspension" do
+    controller do
+      def index
+        render json: {logged_in: current_user.present?}
+      end
+    end
+
+    it "does not log out unsuspended" do
+      user = create(:user)
+      login_as(user)
+      get :index
+      expect(response.json['logged_in']).to be(true)
+    end
+
+    it "logs out suspended" do
+      user = create(:user)
+      user.role_id = Permissible::SUSPENDED
+      user.save
+      get :index
+      expect(response.json['logged_in']).to eq(false)
+    end
+  end
 end

spec/controllers/sessions_controller_spec.rb

@@ -54,6 +54,13 @@
       expect(controller.send(:logged_in?)).not_to eq(true)
     end
 
+    it "requires unsuspended user" do
+      user = create(:user, role_id: Permissible::SUSPENDED)
+      post :create, params: { username: user.username }
+      expect(flash[:error]).to eq("You could not be logged in.")
+      expect(controller.send(:logged_in?)).not_to eq(true)
+    end
+
     it "disallows logins with old passwords when reset is pending" do
       user = create(:user)
       create(:password_reset, user: user)