Skip to content

Commit

Permalink
require admin for review show and index
Browse files Browse the repository at this point in the history
  • Loading branch information
@lsat12357
lsat12357 committed Oct 20, 2016
1 parent 5d12b0a commit 1a9874a
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 6 deletions.
3 changes: 2 additions & 1 deletion app/controllers/review_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
class ReviewController < AdminController
include GitInterface

before_filter :require_admin

def index
@terms = review_list
if @terms.nil?
Expand Down
22 changes: 17 additions & 5 deletions spec/controllers/review_controller_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,9 @@ class DummyController < AdminController
let(:uri) { "http://opaquenamespace.org/ns/blah" }
let(:resource) { instance_double("Vocabulary") }
let(:dummy_class) { DummyController.new }
let(:user) { User.create(:email => 'george@blah.com', :name => 'George Smith', :password => "admin123",:role => "admin")}

let(:user) { User.create(:email => 'blah@blah.com', :password => "admin123",:role => "admin", :institution => "Oregon State University", :name => "Test")}
before do
allow_any_instance_of(DummyController).to receive(:current_user).and_return(user)
sign_in(user) if user
setup_for_review_test(dummy_class)
end
after do
Expand Down Expand Up @@ -45,6 +44,13 @@ class DummyController < AdminController
expect(flash[:notice]).to include("Something went wrong")
end
end
context "when logged out" do
let(:user) { }
it "should require login" do
get :index
expect(response.body).to have_content("Only admin can access")
end
end
end
end

Expand All @@ -53,9 +59,10 @@ class DummyController < AdminController
let(:uri) { "http://opaquenamespace.org/ns/blah" }
let(:resource) { instance_double("Vocabulary") }
let(:dummy_class) { DummyController.new }
let(:user) { User.create(:email => 'george@blah.com', :name => 'George Smith', :password => "admin123",:role => "admin")}
let(:user) { User.create(:email => 'blah@blah.com', :password => "admin123",:role => "admin", :institution => "Oregon State University", :name => "Test")}

before do
sign_in(user) if user
allow_any_instance_of(DummyController).to receive(:current_user).and_return(user)
setup_for_review_test(dummy_class)
get :show, :id => "blah"
Expand All @@ -67,7 +74,12 @@ class DummyController < AdminController
expect(response).to be_success
expect(response).to render_template "show"
end

context "when logged out" do
let(:user) { }
it "should require login" do
expect(response.body).to have_content("Only admin can access")
end
end
end
end

Expand Down

0 comments on commit 1a9874a

Please sign in to comment.