Login before accepting TOC

If a user is not logged in, instead of erroing is someone is trying to access a member edit page, redirect them to the login page (through GitHub). Fixes rb#465
codebar · Jul 11, 2023 · 278893c · 278893c
1 parent aab15b4
commit 278893c
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 0 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -61,6 +61,10 @@ def logged_in?
 
   def accept_terms
     store_path
+
+    # https://guides.rubyonrails.org/layouts_and_rendering.html#avoiding-double-render-errors
+    redirect_to redirect_path and return unless logged_in?
+
     redirect_to terms_and_conditions_path if current_user.accepted_toc_at.blank?
   end
 

diff --git a/app/controllers/member/details_controller.rb b/app/controllers/member/details_controller.rb
@@ -7,6 +7,8 @@ class Member::DetailsController < ApplicationController
 
   def edit
     accept_terms
+    # https://apidock.com/rails/ActionController/Metal/performed%3F
+    return if performed?
 
     flash[notice] = I18n.t('notifications.signing_up')
     @member.newsletter ||= true

diff --git a/spec/controllers/details_controller_spec.rb b/spec/controllers/details_controller_spec.rb
@@ -0,0 +1,12 @@
+require 'spec_helper'
+
+RSpec.describe Member::DetailsController, type: :controller do
+  describe "GET edit" do
+    context "When a user is not logged in" do
+      it "redirects to GitHub authentication" do
+        get :edit
+        expect(response).to redirect_to("/auth/github")
+      end
+    end
+  end
+end