Fix PWA availability for organizations with forced sign in (#11805)

* Add /manifest.webmanifest to unauthorized_paths on ForceAuthentication concern * Add system spec
decidim · Oct 24, 2023 · f25fd77 · f25fd77
1 parent 01dfd49
commit f25fd77
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 2 deletions.
diff --git a/decidim-core/app/controllers/concerns/decidim/force_authentication.rb b/decidim-core/app/controllers/concerns/decidim/force_authentication.rb
@@ -35,11 +35,15 @@ def allow_unauthorized_path?
     end
 
     def unauthorized_paths
-      # /locale is for changing the locale
-      %w(/locale) + Decidim::StaticPage.where(
+      default_unauthorized_paths + Decidim::StaticPage.where(
         organization: current_organization,
         allow_public_access: true
       ).pluck(Arel.sql("CONCAT('/pages/', slug)"))
     end
+
+    def default_unauthorized_paths
+      # /locale is for changing the locale and /manifest.webmanifest to request PWA manifest
+      %w(/locale /manifest.webmanifest)
+    end
   end
 end
diff --git a/decidim-core/spec/system/user_redirect_spec.rb b/decidim-core/spec/system/user_redirect_spec.rb
@@ -12,6 +12,20 @@
 
     let(:user) { create(:user, :confirmed, organization: organization) }
 
+    context "when accessing manifest" do
+      before do
+        visit decidim.manifest_path(format: "webmanifest")
+      end
+
+      it "does not redirect to login page" do
+        expect(page).not_to have_content("Log in")
+      end
+
+      it "renders a JSON with the manifest" do
+        expect(page).to have_content("\"display\": \"standalone\"")
+      end
+    end
+
     context "when logging for the first time" do
       before do
         visit decidim.pages_path