htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Redirect users after sign in to their desired page

Browse Source
This commit is contained in:
Sebastian Serth
2023-11-30 23:01:39 +01:00
parent cee3ceb188
commit 5ddc5a8ca5
7 changed files with 84 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
spec/controllers/application_controller_spec.rb
View File

@ -30,11 +30,26 @@ RSpec.describe ApplicationController do
describe '#render_not_authorized' do
before do
allow(controller).to receive(:welcome) { controller.send(:render_not_authorized) }
login_user(user) if defined?(user)
get :welcome
end
expect_flash_message(:alert, I18n.t('application.not_authorized'))
expect_redirect(:root)
expect_flash_message(:alert, I18n.t('application.not_signed_in'))
expect_redirect(:sign_in)
context 'with an admin' do
let(:user) { create(:admin) }
expect_flash_message(:alert, I18n.t('application.not_authorized'))
expect_redirect(:root)
end
context 'with a teacher' do
let(:user) { create(:teacher) }
expect_flash_message(:alert, I18n.t('application.not_authorized'))
expect_redirect(:root)
end
end
describe '#render_not_found' do
@ -44,19 +59,21 @@ RSpec.describe ApplicationController do
get :welcome
end
expect_flash_message(:alert, I18n.t('application.not_authorized'))
expect_redirect(:root)
expect_flash_message(:alert, I18n.t('application.not_signed_in'))
expect_redirect(:sign_in)
context 'with an admin' do
let(:user) { create(:admin) }
expect_flash_message(:alert, I18n.t('application.not_found'))
expect_redirect(:root)
end
context 'with a teacher' do
let(:user) { create(:teacher) }
expect_flash_message(:alert, I18n.t('application.not_authorized'))
expect_redirect(:root)
end
end

12
spec/controllers/internal_users_controller_spec.rb
View File

@ -19,7 +19,7 @@ RSpec.describe InternalUsersController do
context 'without a valid activation token' do
before { get :activate, params: {id: user.id} }
expect_redirect(:root)
expect_redirect(:sign_in)
end
context 'with an already activated user' do
@ -28,7 +28,7 @@ RSpec.describe InternalUsersController do
get :activate, params: {id: user.id, token: user.activation_token}
end
expect_redirect(:root)
expect_redirect(:sign_in)
end
context 'with valid preconditions' do
@ -56,7 +56,7 @@ RSpec.describe InternalUsersController do
context 'without a valid activation token' do
before { put :activate, params: {id: user.id} }
expect_redirect(:root)
expect_redirect(:sign_in)
end
context 'with an already activated user' do
@ -65,7 +65,7 @@ RSpec.describe InternalUsersController do
put :activate, params: {id: user.id, internal_user: {activation_token: user.activation_token, password:, password_confirmation: password}}
end
expect_redirect(:root)
expect_redirect(:sign_in)
end
context 'without a password' do
@ -249,7 +249,7 @@ RSpec.describe InternalUsersController do
context 'without a valid password reset token' do
before { get :reset_password, params: {id: user.id} }
expect_redirect(:root)
expect_redirect(:sign_in)
end
context 'with a valid password reset token' do
@ -270,7 +270,7 @@ RSpec.describe InternalUsersController do
context 'without a valid password reset token' do
before { put :reset_password, params: {id: user.id} }
expect_redirect(:root)
expect_redirect(:sign_in)
end
context 'with a valid password reset token' do

46
spec/features/authentication_spec.rb
View File

@ -3,8 +3,8 @@
require 'rails_helper'
RSpec.describe 'Authentication' do
let(:user) { create(:admin) }
let(:password) { attributes_for(:admin)[:password] }
let(:user) { create(:teacher) }
let(:password) { attributes_for(:teacher)[:password] }
context 'when signed out' do
before { visit(root_path) }
@ -33,6 +33,38 @@ RSpec.describe 'Authentication' do
end
end
context 'when a restricted sub-page is opened' do
let(:exercise) { create(:math, user:, public: false) }
before { visit(exercise_path(exercise)) }
it 'displays a sign in link' do
expect(page).to have_content(I18n.t('sessions.new.link'))
end
it 'shows a notification' do
expect(page).to have_content(I18n.t('application.not_signed_in'))
end
it 'redirects to the desired page immediately after sign-in' do
fill_in('Email', with: user.email)
fill_in('Password', with: password)
click_button(I18n.t('sessions.new.link'))
expect(page).to have_content(exercise.title)
end
context 'when a user still has no access' do
let(:exercise) { create(:math, public: false) }
it 'informs the user about missing permissions' do
fill_in('Email', with: user.email)
fill_in('Password', with: password)
click_button(I18n.t('sessions.new.link'))
expect(page).to have_content(I18n.t('application.not_authorized'))
end
end
end
context 'with no authentication token' do
let(:request_for_comment) { create(:rfc_with_comment, user:) }
let(:rfc_path) { request_for_comment_url(request_for_comment) }
@ -41,8 +73,8 @@ RSpec.describe 'Authentication' do
visit(rfc_path)
expect(page).not_to have_current_path(rfc_path)
expect(page).not_to have_content(request_for_comment.exercise.title)
expect(page).to have_current_path(root_path)
expect(page).to have_content(I18n.t('application.not_authorized'))
expect(page).to have_current_path(sign_in_path)
expect(page).to have_content(I18n.t('application.not_signed_in'))
end
end
@ -75,8 +107,8 @@ RSpec.describe 'Authentication' do
visit(rfc_link)
expect(page).not_to have_current_path(rfc_link)
expect(page).not_to have_content(request_for_comment.exercise.title)
expect(page).to have_current_path(root_path)
expect(page).to have_content(I18n.t('application.not_authorized'))
expect(page).to have_current_path(sign_in_path)
expect(page).to have_content(I18n.t('application.not_signed_in'))
end
end
@ -95,7 +127,7 @@ RSpec.describe 'Authentication' do
expect(page).to have_current_path(rfc_link)
visit(sign_out_path)
visit(rfc_link)
expect(page).to have_current_path(root_path)
expect(page).to have_current_path(sign_in_path)
end
end
end