Auth sign out (#2511)
* Add a spec for signing out * Add spec showing that suspended user gets a 403 forbidden on sign out * Allow suspended account users to sign outpull/15/head
parent
bea97ea766
commit
268dd32d76
|
@ -6,6 +6,7 @@ class Auth::SessionsController < Devise::SessionsController
|
||||||
layout 'auth'
|
layout 'auth'
|
||||||
|
|
||||||
skip_before_action :require_no_authentication, only: [:create]
|
skip_before_action :require_no_authentication, only: [:create]
|
||||||
|
skip_before_action :check_suspension, only: [:destroy]
|
||||||
prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create]
|
prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create]
|
||||||
|
|
||||||
def create
|
def create
|
||||||
|
|
|
@ -16,6 +16,33 @@ RSpec.describe Auth::SessionsController, type: :controller do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe 'DELETE #destroy' do
|
||||||
|
let(:user) { Fabricate(:user) }
|
||||||
|
|
||||||
|
before do
|
||||||
|
request.env['devise.mapping'] = Devise.mappings[:user]
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with a regular user' do
|
||||||
|
it 'redirects to home after sign out' do
|
||||||
|
sign_in(user, scope: :user)
|
||||||
|
delete :destroy
|
||||||
|
|
||||||
|
expect(response).to redirect_to(root_path)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with a suspended user' do
|
||||||
|
it 'redirects to home after sign out' do
|
||||||
|
Fabricate(:account, user: user, suspended: true)
|
||||||
|
sign_in(user, scope: :user)
|
||||||
|
delete :destroy
|
||||||
|
|
||||||
|
expect(response).to redirect_to(root_path)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe 'POST #create' do
|
describe 'POST #create' do
|
||||||
before do
|
before do
|
||||||
request.env['devise.mapping'] = Devise.mappings[:user]
|
request.env['devise.mapping'] = Devise.mappings[:user]
|
||||||
|
|
Loading…
Reference in New Issue