diff options
| author | Matthew Landauer <matthew@openaustralia.org> | 2013-01-31 13:23:19 +1100 |
|---|---|---|
| committer | Matthew Landauer <matthew@openaustralia.org> | 2013-01-31 13:23:53 +1100 |
| commit | ea03685aa9d09d7cd29e0ef875d3afa7758b29ea (patch) | |
| tree | 314620a0b88065e520858b5cf363775e07c164be | |
| parent | 5acd5cced50f72d0e88a4524f5aef23525511554 (diff) | |
There's really no need to test the internals of Rails
| -rw-r--r-- | app/controllers/request_controller.rb | 10 | ||||
| -rw-r--r-- | spec/integration/errors_spec.rb | 9 |
2 files changed, 7 insertions, 12 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index c18a97443..500738b91 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -709,9 +709,13 @@ class RequestController < ApplicationController key_path = foi_fragment_cache_path(key) if foi_fragment_cache_exists?(key_path) logger.info("Reading cache for #{key_path}") - raise PermissionDenied.new("Directory listing not allowed") if File.directory?(key_path) - render :text => foi_fragment_cache_read(key_path), - :content_type => (AlaveteliFileTypes.filename_to_mimetype(params[:file_name].join("/")) || 'application/octet-stream') + + if File.directory?(key_path) + render :text => "Directory listing not allowed", :status => 403 + else + render :text => foi_fragment_cache_read(key_path), + :content_type => (AlaveteliFileTypes.filename_to_mimetype(params[:file_name].join("/")) || 'application/octet-stream') + end return end diff --git a/spec/integration/errors_spec.rb b/spec/integration/errors_spec.rb index a44ed7051..0e3157ca8 100644 --- a/spec/integration/errors_spec.rb +++ b/spec/integration/errors_spec.rb @@ -4,26 +4,18 @@ describe "When rendering errors" do before(:each) do load_raw_emails_data - ActionController::Base.consider_all_requests_local = false - end - - after(:each) do - ActionController::Base.consider_all_requests_local = true end it "should render a 404 for unrouteable URLs" do get("/frobsnasm") - response.body.should include("The page doesn't exist") response.code.should == "404" end it "should render a 404 for users that don't exist" do get("/user/wobsnasm") - response.body.should include("The page doesn't exist") response.code.should == "404" end it "should render a 404 for bodies that don't exist" do get("/body/wobsnasm") - response.body.should include("The page doesn't exist") response.code.should == "404" end it "should render a 500 for general errors" do @@ -46,7 +38,6 @@ describe "When rendering errors" do end it "should render a 404 for non-existent 'details' pages for requests" do get("/details/request/wobble" ) - response.body.should include("The page doesn't exist") response.code.should == "404" end end |