diff options
| author | Gareth Rees <gareth@mysociety.org> | 2014-03-11 14:37:48 +0000 |
|---|---|---|
| committer | Gareth Rees <gareth@mysociety.org> | 2014-03-13 11:48:43 +0000 |
| commit | 73d0f361fd4e49f11b3b99db7b3dc2b06dc9e9d7 (patch) | |
| tree | 6f4af5f7e1c3043d9a45e5d57ad8c6be3026d7f1 | |
| parent | 68a9536dc68f35965156aeb84c9f4c5bee391159 (diff) | |
Use filter to reject if user is banned
Extract checking whether a user is banned from making Comments on an
InfoRequest to a filter in CommentController.
Removes responsibility from the #new method.
Adds a missing spec.
| -rw-r--r-- | app/controllers/comment_controller.rb | 16 | ||||
| -rw-r--r-- | spec/controllers/comment_controller_spec.rb | 13 |
2 files changed, 22 insertions, 7 deletions
diff --git a/app/controllers/comment_controller.rb b/app/controllers/comment_controller.rb index ce022f000..5e39c3a2c 100644 --- a/app/controllers/comment_controller.rb +++ b/app/controllers/comment_controller.rb @@ -9,6 +9,7 @@ class CommentController < ApplicationController before_filter :find_info_request, :only => [ :new ] before_filter :create_track_thing, :only => [ :new ] before_filter :reject_unless_comments_allowed, :only => [ :new ] + before_filter :reject_if_user_banned, :only => [ :new ] protect_from_forgery :only => [ :new ] def new @@ -19,13 +20,6 @@ class CommentController < ApplicationController })) end - # Banned from adding comments? - if !authenticated_user.nil? && !authenticated_user.can_make_comments? - @details = authenticated_user.can_fail_html - render :template => 'user/banned' - return - end - if params[:comment] # XXX this check should theoretically be a validation rule in the model @existing_comment = Comment.find_existing(@info_request.id, params[:comment][:body]) @@ -106,4 +100,12 @@ class CommentController < ApplicationController end end + # Banned from adding comments? + def reject_if_user_banned + if authenticated_user && !authenticated_user.can_make_comments? + @details = authenticated_user.can_fail_html + render :template => 'user/banned' + end + end + end diff --git a/spec/controllers/comment_controller_spec.rb b/spec/controllers/comment_controller_spec.rb index 3ad334ab1..5e250f689 100644 --- a/spec/controllers/comment_controller_spec.rb +++ b/spec/controllers/comment_controller_spec.rb @@ -66,6 +66,19 @@ describe CommentController, "when commenting on a request" do flash[:notice].should == 'Comments are not allowed on this request' end + it "should not allow comments from banned users" do + User.any_instance.stub(:ban_text).and_return('Banned from commenting') + + user = users(:silly_name_user) + session[:user_id] = user.id + + post :new, :url_title => info_requests(:fancy_dog_request).url_title, + :comment => { :body => comments(:silly_comment).body }, + :type => 'request', :submitted_comment => 1, :preview => 0 + + response.should render_template('user/banned') + end + describe 'when commenting on an external request' do describe 'when responding to a GET request on a successful request' do |