diff options
| author | Seb Bacon <seb.bacon@gmail.com> | 2011-07-26 17:19:14 +0100 |
|---|---|---|
| committer | Seb Bacon <seb.bacon@gmail.com> | 2011-07-27 08:59:43 +0100 |
| commit | 000b14b71c9dfb7b545240d8ca7ac19cae424a99 (patch) | |
| tree | 8e78ea91f706efb60391774f718f37cb2fc0b074 /spec/controllers/admin_public_body_controller_spec.rb | |
| parent | c9d177817c3b891c0bda9f63156c1f2ccaeeb157 (diff) | |
Authentication should only apply to admin interface when *both* email *and* password are unset
Diffstat (limited to 'spec/controllers/admin_public_body_controller_spec.rb')
| -rw-r--r-- | spec/controllers/admin_public_body_controller_spec.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/spec/controllers/admin_public_body_controller_spec.rb b/spec/controllers/admin_public_body_controller_spec.rb index cb622dabd..3a768686d 100644 --- a/spec/controllers/admin_public_body_controller_spec.rb +++ b/spec/controllers/admin_public_body_controller_spec.rb @@ -65,6 +65,15 @@ describe AdminPublicBodyController, "when administering public bodies" do post :destroy, { :id => 3 } PublicBody.count.should == 1 end + it "when no username set, skip admin authorisation" do + config = MySociety::Config.load_default() + config['ADMIN_USERNAME'] = '' + config['ADMIN_PASSWORD'] = 'fuz' + @request.env["HTTP_AUTHORIZATION"] = "" + PublicBody.count.should == 2 + post :destroy, { :id => 3 } + PublicBody.count.should == 1 + end end |