aboutsummaryrefslogtreecommitdiffstats
path: root/spec/controllers/request_controller_spec.rb
diff options
context:
space:
mode:
authorLouise Crow <louise.crow@gmail.com>2013-08-22 15:23:46 +0100
committerLouise Crow <louise.crow@gmail.com>2013-09-16 12:42:19 +0100
commitfd0c811cc4e01435ca89a419a521f6ac31a858b1 (patch)
tree477952cff8d4aec4e7ae8ca67d91f5ae0f64aeac /spec/controllers/request_controller_spec.rb
parentc954d92fe4f558a5f4375016ee6cf517d3ec5ddd (diff)
Restore the download for hidden requests
This was disabled for hidden requests as the download was by redirect, allowing people who have not been authenticated to conceivably access the download. We'll be moving to send_file instead, so can restore it.
Diffstat (limited to 'spec/controllers/request_controller_spec.rb')
-rw-r--r--spec/controllers/request_controller_spec.rb6
1 files changed, 0 insertions, 6 deletions
diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb
index 8f8e3afa0..c5ee8cbf7 100644
--- a/spec/controllers/request_controller_spec.rb
+++ b/spec/controllers/request_controller_spec.rb
@@ -858,12 +858,6 @@ describe RequestController, "when handling prominence" do
response.should render_template('show')
end
- it 'should not allow download of the entire request by admin user (or anyone)' do
- session[:user_id] = FactoryGirl.create(:admin_user).id
- get :download_entire_request, :url_title => @info_request.url_title
- expect_hidden('hidden')
- end
-
it 'should not cache an attachment when showing an attachment to the requester or admin' do
session[:user_id] = @info_request.user.id
incoming_message = @info_request.incoming_messages.first