2 files changed, 30 insertions, 25 deletions

diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb
index 749cf2d54..74a310712 100644
--- a/app/controllers/request_controller.rb
+++ b/app/controllers/request_controller.rb
@@ -507,15 +507,10 @@ class RequestController < ApplicationController
     def describe_state_requires_admin
         @info_request = InfoRequest.find_by_url_title!(params[:url_title])
 
-        # Check authenticated. We check is_owning_user
-        # to get admin overrides (see is_owning_user? above)
-        if !@info_request.is_owning_user?(authenticated_user) &&
-            !authenticated_as_user?(@info_request.user,
-                :web => _("To classify the response to this FOI request"),
-                :email => _("Then you can classify the FOI response you have got from ") + @info_request.public_body.name + ".",
-                :email_subject => _("Classify an FOI response from ") + @info_request.public_body.name
-            )
-            # do nothing - as "authenticated?" has done the redirect to signin page for us
+        if !authenticated?(
+            :web => _("To classify the response to this FOI request"),
+            :email => _("Then you can classify the FOI response you have got from ") + @info_request.public_body.name + ".",
+            :email_subject => _("Classify an FOI response from ") + @info_request.public_body.name)
             return
         end
 
diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb
index 25ad1df5f..be9df90c4 100644
--- a/spec/controllers/request_controller_spec.rb
+++ b/spec/controllers/request_controller_spec.rb
@@ -1241,6 +1241,32 @@ describe RequestController, "when viewing an individual response for reply/follo
 
 end
 
+describe RequestController, "describe_state_requires_admin" do
+    context "logged in as owner of request" do
+        it "should set the state when classified as requires_admin" do
+            info_request = info_requests(:fancy_dog_request)
+            session[:user_id] = info_request.user_id
+
+            InfoRequest.should_receive(:find_by_url_title!).with("info_request").and_return(info_request)
+            info_request.should_receive(:set_described_state).with("requires_admin", nil, "Something weird happened")
+
+            post :describe_state_requires_admin, :message => "Something weird happened", :url_title => "info_request"
+        end
+    end
+
+    context "logged out" do
+        it "should redirect to the login page" do
+            info_request = info_requests(:fancy_dog_request)
+            InfoRequest.should_receive(:find_by_url_title!).with("info_request").and_return(info_request)
+            post :describe_state_requires_admin, :message => "Something weird happened", :url_title => "info_request"
+
+            # Ugh.
+            post_redirect = PostRedirect.get_last_post_redirect
+            response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token)
+        end
+    end
+end
+
 describe RequestController, "when classifying an information request" do
 
     describe 'if the request is external' do
@@ -1509,22 +1535,6 @@ describe RequestController, "when classifying an information request" do
                 mail.from_addrs.first.to_s.should == @request_owner.name_and_email
             end
 
-            it "should send an email with a message when classified as requires_admin" do
-                post :describe_state_requires_admin, :message => "Something weird happened", :url_title => @dog_request.url_title
-
-                @dog_request.reload
-                @dog_request.awaiting_description.should == false
-                @dog_request.described_state.should == 'requires_admin'
-                @dog_request.get_last_response_event.calculated_state.should == 'requires_admin'
-
-                deliveries = ActionMailer::Base.deliveries
-                deliveries.size.should == 1
-                mail = deliveries[0]
-                mail.body.should =~ /as needing admin/
-                mail.body.should =~ /Something weird happened/
-                mail.from_addrs.first.to_s.should == @request_owner.name_and_email
-            end
-
             it 'should say it is showing advice as to what to do next' do
                 post_status('rejected')
                 flash[:notice].should match(/Here is what to do now/)