diff options
| -rw-r--r-- | app/controllers/request_controller.rb | 20 | ||||
| -rw-r--r-- | spec/controllers/request_controller_spec.rb | 15 |
2 files changed, 11 insertions, 24 deletions
diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index d1698c787..bfa21a6d2 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -4,7 +4,7 @@ # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved. # Email: francis@mysociety.org; WWW: http://www.mysociety.org/ # -# $Id: request_controller.rb,v 1.32 2008-01-09 19:34:07 francis Exp $ +# $Id: request_controller.rb,v 1.33 2008-01-09 19:46:26 francis Exp $ class RequestController < ApplicationController @@ -83,16 +83,16 @@ class RequestController < ApplicationController raise sprintf("Incoming message %d does not belong to request %d", @incoming_message.info_request_id, params[:id]) end - if not authenticated_as_user?(@info_request.user, - :web => "To view and classify the response to this FOI request", - :email => "Then you can classify the FOI response you have got from " + @info_request.public_body.name + ".", - :email_subject => "Classify a response from " + @info_request.public_body.name + " to your FOI request" - ) - return - # do nothing - as "authenticated?" has done the redirect to signin page for us - end - if params[:incoming_message] + if not authenticated_as_user?(@info_request.user, + :web => "To view and classify the response to this FOI request", + :email => "Then you can classify the FOI response you have got from " + @info_request.public_body.name + ".", + :email_subject => "Classify a response from " + @info_request.public_body.name + " to your FOI request" + ) + return + # do nothing - as "authenticated?" has done the redirect to signin page for us + end + contains_information = (params[:incoming_message][:contains_information] == 'true' ? true : false) @incoming_message.contains_information = contains_information @incoming_message.user_classified = true diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb index 22d451611..383be79f0 100644 --- a/spec/controllers/request_controller_spec.rb +++ b/spec/controllers/request_controller_spec.rb @@ -147,20 +147,7 @@ describe RequestController, "when viewing an individual response" do integrate_views fixtures :info_requests, :public_bodies, :users, :incoming_messages, :outgoing_messages # all needed as integrating views - it "should require login if not logged in" do - get :show_response, :id => info_requests(:fancy_dog_request).id, :incoming_message_id => incoming_messages(:useless_incoming_message) - post_redirect = PostRedirect.get_last_post_redirect - response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token) - end - - it "should say you are the wrong user if logged in as wrong user" do - session[:user_id] = users(:silly_name_user).id - get :show_response, :id => info_requests(:fancy_dog_request).id, :incoming_message_id => incoming_messages(:useless_incoming_message) - response.should render_template('user/wrong_user') - end - - it "should show classification page if logged in as user controlling request" do - session[:user_id] = users(:bob_smith_user).id + it "should show the response" do get :show_response, :id => info_requests(:fancy_dog_request).id, :incoming_message_id => incoming_messages(:useless_incoming_message) response.should render_template('show_response') end |