From ac108a6c3ac503dc185a12d502653fca597eeacd Mon Sep 17 00:00:00 2001 From: Robin Houston Date: Tue, 20 Mar 2012 15:06:18 +0000 Subject: Fix the "log in as" function Previously the "log in as" function after 3b6e5a692b852a88f55b21a7210f60a6f7cfc24b would attempt to log the admin user out before issuing the redirect. Unfortunately this approach does not work on WhatDoTheyKnow, where the admin pages are served via a different domain (secure.mysociety.org) and so do not share session information with the rest of the site. This commit changes it to mark the PostRedirect with circumstance == "login_as", which signals the user controller to log out the previous user even if they are an admin. In other words, the user is logged out on the main site rather than the admin site, skirting this problem. Closes #450. --- spec/controllers/admin_user_controller_spec.rb | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'spec/controllers/admin_user_controller_spec.rb') diff --git a/spec/controllers/admin_user_controller_spec.rb b/spec/controllers/admin_user_controller_spec.rb index 60ac6969d..c2d645fd2 100644 --- a/spec/controllers/admin_user_controller_spec.rb +++ b/spec/controllers/admin_user_controller_spec.rb @@ -24,13 +24,7 @@ describe AdminUserController, "when administering users" do post_redirect = PostRedirect.get_last_post_redirect response.should redirect_to(:controller => 'user', :action => 'confirm', :email_token => post_redirect.email_token) end - - it "logs in as another user when already logged in as an admin" do - session[:user_id] = users(:admin_user).id - get :login_as, :id => users(:bob_smith_user).id - post_redirect = PostRedirect.get_last_post_redirect - response.should redirect_to(:controller => 'user', :action => 'confirm', :email_token => post_redirect.email_token) - session[:user_id].should be_nil - end + + # See also "allows an admin to log in as another user" in spec/integration/admin_spec.rb end -- cgit v1.2.3 From 4d9eedc980364d52fba20ac77bb5729868d2d564 Mon Sep 17 00:00:00 2001 From: Seb Bacon Date: Tue, 15 May 2012 10:30:27 +0100 Subject: Fix test breakage introduced in 8d78cb8844549dc901cd901371be6ec604fb7f68 --- spec/controllers/admin_user_controller_spec.rb | 3 --- 1 file changed, 3 deletions(-) (limited to 'spec/controllers/admin_user_controller_spec.rb') diff --git a/spec/controllers/admin_user_controller_spec.rb b/spec/controllers/admin_user_controller_spec.rb index c2d645fd2..cf3665c9f 100644 --- a/spec/controllers/admin_user_controller_spec.rb +++ b/spec/controllers/admin_user_controller_spec.rb @@ -2,9 +2,6 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe AdminUserController, "when administering users" do integrate_views - before do - basic_auth_login @request - end it "shows the index/list page" do get :index -- cgit v1.2.3