From 550ed0aa483d0b31a6f844a728340e5a81a753ed Mon Sep 17 00:00:00 2001 From: Gareth Rees Date: Tue, 11 Mar 2014 12:53:49 +0000 Subject: Graceful failure of new_comment route Fixes https://github.com/mysociety/alaveteli/issues/662 If /annotate/request/:url_title is accessed when comments are disabled an exception is incorrectly thrown. Conditionals should be used for control flow, so now the action redirects to the info_request path and displays a notice. --- spec/controllers/comment_controller_spec.rb | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'spec/controllers/comment_controller_spec.rb') diff --git a/spec/controllers/comment_controller_spec.rb b/spec/controllers/comment_controller_spec.rb index c03615ce2..3ad334ab1 100644 --- a/spec/controllers/comment_controller_spec.rb +++ b/spec/controllers/comment_controller_spec.rb @@ -53,16 +53,17 @@ describe CommentController, "when commenting on a request" do response.should render_template('new') end - + it "should not allow comments if comments are not allowed" do - session[:user_id] = users(:silly_name_user).id - - expect { - post :new, :url_title => info_requests(:spam_1_request).url_title, - :comment => { :body => "I demand to be heard!" }, - :type => 'request', :submitted_comment => 1, :preview => 0 - }.to raise_error("Comments are not allowed on this request") - + session[:user_id] = users(:silly_name_user).id + info_request = info_requests(:spam_1_request) + + post :new, :url_title => info_request.url_title, + :comment => { :body => "I demand to be heard!" }, + :type => 'request', :submitted_comment => 1, :preview => 0 + + response.should redirect_to(show_request_path(info_request.url_title)) + flash[:notice].should == 'Comments are not allowed on this request' end describe 'when commenting on an external request' do -- cgit v1.2.3 From 73d0f361fd4e49f11b3b99db7b3dc2b06dc9e9d7 Mon Sep 17 00:00:00 2001 From: Gareth Rees Date: Tue, 11 Mar 2014 14:37:48 +0000 Subject: Use filter to reject if user is banned Extract checking whether a user is banned from making Comments on an InfoRequest to a filter in CommentController. Removes responsibility from the #new method. Adds a missing spec. --- spec/controllers/comment_controller_spec.rb | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'spec/controllers/comment_controller_spec.rb') diff --git a/spec/controllers/comment_controller_spec.rb b/spec/controllers/comment_controller_spec.rb index 3ad334ab1..5e250f689 100644 --- a/spec/controllers/comment_controller_spec.rb +++ b/spec/controllers/comment_controller_spec.rb @@ -66,6 +66,19 @@ describe CommentController, "when commenting on a request" do flash[:notice].should == 'Comments are not allowed on this request' end + it "should not allow comments from banned users" do + User.any_instance.stub(:ban_text).and_return('Banned from commenting') + + user = users(:silly_name_user) + session[:user_id] = user.id + + post :new, :url_title => info_requests(:fancy_dog_request).url_title, + :comment => { :body => comments(:silly_comment).body }, + :type => 'request', :submitted_comment => 1, :preview => 0 + + response.should render_template('user/banned') + end + describe 'when commenting on an external request' do describe 'when responding to a GET request on a successful request' do -- cgit v1.2.3