NPO-Accounting/houdini
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

If maintenance_token is nil, you can't pass an empty token to get in.

Browse source
This commit is contained in:
Eric Schultz 2018-07-19 12:59:29 -05:00
parent 3ed6b06b21
commit 1ad29e7436
2 changed files with 19 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/application_controller.rb
View file

@ -22,7 +22,7 @@ class ApplicationController < ActionController::Base
def redirect_to_maintenance def redirect_to_maintenance
if (Settings&.maintenance&.maintenance_mode && !current_user) if (Settings&.maintenance&.maintenance_mode && !current_user)
unless (self.class == Users::SessionsController && unless (self.class == Users::SessionsController &&
(params[:maintenance_token] == Settings.maintenance.maintenance_token || params[:format] == 'json')) ((Settings.maintenance.maintenance_token && params[:maintenance_token] == Settings.maintenance.maintenance_token) || params[:format] == 'json'))
redirect_to Settings.maintenance.maintenance_page redirect_to Settings.maintenance.maintenance_page
end end
end end

18
spec/requests/maintenance_spec.rb
View file

@ -90,6 +90,24 @@ describe 'Maintenance Mode' do
end end
end end
describe 'in maintenance without maintenance_token set' do
before(:each) do
@request.env["devise.mapping"] = Devise.mappings[:user]
end
before(:each) do
Settings.merge!({maintenance:
{maintenance_mode: true,
maintenance_token: nil,
maintenance_page: page}})
end
it 'redirects sign_in if the token is nil' do
get(:new)
expect(response.code).to eq "302"
expect(response.location).to eq page
end
end
end end
# it 'redirect to general user' do # it 'redirect to general user' do