# and authorize the user for the requested action
def find_optional_project
if params[:project_id].present?
- find_project(params[:project_id])
+ @project = Project.find(params[:project_id])
end
authorize_global
+ rescue ActiveRecord::RecordNotFound
+ User.current.logged? ? render_404 : require_login
+ false
end
# Finds and sets @project based on @object.project
assert_select 'h3 a', :text => 'eCookbook first release !'
end
- def test_index_with_invalid_project_should_respond_with_404
+ def test_index_with_invalid_project_should_respond_with_404_for_logged_users
+ @request.session[:user_id] = 2
+
get(:index, :params => {:project_id => 999})
assert_response 404
end
+ def test_index_with_invalid_project_should_respond_with_302_for_anonymous
+ Role.anonymous.remove_permission! :view_news
+ with_settings :login_required => '0' do
+ get(:index, :params => {:project_id => 999})
+ assert_response 302
+ end
+ end
+
def test_index_without_permission_should_fail
Role.all.each {|r| r.remove_permission! :view_news}
@request.session[:user_id] = 2
assert_response 302
end
end
+
+ def test_find_optional_project_should_not_error
+ Role.anonymous.remove_permission! :view_gantt
+ with_settings :login_required => '0' do
+ get '/projects/nonexistingproject/issues/gantt'
+ assert_response 302
+ end
+ end
+
+ def test_find_optional_project_should_render_404_for_logged_users
+ log_user('jsmith', 'jsmith')
+
+ get '/projects/nonexistingproject/issues/gantt'
+ assert_response 404
+ end
end
projects / redmine.git / commitdiff