forum posts: raise privilege error when viewing restricted topics.

Raise a privilege error when trying to view a restricted topic instead of handling it in the controller. This way error handling is standardized.
2019-09-08 15:32:31 -05:00
parent 31c7386b9e
commit 32343303d2
4 changed files with 18 additions and 36 deletions
--- a/test/functional/forum_posts_controller_test.rb
+++ b/test/functional/forum_posts_controller_test.rb
@@ -103,6 +103,15 @@ class ForumPostsControllerTest < ActionDispatch::IntegrationTest
      end
    end

+    context "show action" do
+      should "raise an error if the user doesn't have permission to view the topic" do
+        as(@user) { @forum_post.topic.update(min_level: User::Levels::ADMIN) }
+        get_auth forum_post_path(@forum_post), @user
+
+        assert_response 403
+      end
+    end
+
    context "edit action" do
      should "render if the editor is the creator of the topic" do
        get_auth edit_forum_post_path(@forum_post), @user
--- a/test/functional/forum_topics_controller_test.rb
+++ b/test/functional/forum_topics_controller_test.rb
@@ -79,6 +79,13 @@ class ForumTopicsControllerTest < ActionDispatch::IntegrationTest
        get forum_topic_path(@forum_topic), params: {:format => :atom}
        assert_response :success
      end
+
+      should "raise an error if the user doesn't have permission to view the topic" do
+        as(@user) { @forum_topic.update(min_level: User::Levels::ADMIN) }
+        get_auth forum_topic_path(@forum_topic), @user
+
+        assert_response 403
+      end
    end

    context "index action" do