jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

app controller: standardize access denied error handling.

Browse Source 
Refactor to use `render_error_page` to handle User::PrivilegeError
exceptions. This way these exceptions are logged to New Relic.

Changes:

* Anonymous users aren't automatically redirected to the login page.
  Instead they're taken to the access denied page, which links to the
  login/signup pages.

* JSON/XML error responses return `message` instead of `reason`.
This commit is contained in:
evazion
2019-08-24 22:55:36 -05:00
parent d4c43af1dd
commit c7f8fbbec2
4 changed files with 26 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
test/functional/post_votes_controller_test.rb
View File

@@ -17,7 +17,8 @@ class PostVotesControllerTest < ActionDispatch::IntegrationTest
end
should "not allow banned users to vote" do
@banned = create(:banned_user)
@banned = create(:user)
@ban = create(:ban, user: @banned)
post_auth post_votes_path(post_id: @post.id), @banned, params: {:score => "up", :format => "js"}
assert_response 403
assert_equal(0, @post.reload.score)