fix(exports): block exports page to super admins so they can't download exports
This commit is contained in:
parent
2283c7eba7
commit
00a6d02d21
2 changed files with 6 additions and 1 deletions
|
@ -1,7 +1,7 @@
|
||||||
module Instructeurs
|
module Instructeurs
|
||||||
class ProceduresController < InstructeurController
|
class ProceduresController < InstructeurController
|
||||||
before_action :ensure_ownership!, except: [:index]
|
before_action :ensure_ownership!, except: [:index]
|
||||||
before_action :ensure_not_super_admin!, only: [:download_export]
|
before_action :ensure_not_super_admin!, only: [:download_export, :exports]
|
||||||
|
|
||||||
ITEMS_PER_PAGE = 25
|
ITEMS_PER_PAGE = 25
|
||||||
BATCH_SELECTION_LIMIT = 500
|
BATCH_SELECTION_LIMIT = 500
|
||||||
|
|
|
@ -723,5 +723,10 @@ describe Instructeurs::ProceduresController, type: :controller do
|
||||||
expect(assigns(:exports)).to eq([])
|
expect(assigns(:exports)).to eq([])
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context 'when logged in through super admin' do
|
||||||
|
let(:manager) { true }
|
||||||
|
it { is_expected.to have_http_status(:forbidden) }
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue