fix(avis_controller): revoked acl on messagerie
This commit is contained in:
simon lehericey
LeSim
parent
71dd0b99ab
commit
8929af2767
2 changed files with 11 additions and 2 deletions
|
|
@ -4,7 +4,7 @@ module Experts
|
|||
include Zipline
|
||||
|
||||
before_action :authenticate_expert!, except: [:sign_up, :update_expert]
|
||||
before_action :check_if_avis_revoked, only: [:show, :instruction, :create_avis, :update, :sign_up, :update_expert]
|
||||
before_action :check_if_avis_revoked, only: [:show, :instruction, :create_avis, :update, :sign_up, :update_expert, :messagerie]
|
||||
before_action :redirect_if_no_sign_up_needed, only: [:sign_up, :update_expert]
|
||||
before_action :set_avis_and_dossier, only: [:show, :instruction, :messagerie, :create_commentaire, :delete_commentaire, :update, :telecharger_pjs]
|
||||
|
||||
|
|
|
|||
|
|
@ -159,7 +159,9 @@ describe Experts::AvisController, type: :controller do
|
|||
end
|
||||
|
||||
describe '#messagerie' do
|
||||
subject { get :messagerie, params: { id: avis_without_answer.id, procedure_id: procedure.id } }
|
||||
let(:avis) { avis_without_answer }
|
||||
subject { get :messagerie, params: { id: avis.id, procedure_id: procedure.id } }
|
||||
|
||||
context 'with valid avis' do
|
||||
before { subject }
|
||||
|
||||
|
|
@ -169,6 +171,7 @@ describe Experts::AvisController, type: :controller do
|
|||
expect(assigns(:dossier)).to eq(dossier)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with an avis that does not belongs to current_expert' do
|
||||
it "refuse l'accès au dossier" do
|
||||
sign_in(create(:expert).user)
|
||||
|
|
@ -177,6 +180,12 @@ describe Experts::AvisController, type: :controller do
|
|||
expect(flash.alert).to eq("Vous n’avez pas accès à cet avis.")
|
||||
end
|
||||
end
|
||||
|
||||
context 'with a revoked avis' do
|
||||
let(:avis) { revoked_avis }
|
||||
|
||||
it { is_expected.to redirect_to(root_path) }
|
||||
end
|
||||
end
|
||||
|
||||
describe '#update' do
|
||||
|
|
|
|||
Loading…
Reference in a new issue