Allow user details to be fetched without agreeing terms

2011-04-20 20:57:01 +01:00 · 2011-04-20 20:57:01 +01:00 · 02e186ee5b
commit 02e186ee5b
parent 658762a603
3 changed files with 4 additions and 7 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -18,7 +18,7 @@ class ApplicationController < ActionController::Base

        # don't allow access to any auth-requiring part of the site unless
        # the new CTs have been seen (and accept/decline chosen).
-      elsif !@user.terms_seen and flash[:showing_terms].nil?
+      elsif !@user.terms_seen and flash[:skip_terms].nil?
        flash[:notice] = t 'user.terms.you need to accept or decline'
        if params[:referer]
          redirect_to :controller => "user", :action => "terms", :referer => params[:referer]
@ -120,7 +120,7 @@ class ApplicationController < ActionController::Base
      # if the user hasn't seen the contributor terms then don't
      # allow editing - they have to go to the web site and see
      # (but can decline) the CTs to continue.
-      if REQUIRE_TERMS_SEEN and not @user.terms_seen
+      if REQUIRE_TERMS_SEEN and not @user.terms_seen and flash[:skip_terms].nil?
        set_locale
        report_error t('application.setup_user_auth.need_to_see_terms'), :forbidden
      end
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@ -1,7 +1,7 @@
 class UserController < ApplicationController
  layout :choose_layout

-  before_filter :disable_terms_redirect, :only => [:terms, :save, :logout]
+  before_filter :disable_terms_redirect, :only => [:terms, :save, :logout, :api_details]
  before_filter :authorize, :only => [:api_details, :api_gpx_files]
  before_filter :authorize_web, :except => [:api_details, :api_gpx_files]
  before_filter :set_locale, :except => [:api_details, :api_gpx_files]
@ -522,6 +522,6 @@ private
    # this is necessary otherwise going to the user terms page, when 
    # having not agreed already would cause an infinite redirect loop.
    # it's .now so that this doesn't propagate to other pages.
-    flash.now[:showing_terms] = true
+    flash.now[:skip_terms] = true
  end
 end
--- a/test/integration/user_blocks_test.rb
+++ b/test/integration/user_blocks_test.rb
@ -38,9 +38,6 @@ class UserBlocksTest < ActionController::IntegrationTest

    # revoke the ban
    get '/login'
-    assert_response :redirect
-    assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true"
-    follow_redirect!
    assert_response :success
    post '/login', {'user[email]' => moderator.email, 'user[password]' => "test", :referer => "/blocks/#{block.id}/revoke"}
    assert_response :redirect