Merge branch 'bvl-missing-message-on-access-denied' into 'master'
Render access denied without message Closes #47844 See merge request gitlab-org/gitlab-ce!19755
This commit is contained in:
commit
7b7ba297cf
|
@ -284,8 +284,10 @@ class ApplicationController < ActionController::Base
|
|||
return unless current_user
|
||||
return if current_user.terms_accepted?
|
||||
|
||||
message = _("Please accept the Terms of Service before continuing.")
|
||||
|
||||
if sessionless_user?
|
||||
render_403
|
||||
access_denied!(message)
|
||||
else
|
||||
# Redirect to the destination if the request is a get.
|
||||
# Redirect to the source if it was a post, so the user can re-submit after
|
||||
|
@ -296,7 +298,7 @@ class ApplicationController < ActionController::Base
|
|||
URI(request.referer).path if request.referer
|
||||
end
|
||||
|
||||
flash[:notice] = _("Please accept the Terms of Service before continuing.")
|
||||
flash[:notice] = message
|
||||
redirect_to terms_path(redirect: redirect_path), status: :found
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
- message = local_assigns.fetch(:message)
|
||||
- message = local_assigns.fetch(:message, nil)
|
||||
- content_for(:title, 'Access Denied')
|
||||
|
||||
= image_tag('illustrations/error-403.svg', alt: '403', lazy: false)
|
||||
|
|
|
@ -458,6 +458,8 @@ describe ApplicationController do
|
|||
end
|
||||
|
||||
context 'for sessionless users' do
|
||||
render_views
|
||||
|
||||
before do
|
||||
sign_out user
|
||||
end
|
||||
|
@ -468,6 +470,14 @@ describe ApplicationController do
|
|||
expect(response).to have_gitlab_http_status(403)
|
||||
end
|
||||
|
||||
it 'renders the error message when the format was html' do
|
||||
get :index,
|
||||
private_token: create(:personal_access_token, user: user).token,
|
||||
format: :html
|
||||
|
||||
expect(response.body).to have_content /accept the terms of service/i
|
||||
end
|
||||
|
||||
it 'renders a 200 when the sessionless user accepted the terms' do
|
||||
accept_terms(user)
|
||||
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'errors/access_denied' do
|
||||
it 'does not fail to render when there is no message provided' do
|
||||
expect { render }.not_to raise_error
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue