Disable guest sessions

2019-07-19 08:04:16 +05:00 · 2019-07-19 08:04:16 +05:00 · bdf6b21ad9
commit bdf6b21ad9
parent a0ce2a0b99
3 changed files with 20 additions and 19 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -6,7 +6,7 @@ class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception, prepend: true, unless: :json_request?

  before_action :set_raven_context
-  before_action :sign_in_guest_account
+  # before_action :sign_in_guest_account

  after_action :verify_authorized, except: :index
  after_action :verify_policy_scoped, only: :index
@ -20,7 +20,7 @@ private

  def current_account
    @current_account ||= current_user&.account
-    @current_account ||= Account.guests.find_by(id: session[:guest_account_id])
+    # @current_account ||= Account.guests.find_by id: session[:guest_account_id]
  end

  alias pundit_user current_account
@ -34,13 +34,13 @@ private
    Raven.extra_context params: params.to_unsafe_h, url: request.url
  end

-  def sign_in_guest_account
-    return if current_account || params[:guest_token].blank?
+  # def sign_in_guest_account
+  #   return if current_account || params[:guest_token].blank?

-    account = Account.guests.find_by! guest_token: params[:guest_token]
-    remember_if_guest_account account
-    redirect_to request.original_url
-  end
+  #   account = Account.guests.find_by! guest_token: params[:guest_token]
+  #   remember_if_guest_account account
+  #   redirect_to request.original_url
+  # end

  def json_request?
    request.format.json?
@ -70,7 +70,7 @@ private
    end
  end

-  def remember_if_guest_account(account)
-    session[:guest_account_id] = account.id if account.guest?
-  end
+  # def remember_if_guest_account(account)
+  #   session[:guest_account_id] = account.id if account.guest?
+  # end
 end
--- a/app/controllers/users/sessions_controller.rb
+++ b/app/controllers/users/sessions_controller.rb
@ -20,10 +20,11 @@ class Users::SessionsController < Devise::SessionsController
  # DELETE /resource/sign_out
  def destroy
    authorize %i[users session]
-    super do
-      set_flash_message! :notice, :signed_out if current_account&.guest?
-      session[:guest_account_id] = nil
-    end
+    super
+    # super do
+    #   set_flash_message! :notice, :signed_out if current_account&.guest?
+    #   session[:guest_account_id] = nil
+    # end
  end

 protected
--- a/features/desktop/sign_out.feature
+++ b/features/desktop/sign_out.feature
@ -1,8 +1,8 @@
 Feature: Sign out
-  Scenario: as a guest account
-    Given I am signed in as guest
-    When I try to sign out
-    Then I am successfully signed out
+  # Scenario: as a guest account
+  #   Given I am signed in as guest
+  #   When I try to sign out
+  #   Then I am successfully signed out

  Scenario: as a usual account
    Given I am signed in with email "user@example.com"