From 44fafc02c3423ccebfcc5ec3d124bbaac1c5ff17 Mon Sep 17 00:00:00 2001 From: kosiakkatrina <54268893+kosiakkatrina@users.noreply.github.com> Date: Tue, 31 May 2022 09:16:38 +0100 Subject: [PATCH] Authenticate user for index orgs page (#629) * Authenticate user for index orgs page * add spec --- app/controllers/organisations_controller.rb | 2 +- spec/requests/organisations_controller_spec.rb | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/app/controllers/organisations_controller.rb b/app/controllers/organisations_controller.rb index 9c9238273..921953779 100644 --- a/app/controllers/organisations_controller.rb +++ b/app/controllers/organisations_controller.rb @@ -3,7 +3,7 @@ class OrganisationsController < ApplicationController include Modules::CaseLogsFilter include Modules::SearchFilter - before_action :authenticate_user!, except: [:index] + before_action :authenticate_user! before_action :find_resource, except: [:index] before_action :authenticate_scope! diff --git a/spec/requests/organisations_controller_spec.rb b/spec/requests/organisations_controller_spec.rb index 2b01d62e2..deb809831 100644 --- a/spec/requests/organisations_controller_spec.rb +++ b/spec/requests/organisations_controller_spec.rb @@ -25,6 +25,11 @@ RSpec.describe OrganisationsController, type: :request do get "/organisations/#{organisation.id}/users", headers: headers, params: {} expect(response).to redirect_to("/account/sign-in") end + + it "does not let you see organisations list" do + get "/organisations", headers: headers, params: {} + expect(response).to redirect_to("/account/sign-in") + end end end