* Authenticate user for index orgs page * add spec
@ -3,7 +3,7 @@ class OrganisationsController < ApplicationController
include Modules::CaseLogsFilter
include Modules::SearchFilter
before_action :authenticate_user!, except: [:index]
before_action :authenticate_user!
before_action :find_resource, except: [:index]
before_action :authenticate_scope!
@ -25,6 +25,11 @@ RSpec.describe OrganisationsController, type: :request do
get "/organisations/#{organisation.id}/users", headers: headers, params: {}
expect(response).to redirect_to("/account/sign-in")
end
it "does not let you see organisations list" do
get "/organisations", headers: headers, params: {}