Check if logged in before accessing

4 years ago · b3bbac845b
2 changed files with 20 additions and 2 deletions
--- a/app/controllers/users/account_controller.rb
+++ b/app/controllers/users/account_controller.rb
@ -1,6 +1,17 @@
 class Users::AccountController < ApplicationController
-    def index; end
-    def personal_details; end
+    def check_logged_in
+        if current_user.nil?
+            redirect_to(new_user_session_path())
+        end
+    end
+
+    def index
+        check_logged_in
+    end
+    
+    def personal_details
+        check_logged_in
+    end

    def update
        if current_user.update('name': params[:user][:name], 'email': params[:user][:email],)
--- a/spec/features/user_spec.rb
+++ b/spec/features/user_spec.rb
@ -51,6 +51,13 @@ RSpec.describe "User Features" do
    end
  end

+  context "If a not logged in user tries to access pages that need permissions" do
+    it "redirects to log in page" do
+      visit("/users/account")
+      expect(page).to have_content("Sign in to your account to submit CORE data")
+    end
+  end
+
  context "Your Account " do

    before(:each) do