404, not 500, if signed out user wants to see a non public/existing post
Also add some specs for Post#find_by_guid_or_id_with_user
This commit is contained in:
Jonne Haß
parent
aa60fac217
commit
11eecc3d3a
3 changed files with 41 additions and 1 deletions
|
|
@ -109,6 +109,7 @@ everything is set up.
|
|||
* Refactor develop install script [#4111](https://github.com/diaspora/diaspora/pull/4111)
|
||||
* Remove special hacks for supporting Ruby 1.8 [#4113] (https://github.com/diaspora/diaspora/pull/4139)
|
||||
* Moved custom oEmbed providers to config/oembed_providers.yml [#4131](https://github.com/diaspora/diaspora/pull/4131)
|
||||
* Add specs for Post#find_by_guid_or_id_with_user
|
||||
|
||||
## Bug fixes
|
||||
|
||||
|
|
@ -141,6 +142,7 @@ everything is set up.
|
|||
* Fix mentions at end of post. [#3746](https://github.com/diaspora/diaspora/issues/3746)
|
||||
* Fix missing indent to correct logged-out-header container relative positioning [#4134](https://github.com/diaspora/diaspora/pull/4134)
|
||||
* Private post dont show error 404 when you are not authorized on mobile page [#4129](https://github.com/diaspora/diaspora/issues/4129)
|
||||
* Show 404 instead of 500 if a not signed in user wants to see a non public or non existing post.
|
||||
|
||||
## Features
|
||||
|
||||
|
|
|
|||
|
|
@ -150,7 +150,7 @@ class Post < ActiveRecord::Base
|
|||
end
|
||||
|
||||
# is that a private post?
|
||||
raise(Diaspora::NonPublic) unless user || post.public?
|
||||
raise(Diaspora::NonPublic) unless user || post.try(:public?)
|
||||
|
||||
post || raise(ActiveRecord::RecordNotFound.new("could not find a post with id #{id}"))
|
||||
end
|
||||
|
|
|
|||
|
|
@ -370,5 +370,43 @@ describe Post do
|
|||
end
|
||||
end
|
||||
|
||||
describe "#find_by_guid_or_id_with_user" do
|
||||
it "succeeds with an id" do
|
||||
post = FactoryGirl.create :status_message, public: true
|
||||
Post.find_by_guid_or_id_with_user(post.id).should == post
|
||||
end
|
||||
|
||||
it "succeeds with an guid" do
|
||||
post = FactoryGirl.create :status_message, public: true
|
||||
Post.find_by_guid_or_id_with_user(post.guid).should == post
|
||||
end
|
||||
|
||||
it "looks up on the passed user object if it's non-nil" do
|
||||
post = FactoryGirl.create :status_message
|
||||
user = mock
|
||||
user.should_receive(:find_visible_shareable_by_id).with(Post, post.id, key: :id).and_return(post)
|
||||
Post.find_by_guid_or_id_with_user post.id, user
|
||||
end
|
||||
|
||||
it "raises ActiveRecord::RecordNotFound with a non-existing id and a user" do
|
||||
user = stub(find_visible_shareable_by_id: nil)
|
||||
expect {
|
||||
Post.find_by_guid_or_id_with_user 123, user
|
||||
}.to raise_error ActiveRecord::RecordNotFound
|
||||
end
|
||||
|
||||
it "raises Diaspora::NonPublic for a non-existing id without a user" do
|
||||
Post.stub where: stub(includes: stub(first: nil))
|
||||
expect {
|
||||
Post.find_by_guid_or_id_with_user 123
|
||||
}.to raise_error Diaspora::NonPublic
|
||||
end
|
||||
|
||||
it "raises Diaspora::NonPublic for a private post without a user" do
|
||||
post = FactoryGirl.create :status_message
|
||||
expect {
|
||||
Post.find_by_guid_or_id_with_user post.id
|
||||
}.to raise_error Diaspora::NonPublic
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in a new issue