Redirect to home page when user unauthorized

samvera · Mar 18, 2022 · 549b1f0 · 549b1f0
1 parent f04e5fd
commit 549b1f0
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 1 deletion.
diff --git a/app/controllers/hyrax/citations_controller.rb b/app/controllers/hyrax/citations_controller.rb
@@ -2,6 +2,7 @@
 module Hyrax
   class CitationsController < ApplicationController
     include WorksControllerBehavior
+    include DenyAccessOverrideBehavior
     include Breadcrumbs
 
     # Overrides decide_layout from WorksControllerBehavior

diff --git a/spec/controllers/hyrax/citations_controller_spec.rb b/spec/controllers/hyrax/citations_controller_spec.rb
@@ -22,7 +22,21 @@
     end
 
     context "with an unauthenticated user" do
-      it "is not successful" do
+      let(:second_user) { FactoryBot.create(:user) }
+
+      before do
+        sign_in second_user
+      end
+
+      it "redirects to the home page" do
+        get :work, params: { id: work }
+        expect(response).to redirect_to main_app.root_path(locale: 'en')
+        expect(flash[:alert]).to eq "You are not authorized to access this page."
+      end
+    end
+
+    context "when a user is not logged in" do
+      it "redirects to the user login page" do
         get :work, params: { id: work }
         expect(response).to redirect_to main_app.new_user_session_path(locale: 'en')
         expect(flash[:alert]).to eq "You are not authorized to access this page."