diff --git a/app/controllers/application.rb b/app/controllers/application.rb --- a/app/controllers/application.rb +++ b/app/controllers/application.rb @@ -12,13 +12,13 @@ return false end - user = User.find(session[:user_id]) # check if run in single user mode - if (defined?(SINGLE_USER_MODE) and - (SINGLE_USER_MODE) and - user.login != 'root') - redirect_to :controller => 'main', :action => 'login' - return false + if defined?(SINGLE_USER_MODE) and (SINGLE_USER_MODE) + user = User.find(session[:user_id]) + if user==nil or user.login != 'root' + redirect_to :controller => 'main', :action => 'login' + return false + end end return true diff --git a/spec/controllers/main_controller_spec.rb b/spec/controllers/main_controller_spec.rb new file mode 100644 --- /dev/null +++ b/spec/controllers/main_controller_spec.rb @@ -0,0 +1,42 @@ + +require File.dirname(__FILE__) + '/../spec_helper' + +describe MainController do + + before(:each) do + @problem = mock(Problem, :name => 'test') + @language = mock(Language, :name => 'cpp', :ext => 'cpp') + @submission = mock(Submission, + :id => 1, + :user_id => 1, + :problem => @problem, + :language => @language, + :source => 'sample source', + :compiler_message => 'none') + @user = mock(User, :id => 1, :login => 'john') + Submission.should_receive(:find).with(@user.id.to_s).and_return(@submission) + end + + it "should let user sees her own source" do + get 'source', {:id => 1}, {:user_id => 1} + response.should be_success + end + + it "should let user sees her own compiler message" do + get 'compiler_msg', {:id => 1}, {:user_id => 1} + response.should be_success + end + + it "should not let user sees other user's source" do + get 'source', {:id => 1}, {:user_id => 2} + flash[:notice].should =~ /[Ee]rror/ + response.should redirect_to(:action => 'list') + end + + it "should not let user sees other user's compiler message" do + get 'compiler_msg', {:id => 1}, {:user_id => 2} + flash[:notice].should =~ /[Ee]rror/ + response.should redirect_to(:action => 'list') + end + +end