FIX: redirect to login page for anonymous user when profiles are hidden

2024-11-23 06:29:30 +08:00 · 2017-04-20 13:00:45 +05:30 · 2017-04-20 13:00:45 +05:30 · ea26c56631
commit ea26c56631
parent 5c39c8f24b
2 changed files with 3 additions and 3 deletions
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -36,7 +36,7 @@ class UsersController < ApplicationController
  end

  def show
-    raise Discourse::InvalidAccess if SiteSetting.hide_user_profiles_from_public && !current_user
+    return redirect_to path('/login') if SiteSetting.hide_user_profiles_from_public && !current_user

    @user = fetch_user_from_params(
      { include_inactive: current_user.try(:staff?) },
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@ -13,10 +13,10 @@ describe UsersController do
        expect(response).to be_success
      end

-      it "raises an error for anon when profiles are hidden" do
+      it "should redirect to login page for anonymous user when profiles are hidden" do
        SiteSetting.hide_user_profiles_from_public = true
        xhr :get, :show, username: user.username, format: :json
-        expect(response).not_to be_success
+        expect(response).to redirect_to '/login'
      end

    end