From 748e1e0748302c969ae3d8a7b7d0d4f20a079f60 Mon Sep 17 00:00:00 2001 From: slainer68 Date: Fri, 24 Jan 2014 13:47:35 +0100 Subject: [PATCH] Allow using the API when Login required site setting is on. --- app/controllers/application_controller.rb | 4 +++- spec/controllers/topics_controller_spec.rb | 12 ++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index e6d43f5d46d..1eed32b2197 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -281,7 +281,9 @@ class ApplicationController < ActionController::Base end def redirect_to_login_if_required - redirect_to :login if SiteSetting.login_required? && !current_user + return if current_user || (request.format.json? && api_key_valid?) + + redirect_to :login if SiteSetting.login_required? end def build_not_found_page(status=404, layout=false) diff --git a/spec/controllers/topics_controller_spec.rb b/spec/controllers/topics_controller_spec.rb index e8500332f66..5e666724501 100644 --- a/spec/controllers/topics_controller_spec.rb +++ b/spec/controllers/topics_controller_spec.rb @@ -583,10 +583,22 @@ describe TopicsController do end context 'and the user is not logged in' do + let(:api_key) { topic.user.generate_api_key(topic.user) } + it 'redirects to the login page' do get :show, topic_id: topic.id, slug: topic.slug expect(response).to redirect_to login_path end + + it 'shows the topic if valid api key is provided' do + get :show, topic_id: topic.id, slug: topic.slug, api_key: api_key.key + expect(response).to be_successful + end + + it 'redirects to the login page if invalid key is provided' do + get :show, topic_id: topic.id, slug: topic.slug, api_key: "bad" + expect(response).to redirect_to login_path + end end end end