diff options
-rw-r--r-- | app/controllers/auth/sessions_controller.rb | 1 | ||||
-rw-r--r-- | spec/controllers/auth/sessions_controller_spec.rb | 27 |
2 files changed, 28 insertions, 0 deletions
diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb index 4a5e0da6e..1aa84a354 100644 --- a/app/controllers/auth/sessions_controller.rb +++ b/app/controllers/auth/sessions_controller.rb @@ -6,6 +6,7 @@ class Auth::SessionsController < Devise::SessionsController layout 'auth' skip_before_action :require_no_authentication, only: [:create] + skip_before_action :check_suspension, only: [:destroy] prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create] def create diff --git a/spec/controllers/auth/sessions_controller_spec.rb b/spec/controllers/auth/sessions_controller_spec.rb index 393908d97..a2298180a 100644 --- a/spec/controllers/auth/sessions_controller_spec.rb +++ b/spec/controllers/auth/sessions_controller_spec.rb @@ -16,6 +16,33 @@ RSpec.describe Auth::SessionsController, type: :controller do end end + describe 'DELETE #destroy' do + let(:user) { Fabricate(:user) } + + before do + request.env['devise.mapping'] = Devise.mappings[:user] + end + + context 'with a regular user' do + it 'redirects to home after sign out' do + sign_in(user, scope: :user) + delete :destroy + + expect(response).to redirect_to(root_path) + end + end + + context 'with a suspended user' do + it 'redirects to home after sign out' do + Fabricate(:account, user: user, suspended: true) + sign_in(user, scope: :user) + delete :destroy + + expect(response).to redirect_to(root_path) + end + end + end + describe 'POST #create' do before do request.env['devise.mapping'] = Devise.mappings[:user] |