tos and privacy urls redirect based on site settings

2024-11-27 09:36:19 -05:00 · 2013-06-18 10:52:04 -04:00 · 2013-06-18 10:52:04 -04:00 · eea00afb80
commit eea00afb80
parent 04998a6687
2 changed files with 23 additions and 0 deletions
--- a/app/controllers/static_controller.rb
+++ b/app/controllers/static_controller.rb
@ -6,6 +6,9 @@ class StaticController < ApplicationController

    page = params[:id]

+    return redirect_to(SiteSetting.tos_url) if page == 'tos' and !SiteSetting.tos_url.blank?
+    return redirect_to(SiteSetting.privacy_policy_url) if page == 'privacy' and !SiteSetting.privacy_policy_url.blank?
+
    # Don't allow paths like ".." or "/" or anything hacky like that
    page.gsub!(/[^a-z0-9\_\-]/, '')

--- a/spec/controllers/static_controller_spec.rb
+++ b/spec/controllers/static_controller_spec.rb
@ -17,6 +17,26 @@ describe StaticController do
    end
  end

+  [ ['tos', :tos_url], ['privacy', :privacy_policy_url] ].each do |id, setting_name|
+    context "#{id}" do
+      subject { xhr :get, :show, id: id }
+
+      context "when #{setting_name} site setting is NOT set" do
+        it "renders the #{id} page" do
+          expect(subject).to render_template(id)
+        end
+      end
+
+      context "when #{setting_name} site setting is set" do
+        before  { SiteSetting.stubs(setting_name).returns('http://example.com/page') }
+
+        it "redirects to the #{setting_name}" do
+          expect(subject).to redirect_to('http://example.com/page')
+        end
+      end
+    end
+  end
+
  context "with a missing file" do
    it "should respond 404" do
      xhr :get, :show, id: 'does-not-exist'