Authentication guard clause in work reports controller (#6824)

* authentication guard clause and test * rubocop * defining pageviews and downloads on the same line to get around clsss line limit --------- Co-authored-by: Daniel Pierce <[email protected]>
samvera · Jun 28, 2024 · 3083b6f · 3083b6f
1 parent ee24216
commit 3083b6f
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 4 deletions.
diff --git a/app/controllers/hyrax/admin/analytics/work_reports_controller.rb b/app/controllers/hyrax/admin/analytics/work_reports_controller.rb
@@ -4,6 +4,7 @@ module Admin
     module Analytics
       class WorkReportsController < AnalyticsController
         include Hyrax::BreadcrumbsForWorksAnalytics
+        before_action :authenticate_user!
 
         def index
           return unless Hyrax.config.analytics_reporting?
@@ -14,10 +15,7 @@ def index
           @top_works = paginate(top_works_list, rows: 10)
           @top_file_set_downloads = paginate(top_files_list, rows: 10)
 
-          if current_user.ability.admin?
-            @pageviews = Hyrax::Analytics.daily_events('work-view')
-            @downloads = Hyrax::Analytics.daily_events('file-set-download')
-          end
+          @pageviews = Hyrax::Analytics.daily_events('work-view'), @downloads = Hyrax::Analytics.daily_events('file-set-download') if current_user.ability.admin?
 
           respond_to do |format|
             format.html

diff --git a/spec/controllers/hyrax/admin/analytics/work_reports_controller_spec.rb b/spec/controllers/hyrax/admin/analytics/work_reports_controller_spec.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+require 'rails_helper'
+
+RSpec.describe Hyrax::Admin::Analytics::WorkReportsController, type: :controller do
+  routes { Hyrax::Engine.routes }
+  describe 'GET #index' do
+    context 'when user is not logged in' do
+      it 'redirects to the login page' do
+        get :index
+        expect(response).to be_redirect
+        expect(flash[:alert]).to eq("You need to sign in or sign up before continuing.")
+      end
+    end
+  end
+end