Fix NotPerformedError raise on catched NotAuthenticated/NotAuthorized

0x7466 · Mar 4, 2021 · 659d8c9 · 659d8c9
1 parent 7345687
commit 659d8c9
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 8 deletions.
diff --git a/lib/active_entry.rb b/lib/active_entry.rb
@@ -35,17 +35,17 @@ def authenticate!
     else
       is_authenticated = send decision_maker_to_use
     end
+
+    # Tell #verify_authentication! that authentication
+    # has been performed.
+    @_authentication_done = true
 
     # If the authenticated? method returns not true
     # it raises the ActiveEntry::NotAuthenticatedError.
     #
     # Use the .rescue_from method from ActionController::Base
     # to catch the exception and show the user a proper error message.
     raise ActiveEntry::NotAuthenticatedError.new(error) unless is_authenticated == true
-
-    # Tell #verify_authentication! that authentication
-    # has been performed.
-    @_authentication_done = true
   end
 
   # Verifies that #authorize! has been called in the controller.
@@ -80,15 +80,15 @@ def authorize!
       is_authorized = send(decision_maker_to_use)
     end
 
+    # Tell #verify_authorization! that authorization
+    # has been performed.
+    @_authorization_done = true
+
     # If the authorized? method does not return true
     # it raises the ActiveEntry::NotAuthorizedError
     #
     # Use the .rescue_from method from ActionController::Base
     # to catch the exception and show the user a proper error message.
     raise ActiveEntry::NotAuthorizedError.new(error) unless is_authorized == true
-
-    # Tell #verify_authorization! that authorization
-    # has been performed.
-    @_authorization_done = true
   end
 end
diff --git a/spec/verify_authentication_spec.rb b/spec/verify_authentication_spec.rb
@@ -24,6 +24,17 @@
     end.to_not raise_error
   end
 
+  it 'does not raise error if #authenticate! was called but failed because not authenticated' do
+    dummy_class.define_method(:authenticated?) { false }
+
+    begin
+      dummy_obj.authenticate!
+    rescue ActiveEntry::NotAuthenticatedError
+    end
+
+    expect{ dummy_obj.verify_authentication! }.to_not raise_error
+  end
+
   describe '#authenticate!' do
     it "sets @_authentication_done" do
       dummy_class.define_method(:authenticated?) { true }

diff --git a/spec/verify_authorization_spec.rb b/spec/verify_authorization_spec.rb
@@ -24,6 +24,17 @@
     end.to_not raise_error
   end
 
+  it 'does not raise error if #authorize! was called but failed because not authorized' do
+    dummy_class.define_method(:authorized?) { false }
+
+    begin
+      dummy_obj.authorize!
+    rescue ActiveEntry::NotAuthorizedError
+    end
+
+    expect{ dummy_obj.verify_authorization! }.to_not raise_error
+  end
+
   describe '#authorize!' do
     it "sets @_authorization_done" do
       dummy_class.define_method(:authorized?) { true }