Render access denied without message

The `errors/access_denied` page should not fail to render when no message is provided. When accessing something as a sessionless user, we should also display the terms message if possible.
author: Bob Van Landuyt <bob@vanlanduyt.co> 2018-06-13 17:05:55 +0300
committer: Bob Van Landuyt <bob@vanlanduyt.co> 2018-06-13 18:03:48 +0300
commit: 7fe92d998125d3dc8be3544346de8dbd5c64b240 (patch)
tree: 297884d64e1e4f44c4ab07f69f6497c29ddd5c7d /spec/controllers
parent: 96482886f3536a31977c7fabb1071a59ad6e44f5 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
index 773bf25ed44..fbafb4a4de8 100644
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@@ -458,6 +458,8 @@ describe ApplicationController do
       end
 
       context 'for sessionless users' do
+        render_views
+
         before do
           sign_out user
         end
@@ -468,6 +470,14 @@ describe ApplicationController do
           expect(response).to have_gitlab_http_status(403)
         end
 
+        it 'renders the error message when the format was html' do
+          get :index,
+              private_token: create(:personal_access_token, user: user).token,
+              format: :html
+
+          expect(response.body).to have_content /accept the terms of service/i
+        end
+
         it 'renders a 200 when the sessionless user accepted the terms' do
           accept_terms(user)
author	Bob Van Landuyt <bob@vanlanduyt.co>	2018-06-13 17:05:55 +0300
committer	Bob Van Landuyt <bob@vanlanduyt.co>	2018-06-13 18:03:48 +0300
commit	7fe92d998125d3dc8be3544346de8dbd5c64b240 (patch)
tree	297884d64e1e4f44c4ab07f69f6497c29ddd5c7d /spec/controllers
parent	96482886f3536a31977c7fabb1071a59ad6e44f5 (diff)