oniram88
diff --git a/‎app/controllers/cms/attachments_controller.rb‎
Lines changed: 1 addition & 2 deletions b/‎app/controllers/cms/attachments_controller.rb‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎app/controllers/cms/base_controller.rb‎
Lines changed: 1 addition & 0 deletions b/‎app/controllers/cms/base_controller.rb‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎doc/features/design_integration.md‎
Lines changed: 1 addition & 3 deletions b/‎doc/features/design_integration.md‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎features/content_blocks/multiple_attachments.feature‎
Lines changed: 0 additions & 4 deletions b/‎features/content_blocks/multiple_attachments.feature‎
Lines changed: 0 additions & 4 deletions
@@ -1,8 +1,7 @@
 module Cms
  class AttachmentsController < Cms::BaseController
 
- skip_before_filter :redirect_to_cms_site, :only => [:download]
- skip_before_filter :cms_access_required, :only => [:download]
+ allow_guests_to [:download]
 
  include ContentRenderingSupport
  include Cms::Attachments::Serving
 
@@ -13,6 +13,7 @@ class BaseController < Cms::ApplicationController
  #
  # @param [Array<Symbol>] methods List of methods to disable security for.
  def self.allow_guests_to(methods)
+ skip_before_action :redirect_to_cms_site, only: methods
  skip_before_action :authenticate_cms_user!, only: methods
  skip_before_action :cms_access_required, only: methods
  end
 
@@ -31,16 +31,14 @@
 * Fix remaining critical bugs before releasing alpha
 
 cucumber features/commands/generate_module.feature:10 # Scenario: Create a BrowserCMS module
-cucumber features/content_blocks/multiple_attachments.feature:23 # Scenario: A Guest accesses a public attachment
-cucumber features/content_blocks/multiple_attachments.feature:31 # Scenario: A Guest accesses a protected attachment
 cucumber features/content_pages.feature:25 # Scenario: View Older Versions
 cucumber features/portlets/portlets.feature:93 # Scenario: Portlet errors should not blow up the page
 
 ### Open Issues
 
-* [BUG] (Critical) List portlets includes portlets that have been deleted.
 * [BUG] (Critical) Versions for project specific content types don't work. (Dummy::Product)
 * [BUG] (Critical) Cannot reuse Products on pages (solution might to to just disallow?)
+* [BUG] (Critical) Cannot click on 'Browse' for products. (Can tab to select though)
 
 ### Open (but not critical) issues
 
 
@@ -18,16 +18,12 @@ Feature: Attaching multiple assets to a block
  When I edit that block
  Then I should see the delete attachment link
 
- # Likely related to Devise security
- @known-bug
  Scenario: A Guest accesses a public attachment
  Given an attachment exists in a public section
  And I am not logged in
  When I try to view that attachment
  Then I should see the attachment content
 
- # Devise related: 403 is 'unauthorized'. 401 is unauthenticated.
- @known-bug
  Scenario: A Guest accesses a protected attachment
  Given an attachment exists in a protected section
  And I am not logged in
Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,7 @@ class BaseController < Cms::ApplicationController`
`13`	`13`	`#`
`14`	`14`	`# @param [Array<Symbol>] methods List of methods to disable security for.`
`15`	`15`	`def self.allow_guests_to(methods)`
	`16`	`+ skip_before_action :redirect_to_cms_site, only: methods`
`16`	`17`	`skip_before_action :authenticate_cms_user!, only: methods`
`17`	`18`	`skip_before_action :cms_access_required, only: methods`
`18`	`19`	`end`