add tests for new mediated download links

spec/features/object_files_controller_spec.rb

@@ -0,0 +1,34 @@
+require 'spec_helper'
+
+describe("Object Files Download", :type => :request, :integration => true) do
+
+  fixtures :users
+  fixtures :object_files
+
+  before :each do 
+    @druid = 'druid:oo000oo0001'
+    @file = Hydrus::ObjectFile.find(2) # this PDF defined in the fixtures belongs to archivist1
+  end
+
+  it "should be redirected to the login page when accessing a file URL if not logged in" do
+    logout
+    visit @file.url
+    expect(current_path).to eq(new_user_session_path)
+  end
+
+  it "should allow the owner of the file to download it" do
+    login_as('archivist1') # owner of the item can download the file
+    visit @file.url
+    expect(page.status_code).to eq(200)
+    expect(page.response_headers['Content-Type']).to eq("application/pdf")
+  end
+
+  it "should redirect to home page and provide a not authorized message when accessing a file URL when logged in but do not have view access on the item" do
+    login_as('archivist99') # no view access on the item, no access
+    visit @file.url
+    expect(page.response_headers['Content-Type']).not_to eq("application/pdf")
+    expect(current_path).to eq(root_path)
+    expect(find("#flash-notices div.alert")).to have_content("You are not authorized to access this page.")
+  end
+
+end