diff --git a/app/models/group.rb b/app/models/group.rb
index 4e8f6c12a..3f9b976a2 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -18,7 +18,7 @@ class Group < ActiveRecord::Base
 
   scope :search_order, order("CHAR_LENGTH(uname) ASC")
   scope :without, lambda {|a| where("groups.id NOT IN (?)", a)}
-  scope :search, lambda {|q| where("uname ILIKE ?", "%#{q.strip}%")}
+  scope :search, lambda {|q| where("uname ILIKE ?", "%#{q.to_s.strip}%")}
   scope :opened, where('1=1')
   scope :by_owner, lambda {|owner| where(:owner_id => owner.id)}
   scope :by_admin, lambda {|admin| joins(:objects).where(:'relations.role' => 'admin', :'relations.object_id' => admin.id, :'relations.object_type' => 'User')}
diff --git a/app/models/platform.rb b/app/models/platform.rb
index 03d749c15..85d799606 100644
--- a/app/models/platform.rb
+++ b/app/models/platform.rb
@@ -29,7 +29,7 @@ class Platform < ActiveRecord::Base
   after_update :update_owner_relation
 
   scope :search_order, order("CHAR_LENGTH(name) ASC")
-  scope :search, lambda {|q| where("name ILIKE ?", "%#{q.strip}%")}
+  scope :search, lambda {|q| where("name ILIKE ?", "%#{q.to_s.strip}%")}
   scope :by_visibilities, lambda {|v| where(:visibility => v)}
   scope :opened, where(:visibility => 'open')
   scope :hidden, where(:visibility => 'hidden')
diff --git a/app/models/project.rb b/app/models/project.rb
index ac1a86e9e..5f0b097cd 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -29,7 +29,7 @@ class Project < ActiveRecord::Base
 
   scope :recent, order("name ASC")
   scope :search_order, order("CHAR_LENGTH(name) ASC")
-  scope :search, lambda {|q| by_name("%#{q.strip}%")}
+  scope :search, lambda {|q| by_name("%#{q.to_s.strip}%")}
   scope :by_name, lambda {|name| where('projects.name ILIKE ?', name)}
   scope :by_visibilities, lambda {|v| where(:visibility => v)}
   scope :opened, where(:visibility => 'open')
diff --git a/app/models/user.rb b/app/models/user.rb
index 463264110..96b0acb13 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -49,7 +49,7 @@ class User < ActiveRecord::Base
 
   scope :search_order, order("CHAR_LENGTH(uname) ASC")
   scope :without, lambda {|a| where("users.id NOT IN (?)", a)}
-  scope :search, lambda {|q| where("uname ILIKE ?", "%#{q.strip}%")}
+  scope :search, lambda {|q| where("uname ILIKE ?", "%#{q.to_s.strip}%")}
   scope :opened, where('1=1')
   scope :banned, where(:role => 'banned')
   scope :admin, where(:role => 'admin')
diff --git a/db/schema.rb b/db/schema.rb
index fef3b9e2d..b15f77dec 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1,4 +1,4 @@
-# -*- encoding : utf-8 -*-
+# encoding: UTF-8
 # This file is auto-generated from the current state of the database. Instead
 # of editing this file, please use the migrations feature of Active Record to
 # incrementally modify your database, and then regenerate this schema definition.
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20120403110931) do
+ActiveRecord::Schema.define(:version => 20120404134602) do
 
   create_table "activity_feeds", :force => true do |t|
     t.integer  "user_id",    :null => false
@@ -102,7 +102,7 @@ ActiveRecord::Schema.define(:version => 20120403110931) do
     t.string   "locked_by"
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.string   "queue"
+    t.string   "queue",      :default => "default"
   end
 
   add_index "delayed_jobs", ["priority", "run_at"], :name => "delayed_jobs_priority"
diff --git a/spec/controllers/issues_controller_spec.rb b/spec/controllers/issues_controller_spec.rb
index 283586221..cf0bcf9f9 100644
--- a/spec/controllers/issues_controller_spec.rb
+++ b/spec/controllers/issues_controller_spec.rb
@@ -39,7 +39,7 @@ end
 shared_examples_for 'user without issue update rights' do
   it 'should not be able to perform update action' do
     put :update, {:id => @issue.serial_id}.merge(@update_params)
-    response.should redirect_to(forbidden_path)
+    response.should redirect_to(controller.current_user ? forbidden_path : new_user_session_path)
   end
 
   it 'should not update issue title' do
@@ -51,11 +51,11 @@ end
 shared_examples_for 'user without issue destroy rights' do
   it 'should not be able to perform destroy action' do
     delete :destroy, :id => @issue.serial_id, :project_id => @project.id
-    response.should redirect_to(forbidden_path)
+    response.should redirect_to(controller.current_user ? forbidden_path : new_user_session_path)
   end
 
   it 'should not reduce issues count' do
-    lambda{ delete :destroy, :id => @issue.serial_id, :project_id => @project.id }.should change{ Issue.count }.by(0)
+    lambda{ delete :destroy, :id => @issue.serial_id, :project_id => @project.id }.should_not change{ Issue.count }
   end
 end
 
@@ -185,4 +185,32 @@ describe IssuesController do
     it_should_behave_like 'user without issue destroy rights'
     it_should_behave_like 'project with issues turned off'
   end
+
+  context 'for guest' do
+    if APP_CONFIG['anonymous_access']
+      it_should_behave_like 'issue user with project reader rights'
+    else
+      it 'should not be able to perform index action' do
+        get :index, :project_id => @project.id
+        response.should redirect_to(new_user_session_path)
+      end
+
+      it 'should not be able to perform show action' do
+        get :show, :project_id => @project.id, :id => @issue.serial_id
+        response.should redirect_to(new_user_session_path)
+      end
+    end
+
+    it 'should not be able to perform create action' do
+      post :create, @create_params
+      response.should redirect_to(new_user_session_path)
+    end
+
+    it 'should not create issue object into db' do
+      lambda{ post :create, @create_params }.should_not change{ Issue.count }
+    end
+
+    it_should_behave_like 'user without issue update rights'
+    it_should_behave_like 'user without issue destroy rights'
+  end
 end
diff --git a/spec/controllers/search_controller_spec.rb b/spec/controllers/search_controller_spec.rb
new file mode 100644
index 000000000..74b266789
--- /dev/null
+++ b/spec/controllers/search_controller_spec.rb
@@ -0,0 +1,34 @@
+# -*- encoding : utf-8 -*-
+require 'spec_helper'
+
+shared_examples_for 'able search' do
+  it 'should be able to search' do
+    get :index
+    response.should be_success
+    response.should render_template(:index)
+  end
+end
+shared_examples_for 'not able search' do
+  it 'should not be able to search' do
+    get :index
+    response.should redirect_to(controller.current_user ? forbidden_path : new_user_session_path)
+  end
+end
+
+describe SearchController do
+  before { stub_rsync_methods }
+
+  context 'as guest' do
+    if APP_CONFIG['anonymous_access']
+      it_should_behave_like 'able search'
+    else
+      it_should_behave_like 'not able search'
+    end
+  end
+
+  context 'as user' do
+    before {set_session_for FactoryGirl.create(:user)}
+
+    it_should_behave_like 'able search'
+  end
+end