I have a correct_user() before filter that passes all my tests:
class UsersController < ApplicationController before_filter :authenticate, :only => [:edit, :update] before_filter :correct_user, :only => [:edit, :update]
... ...
private def correct_user user = User.find(params[:id]) redirect_to(root_path) unless get_user_from_session == user end
But if I change the before filter to this:
def correct_user redirect_to(root_path) unless get_user_from_session.id.to_s == params[:id] end
all kinds of things start failing. Here's an example:
1) UsersController GET edit should be successful Failure/Error: response.should be_success expected success? to return true, got false # ./spec/controllers/users_controller_spec.rb:15:in `block (3 levels) in <top (required)>'
and the test:
describe UsersController do render_views
describe "GET edit" do before(:each) do @user = Factory(:user) test_sign_in(@user) end
it "should be successful" do get :edit, :id => @user response.should be_success end
What is the difference between:
def correct_user user = User.find(params[:id]) redirect_to(root_path) unless get_user_from_session == user end
and:
def correct_user redirect_to(root_path) unless get_user_from_session.id.to_s == params[:id] end