in one of my functional test, I check the followoing :
def test_user_should_not_show_documents login_as (:quentin) assert_raise (Exceptions::SecurityTransgression) { get :show, :id => 2, :franchise_id => 3 } end
In my controller , I wrote :
before_filter :login_required before_filter :find_parent def show raise SecurityTransgression unless @parent.can_be_edited_by? (current_user) @document = Document.find(params[:id].to_i) ..... end
I wrote the exception class and rescue action in my application.rb class SecurityTransgression < StandardError; end
class ApplicationController < ActionController::Base include AuthenticatedSystem ... def rescue_action_locally(exception) begin case exception when ::Exceptions::SecurityTransgression render :file => "#{RAILS_ROOT}/public/403.html", :status => 403 ...... end
in testing, the exception is raised, (as @parent cannot be edited by the current_user... I checked it...) the log gives a failure I cannot explain :
1) Failure: test_user_should_not_show_documents(DocumentsControllerTest) [./test/functional/documents_controller_test.rb:66:in `test_user_should_not_show_documents' /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.1.0/lib/ active_support/testing/setup_and_teardown.rb:67:in `__send__' /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.1.0/lib/ active_support/testing/setup_and_teardown.rb:67:in `run']: <Exceptions::SecurityTransgression> exception expected but was Class: <SecurityTransgression> Message: <"SecurityTransgression"> ---Backtrace--- /Users/yves/Developpement/Projects/aelmat/intranet/app/controllers/ documents_controller.rb:19:in `show' ........
the exception is expected, but ...
what could be the problem ?
Note : I am using the same assert_raise (Exceptions::SecurityTransgression) in testing another controller without any problem ...
thanks for your suggestions
erwin
