I’m following the new version of Rails Tutorial. Chapter 9, exercise 5 asks to ensure that registered users can not access the new and create methods in the users controller:
Signed-in users have no reason to access the new
and create
actions in the Users controller. Arrange for such users to be redirected to the root url if they do try to hit those pages.
To do this, I added a before filter to the users_controller.rb to check if a user is signed in on new and create:
before_filter :registered_user, only: [:new, :create]
def registered_user
redirect_to user_path(current_user) if signed_in?
end
The before filter uses the same method (signed_in?) that my authentication system uses to check if the user is signed. In browser testing, the behavior works as expected. I can’t, however, get RSpec to play nice: The second test that checks for a redirect fails:
describe “visiting the sign up page” do
before { visit sign_up_path }
it { should_not have_selector(‘h1’, text: ‘Sign Up’) }
it { should_not have_selector(‘title’, text: full_title(‘Sign Up’)) }
end
This fails
describe “submitting to the create action” do
before { post users_path(user) }
specify { response.should redirect_to(user_path(user)) }
end
Giving me the following message:
- AuthenticationPages signin with valid information submitting to the create action
Failure/Error: specify { response.should redirect_to(user_path(user)) }
Expected response to be a <:redirect>, but was <200>
./spec/requests/authentication_pages_spec.rb:50:in `block (5 levels) in <top (required)>’
Any idea why this is happening?