I am writing a few low level tests for my controllers to verify security. New to rspec and am seeing some unexpected activity: If I run this spec: describe “GET index” do it “does not load for guest role” do get :new flash[:notice].should match RESTRICTED_PAGE_NOTICE response.should redirect_to(login_path) end Which hits class PracticesController < ApplicationController def index @practices = Practice.all respond_to do |format| format.html # index.html.erb end end end But the controller also inherits from the application controller which: class ApplicationController … when ‘practices’ flash[:notice] = RESTRICTED_PAGE_NOTICE redirect_to login_path if action_name != ‘new’ && action_name != ‘create’ end I have verified the redirect and message in a browser, so this code is executing as expected in ‘reality’. Then why do I get this error:
- PracticesController GET index does not load for guest role Failure/Error: response.should redirect_to(login_path) Expected response to be a <:redirect>, but was <200>. Expected block to return true value.
It is true, if the controller is isolated and not inheriting from the app controller, it would be a 200. But with the app controller it should redirect before it ever hits the method.
The line in the app controller “flash[:notice] = RESTRICTED_PAGE_NOTICE” clearly gets evaluated as the line in the spec “flash[:notice].should match RESTRICTED_PAGE_NOTICE” passes, BUT this line in the app controller “redirect_to login_path if action_name != ‘new’ && action_name != ‘create’” does not get evaluated as rspec says I have a 200 response? I am really confused and don’t like what feels to be a weird paradox…
Can anyone enlighten me?
Thanks,
David
