I'm using the new 2.0 HTTP Basic Authentication module mentioned in the announcement, and having trouble figuring out how to write a functional tests that will do both positive and negative tests.
The framework documentation has the following snippet:
<<BEGIN SNIPPET>> In your integration tests, you can do something like this:
def test_access_granted_from_xml get( "/notes/1.xml", nil, :authorization => ActionController::HttpAuthentication::Basic.encode_credentials(users(:dhh).name, users(:dhh).password) )
assert_equal 200, status end <<END SNIPPET>>
Looking at the code for the test_process implementation of get, the parameters are: action, parameters = nil, session = nil, flash = nil.
That :authorization hash would actually be part of the session, not the headers. I looked around and couldn't figure out how to set headers in a test context.
I'd like to add tests to make sure that those sections that require authentication are guarded and that entering the wrong account/ password fails.
Any suggestions?