Back story:
I’m developing a new Rails site for the local Ruby user group. I’m using Devise to provide authentication for separate user and admin classes.
Current task:
I’m working on the create/new function for the sponsor class. Sponsors are an independent class and are not tied to users, admins, or other classes. However, only admins should be allowed to create sponsors.
The problem:
In my sponsor controller tests, I’m unable to prevent users and unauthenticated visitors from creating new sponsors without also preventing admins from doing so. Troubleshooting with the puts command reveals that the admin_signed_in? value is false EVEN AFTER loggin in.
Excerpt from test/controllers/sponsors_controller_test.rb:
test 'superadmin can create a new sponsor' do
login_as @a1
assert_difference 'Sponsor.count', 1 do
add_past
end
assert_difference 'Sponsor.count', 1 do
add_current
end
logout :admin
end
test 'regular admin can create a new sponsor' do
login_as @a3
assert_difference 'Sponsor.count', 1 do
add_past
end
assert_difference 'Sponsor.count', 1 do
add_current
end
logout :admin
end
test 'user cannot create a new sponsor' do
login_as @u1
assert_no_difference 'Sponsor.count' do
add_past
end
assert_no_difference 'Sponsor.count' do
add_current
end
logout :user
end
test 'an unregistered visitor cannot create a new sponsor' do
assert_no_difference 'Sponsor.count' do
add_past
end
assert_no_difference 'Sponsor.count' do
add_current
end
end
On 11 December 2015 at 17:54, Jason Hsu, Ruby on High Speed Rails
Back story:
I'm developing a new Rails site for the local Ruby user group. I'm using
Devise to provide authentication for separate user and admin classes.
Current task:
I'm working on the create/new function for the sponsor class. Sponsors are
an independent class and are not tied to users, admins, or other classes.
However, only admins should be allowed to create sponsors.
The problem:
In my sponsor controller tests, I'm unable to prevent users and
unauthenticated visitors from creating new sponsors without also preventing
admins from doing so. Troubleshooting with the puts command reveals that
the admin_signed_in? value is false EVEN AFTER loggin in.
You do not appear to have shown us the admin_signed_in? method.
Thanks. Yes, this was the problem. Now I understand that this is the proper procedure for logging in for functional tests.
This raises another question: Given my use of if statements in my def create function, is there any point to using before_filter or before_action in the controller? The before_filter/before_action statement doesn’t replace the need for those if statements.
Thanks. Yes, this was the problem. Now I understand that this is the proper procedure for logging in for functional tests.
This raises another question: Given my use of if statements in my def create function, is there any point to using before_filter or before_action in the controller? The before_filter/before_action statement doesn’t replace the need for those if statements.
You could have a before_action that was something like: