[rspec-users] Getting past my login system

Daniel N has.sox at gmail.com
Mon Jul 16 22:32:37 EDT 2007


On 7/17/07, Ryan Tucker <rctucker at u.washington.edu> wrote:
>
> Ryan Tucker wrote:
> > Thank you in advance for your help.  I am relatively new to both Rails
> > and Rspec and I am hoping for some insight from some experienced
> veterans.
> >
> > Right now I am using Rspec for code that has already been written so
> > that additional functionality can be developed using the BDD method. My
> > problem shows up when I try to spec controllers that are behind the
> > login system.  Each page checks for the session[:user], and if they do
> > not exists, requires them to login.  Logging in is handled by one
> > controller (the Admin controller) and I want to access a page under
> > another controller (say a Students controller).
> >
> > In my students_controller_spec.rb, I want want to make sure
> > http://test.host/students is successfully displayed, so I wrote
> > something like:
> >
> >   it "should be successful" do
> >     get :index
> >     response.should be_success
> >   end
> >
> > The problem is that is keeps redirecting to my login page at
> > http://test.host/login.  I tried then setting session[:user] and doing a
> > post to my login page to simulate a login so that I could access the
> > correct page, but that does not seem to work.  I tried a number of
> > things, including the following:
> >
> > def do_login
> >   @user = User.find(:first, :conditions => ['username = ?' , 'ryan'] )
> >   session[:user] = @user.id
> >   post :login, :path => []
> > end
> >
> > describe StudentsController do
> >   it "should be successful" do
> >     do_login
> >     get :index
> >     response.should be_success
> >   end
> > end
> >
> > This still results in being redirected to the login page at
> > http://test.host/login when I want to go to http://test.host/students.
> > Also, I realize I am actually doing a call on my test database for
> > this.  Part of the reason is that code that called during login checks
> > fields of a user.  The other reason is I could not get it to work using
> > stubs, but that might just have been because I was not using them
> properly.
> >
> > Any insight will be helpful, thanks!
> >
> > -Ryan
> > _______________________________________________
> > rspec-users mailing list
> > rspec-users at rubyforge.org
> > http://rubyforge.org/mailman/listinfo/rspec-users
> >
> Forgot one thing.
>
> In trying to do the post, I get the error that "No action responded to
> login" suggesting that I am not properly accessing the login function in
> my Admin controller.
>
> Thanks again,
> Ryan



Ryan, the login action is being called on your  StudentsController and so
it's not found.

If it's the presence of the session[:user] that tells the before_filter that
your logged in, the you don't need to do the post.  In fact you shouldn't
post, since as you found out if you post to login, your posting to the login
action of the controller your currently in.  Bad.  Your setting the session
and you shouldn't need to do any more.

HTH
Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://rubyforge.org/pipermail/rspec-users/attachments/20070717/eeba2f1f/attachment-0001.html 


More information about the rspec-users mailing list