[rspec-users] Mocking Access Control

Justin Williams carpeaqua at gmail.com
Tue Jul 24 18:33:37 EDT 2007


On 7/24/07, David Chelimsky <dchelimsky at gmail.com> wrote:

> Would you please post the code for the actions as well?

def login
  if request.post?
  begin
    session[:user] = User.authenticate(params[:login][:email],
params[:login][:password]).id

    if current_user.roles.include?(Role.find_by_title("employee")) or
current_user.roles.include?(Role.find_by_title("administrator"))
      redirect_to staff_path
    elsif current_user.roles.include?(Role.find_by_title("tutor"))
      redirect_to toolkit_path
    elsif current_user.roles.include?(Role.find_by_title("client"))
      redirect_to client_path
    end
   rescue
     flash[:warning] = "Your e-mail address or password is invalid."
     render :action => "login"
   end
  end
end


It should also be noted, I realized the specs have two different sets
of credentials.  Modifying this to use a single one doesn't correct
it.  I was just a bit too liberal in my cut/pasting for email.

Thanks!

- j


More information about the rspec-users mailing list