[rspec-users] how to mock/stub restful_authenticated and acl2-ized actions

Glenn Ford glenn at aldenta.com
Tue Apr 8 12:13:00 EDT 2008


While my approach might not be the best, since I don't  
stub :login_required, it still serves me well.  I would do something  
like this:

user = mock_model(User, :operator => true)
controller.stub!(:current_user).and_return(user)

login_required will find the 'current_user' and be happy.  I don't  
know if the :operator => true thing will cut it for your other check,  
but that should get you on the right track.

I hope that helps!
Glenn

On Apr 8, 2008, at 10:03 AM, Giuseppe Bertini wrote:

> Dear all,
>
> I am wondering how to properly mock/stub out the preliminary steps to
> actions protected by restful_authentication and acl_system2 (role- 
> based
> authorization to execute actions). Here's my setup:
>
> class User < ActiveRecord::Base
>  has_and_belongs_to_many :roles
>  has_many :tasks
>  [snip]
> end
>
> class Task < ActiveRecord::Base
>  belongs_to :user
> end
>
> I also have a Role class that habtm :users
>
> Now, for the controller that I need to spec:
>
> class TasksController < ApplicationController
>  before_filter :login_required
>  access_control :DEFAULT => 'operator'
>
>  def index
>    @tasks = current_user.tasks
>  end
> end
>
> Two interesting things happen here. First, access to the index  
> action is
> only granted after checking that the user is logged-in *and* that  
> she is
> an 'operator'. Second, the tasks method is called on current_user,  
> which
> is available to all controllers that include AuthenticatedSystem.
>
> I can easily write a few specs for this controller if I use a
> fixture_scenario and login_as (see below). On the other hand, I am
> trying to learn to abide to the "hey, dont touch that!" database  
> thing.
> As a novice, the task of setting up examples in which authentication &
> authorization are satisfied, and where current_user still responds
> properly appears daunting. But then again, I *am* a novice!
>
> Thank you all in advance,
> Giuseppe
>
>
> ###############
> # my current specs
> ###############
> include AuthenticatedTestHelper
> describe TasksController, "with a logged-in user having 'operator'
> privileges" do
>  scenario :users_and_roles
>  before(:each) do
>    login_as :giuseppe # based on the fixtures, giuseppe is now a
> logged-in operator
>  end
>
>  describe "getting the index" do
>
>    before(:each) do
>      @tasks = mock_model(Task)
>      Task.stub!(:find).and_return([@tasks])
>    end
>
>    it "should render index" do
>      get :index
>      response.should render_template('index')
>    end
>
>    it "should assign to the @tasks instance variable" do
>      get :index
>      assigns[:tasks].should ==[@tasks]
>    end
>  end
> end
> -- 
> Posted via http://www.ruby-forum.com/.
> _______________________________________________
> rspec-users mailing list
> rspec-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/rspec-users



More information about the rspec-users mailing list