[rspec-users] specs on private methods

Zach Dennis zach.dennis at gmail.com
Fri Jan 11 13:07:58 EST 2008

On Jan 11, 2008 12:56 PM, Cody P. Skidmore <cody at skidmore.us> wrote:
> Thank you Zach.  I was just about to ask about this.  I'm just getting
> started with restful_authentication and have missed the context of your
> point.  restful_authentication is such a huge improvement over what I'm
> use to.
> Could you elaborate just a little on the use context in controllers?  Is
> this called from the "authenticate" method in the controller?

Here is a before filter in our ApplicationController for attempting to
log the user in from a cookie:

Here is what we have in our application controller as a before filter
for logging in from a controller:

  def login_from_cookie
    session[:invitation_code] = params[:code] if params[:code]
    unless logged_in?
      login = @login_manager.login_from_cookie(cookies, session)
      if login.successful?
        flash[:notice] = login.message
        self.current_user = login.user
        unless login.return_to.blank?
          redirect_to login.return_to
          return false

And here is our SessionsController#create method for how to log in a
user from their credentials:

  def create
    login = @login_manager.login_with_credentials(params[:login],
session, cookies)
    if login.successful?
      self.current_user = login.user
      flash[:notice] = login.message
      redirect_to(login.return_to || home_path)
      session[:return_to] = nil
      flash[:error] = login.message
      redirect_to signup_path(:login => {:email => params[:login][:email]})

You'll notice that we already have a @login_manager instance variable
accessible in both cases. This is because of our use of the Injection
plugin to automatically assign one for us from a global application
context. You don't have to do that (but we like it because it
decouples our controllers from implementation). You could construct a
LoginManager where you need it, ie:

We didn't set the methods up as class methods on LoginManager (ie:
LoginManager.login_with_credentials) because we like to work with
instances. We feel they are easier to test and refactor and it helps
us avoid the temptation of adding class methods and instance methods
which often times can lead to mixing multiple responsibilities onto an
object. We're big fan of single responsibility.


Zach Dennis

More information about the rspec-users mailing list