[rspec-users] Where do I find help about user roles?

James Byrne lists at ruby-forum.com
Tue Mar 24 14:27:16 EDT 2009


Stefan Fountain wrote:
> I'm trying to create a scenario with a 'given I am logged in'. I'm
> struggling to find good documentation about this, the rspec/cucumber
> book doesn't have this chapter written yet.
> 
> Could you point me in the right direction? Currently I'm starting to
> use Factory_girl gem to do it but not sure if that is the correct way
> or how cucumber is designed to handle these kinds of 'given's.
> 
> Thanks in advance.

Authentication is a very large topic.  There are a number of 
authentication plugins and gems available (logins).  I happen to use the 
AuthLogic gem at the moment.  There is a fairly good tutorial on 
Authlogic at 
http://www.binarylogic.com/2008/11/3/tutorial-authlogic-basic-setup.

Authorisation (Roles) is a separate matter altogether.  I have a minimal 
authorisation function that simply checks a flag attribute on the user 
model.  This suffices for testing but needs be replaced in production.

Note as well that at the moment I do not use mocks for this stuff.

One of my sample scenarios looks like this:

  Scenario: Add a new client
    Given I do have a user named "authuser"
      And the user named "authuser" authenticates
      And the user named "authuser" is authorized to "add" "clients"
 ...

The user steps look like this:

(note: some do not approve of instance @ variables in tests)

When /have an? user named "(.*)"/ do |name|
  Then "add an user named \"#{name}\""
end

When /(?:add|create) an?(?:new)? user named "(.*)"/ do |name|
  User.find_by_username(name).destroy
  Then "initialise a new user named \"#{name}\""
  Then "should save the new user"
end

When /initialise a new user named "(.*)"/ do |name|
  @my_new_user = nil
  my_user = User.new
  my_user.username = "#{name}"
  my_user.password = "#{name}-password"
  my_user.password_confirmation = "#{name}-password"
...
  @my_new_user = my_user
end

When /should save the new user/ do
  @my_new_user.save!
end

...

The authentication step looks like this:

When /user named "(.*)" authenticates/ do |name|
  visit new_user_session_path
  Then "see an authentication request message"
  Then "enter the username \"#{name}\""
  Then "enter the password \"#{name}-password\""
  Then "press the authenticate button"
  Then "see an authentication success message"
  visit root_path
  have_no_selector("#authentication_request")
end


And so on.  No doubt there are better ways to do it but this works for 
me.

HTH
-- 
Posted via http://www.ruby-forum.com/.


More information about the rspec-users mailing list