[rspec-users] Where do I find help about user roles?

James Byrne lists at ruby-forum.com
Tue Mar 24 14:27:16 EDT 2009

Stefan Fountain wrote:
> I'm trying to create a scenario with a 'given I am logged in'. I'm
> struggling to find good documentation about this, the rspec/cucumber
> book doesn't have this chapter written yet.
> Could you point me in the right direction? Currently I'm starting to
> use Factory_girl gem to do it but not sure if that is the correct way
> or how cucumber is designed to handle these kinds of 'given's.
> Thanks in advance.

Authentication is a very large topic.  There are a number of 
authentication plugins and gems available (logins).  I happen to use the 
AuthLogic gem at the moment.  There is a fairly good tutorial on 
Authlogic at 

Authorisation (Roles) is a separate matter altogether.  I have a minimal 
authorisation function that simply checks a flag attribute on the user 
model.  This suffices for testing but needs be replaced in production.

Note as well that at the moment I do not use mocks for this stuff.

One of my sample scenarios looks like this:

  Scenario: Add a new client
    Given I do have a user named "authuser"
      And the user named "authuser" authenticates
      And the user named "authuser" is authorized to "add" "clients"

The user steps look like this:

(note: some do not approve of instance @ variables in tests)

When /have an? user named "(.*)"/ do |name|
  Then "add an user named \"#{name}\""

When /(?:add|create) an?(?:new)? user named "(.*)"/ do |name|
  Then "initialise a new user named \"#{name}\""
  Then "should save the new user"

When /initialise a new user named "(.*)"/ do |name|
  @my_new_user = nil
  my_user = User.new
  my_user.username = "#{name}"
  my_user.password = "#{name}-password"
  my_user.password_confirmation = "#{name}-password"
  @my_new_user = my_user

When /should save the new user/ do


The authentication step looks like this:

When /user named "(.*)" authenticates/ do |name|
  visit new_user_session_path
  Then "see an authentication request message"
  Then "enter the username \"#{name}\""
  Then "enter the password \"#{name}-password\""
  Then "press the authenticate button"
  Then "see an authentication success message"
  visit root_path

And so on.  No doubt there are better ways to do it but this works for 

Posted via http://www.ruby-forum.com/.

More information about the rspec-users mailing list