[rspec-users] Tests that require a logged in user / session cookie

Andrew Premdas apremdas at gmail.com
Thu Aug 25 12:42:49 EDT 2011


On 25 August 2011 14:38, Matthias Siegel <matthiassiegel at gmail.com> wrote:

>
> On 25/08/2011, at 11:10 AM, Justin Ko wrote:
>
>
>
> On Wed, Aug 24, 2011 at 6:40 PM, Matthias Siegel <matthiassiegel at gmail.com
> > wrote:
>
>> Hi,
>>
>> I'm fairly new to RSpec with Rails and I'm trying to work out how I can
>> write request specs for resources that require a logged in user.
>>
>> I can't get this one to pass:
>>
>>
>> describe "GET /admin/account" do
>>
>>  it "should have a 200 status code when logged in" do
>>    post "/login", { :email => @user.email, :password => @user.password }
>>    response.should redirect_to("/admin")
>>    response.code.should eq("302")
>>    get "/admin/account"
>>    response.code.should eq("200")
>>  end
>>
>> end
>>
>>
>> The login post part works fine and the session gets created correctly in
>> the login method, but then the test fails at 'get "/admin/account"' because
>> the session suddenly is empty.
>>
>> I have tried another approach where I set the session manually, to
>> simulate a logged in user:
>>
>>
>> describe "GET /admin/account" do
>>
>>  it "should have a 200 status code when logged in" do
>>    session[:user_id] ||= @user.id
>>    get "/admin/account"
>>    response.code.should eq("200")
>>  end
>>
>> end
>>
>>
>> But again the session arrives empty in my authorisation method when trying
>> 'get "/admin/account"'.
>>
>> My guess is that it fails because the session relies on cookies and in
>> test mode there obviously is no browser and no cookie.
>> Are there ways to simulate a logged in user in an app that creates
>> sessions with cookies?
>>
>> Thanks for any suggestions
>>
>
> What you are doing *should* work. Are there any before_filters altering the
> session? Maybe a gem doing it? Maybe you have an admin namespace that
> calls/uses a different session?
>
>
>
> I have an admin namespace, but does that effect the normal 'session' object
> in any way?
>
> I've done some more tests and setting the session in the RSpec code via
> session[:user_id] =|| @user.id definitely works, however when the GET
> request starts, the session is empty in the application_controller before
> anything else is executed. I still can't figure out where the session gets
> lost between RSpec and the app. I reduced the gems to a minimum set of
> Rails, Mongoid, BCrypt, Mail, RSpec, Cucumber and Factory_Girl, but didn't
> make a difference.
>
> Forgery protection is disabled for test environment.
>
> _______________________________________________
> rspec-users mailing list
> rspec-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/rspec-users
>

If you are using Cucumber (which is in your minimal set of Gems), you don't
need to write this sort of test. A Cucumber feature will already cover this.
RSpec has a wealth of testing tools to cover all sorts of different
environments/conditions/styles. This makes it very easy for you to waste
time writing tests you don't need. For Rails applications with cucumber and
rspec, you only really need to write model specs and features (if you keep
your controllers, skinny) *. If a test is difficult to do its always worth
thinking, Why am I doing this test? Could I do another test thats easier?

HTH

Andrew

* I don't expect everyone to agree with this



-- 
------------------------
Andrew Premdas
blog.andrew.premdas.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/rspec-users/attachments/20110825/0fa59445/attachment.html>


More information about the rspec-users mailing list