[rspec-users] Tests that require a logged in user / session cookie

Phillip Koebbe phillipkoebbe at gmail.com
Fri Aug 26 10:40:28 EDT 2011



On 2011-08-25 11:42 AM, Andrew Premdas wrote:
> On 25 August 2011 14:38, Matthias Siegel <matthiassiegel at gmail.com 
> <mailto:matthiassiegel at gmail.com>> wrote:
>
>
>     On 25/08/2011, at 11:10 AM, Justin Ko wrote:
>
>>
>>
>>     On Wed, Aug 24, 2011 at 6:40 PM, Matthias Siegel
>>     <matthiassiegel at gmail.com <mailto:matthiassiegel at gmail.com>> wrote:
>>
>>         Hi,
>>
>>         I'm fairly new to RSpec with Rails and I'm trying to work out
>>         how I can write request specs for resources that require a
>>         logged in user.
>>
>>         I can't get this one to pass:
>>
>>
>>         describe "GET /admin/account" do
>>
>>          it "should have a 200 status code when logged in" do
>>            post "/login", { :email => @user.email, :password =>
>>         @user.password }
>>            response.should redirect_to("/admin")
>>            response.code.should eq("302")
>>            get "/admin/account"
>>            response.code.should eq("200")
>>          end
>>
>>         end
>>
>>
>>         The login post part works fine and the session gets created
>>         correctly in the login method, but then the test fails at
>>         'get "/admin/account"' because the session suddenly is empty.
>>
>>         I have tried another approach where I set the session
>>         manually, to simulate a logged in user:
>>
>>
>>         describe "GET /admin/account" do
>>
>>          it "should have a 200 status code when logged in" do
>>            session[:user_id] ||= @user.id <http://user.id/>
>>            get "/admin/account"
>>            response.code.should eq("200")
>>          end
>>
>>         end
>>
>>
>>         But again the session arrives empty in my authorisation
>>         method when trying 'get "/admin/account"'.
>>
>>         My guess is that it fails because the session relies on
>>         cookies and in test mode there obviously is no browser and no
>>         cookie.
>>         Are there ways to simulate a logged in user in an app that
>>         creates sessions with cookies?
>>
>>         Thanks for any suggestions
>>
>>
>>     What you are doing *should* work. Are there any before_filters
>>     altering the session? Maybe a gem doing it? Maybe you have an
>>     admin namespace that calls/uses a different session?
>
>
>     I have an admin namespace, but does that effect the normal
>     'session' object in any way?
>
>     I've done some more tests and setting the session in the RSpec
>     code via session[:user_id] =|| @user.id <http://user.id>
>     definitely works, however when the GET request starts, the session
>     is empty in the application_controller before anything else is
>     executed. I still can't figure out where the session gets lost
>     between RSpec and the app. I reduced the gems to a minimum set of
>     Rails, Mongoid, BCrypt, Mail, RSpec, Cucumber and Factory_Girl,
>     but didn't make a difference.
>
>     Forgery protection is disabled for test environment.
>
>     _______________________________________________
>     rspec-users mailing list
>     rspec-users at rubyforge.org <mailto:rspec-users at rubyforge.org>
>     http://rubyforge.org/mailman/listinfo/rspec-users
>
>
> If you are using Cucumber (which is in your minimal set of Gems), you 
> don't need to write this sort of test. A Cucumber feature will already 
> cover this. RSpec has a wealth of testing tools to cover all sorts of 
> different environments/conditions/styles. This makes it very easy for 
> you to waste time writing tests you don't need. For Rails applications 
> with cucumber and rspec, you only really need to write model specs and 
> features (if you keep your controllers, skinny) *. If a test is 
> difficult to do its always worth thinking, Why am I doing this test? 
> Could I do another test thats easier?
>
> HTH
>
> Andrew
>
> * I don't expect everyone to agree with this

I'm of the same opinion on this issue as you, Andrew. I've been trying 
for a long time to keep my controllers skinny, and I've recently been 
thinking that the Cucumber suite should be sufficient for covering them. 
Like you, though, I expect there are quite a few who disagree. But, hey, 
so goes life...

Peace.



More information about the rspec-users mailing list