Daniel N wrote:
>
>
> On 7/17/07, *Ryan Tucker* <[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>> wrote:
>
> Daniel N wrote:
> >
> >
> > On 7/17/07, *Ryan Tucker* <[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>
> > <mailto:[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>>> wrote:
> >
> > Ryan Tucker wrote:
> > > Thank you in advance for your help. I am relatively new
> to both
> > Rails
> > > and Rspec and I am hoping for some insight from some
> experienced
> > veterans.
> > >
> > > Right now I am using Rspec for code that has already been
> > written so
> > > that additional functionality can be developed using the BDD
> > method. My
> > > problem shows up when I try to spec controllers that are
> behind the
> > > login system. Each page checks for the session[:user], and if
> > they do
> > > not exists, requires them to login. Logging in is handled
> by one
> > > controller (the Admin controller) and I want to access a
> page under
> > > another controller (say a Students controller).
> > >
> > > In my students_controller_spec.rb, I want want to make sure
> > > http://test.host/students is successfully displayed, so I
> wrote
> > > something like:
> > >
> > > it "should be successful" do
> > > get :index
> > > response.should be_success
> > > end
> > >
> > > The problem is that is keeps redirecting to my login page at
> > > http://test.host/login. I tried then setting
> session[:user] and
> > doing a
> > > post to my login page to simulate a login so that I could
> access the
> > > correct page, but that does not seem to work. I tried a
> number of
> > > things, including the following:
> > >
> > > def do_login
> > > @user = User.find(:first, :conditions => ['username = ?' ,
> > 'ryan'] )
> > > session[:user] = @ user.id <http://user.id> <http://user.id>
> > > post :login, :path => []
> > > end
> > >
> > > describe StudentsController do
> > > it "should be successful" do
> > > do_login
> > > get :index
> > > response.should be_success
> > > end
> > > end
> > >
> > > This still results in being redirected to the login page at
> > > http://test.host/login when I want to go to
> > http://test.host/students.
> > > Also, I realize I am actually doing a call on my test
> database for
> > > this. Part of the reason is that code that called during
> login
> > checks
> > > fields of a user. The other reason is I could not get it to
> > work using
> > > stubs, but that might just have been because I was not using
> > them properly.
> > >
> > > Any insight will be helpful, thanks!
> > >
> > > -Ryan
> > > _______________________________________________
> > > rspec-users mailing list
> > > [email protected]
> <mailto:[email protected]> <mailto:
> [email protected] <mailto:[email protected]>>
> > > http://rubyforge.org/mailman/listinfo/rspec-users
> > >
> > Forgot one thing.
> >
> > In trying to do the post, I get the error that "No action
> > responded to
> > login" suggesting that I am not properly accessing the login
> > function in
> > my Admin controller.
> >
> > Thanks again,
> > Ryan
> >
> >
> >
> > Ryan, the login action is being called on
> your StudentsController and
> > so it's not found.
> >
> > If it's the presence of the session[:user] that tells the
> > before_filter that your logged in, the you don't need to do the
> post.
> > In fact you shouldn't post, since as you found out if you post to
> > login, your posting to the login action of the controller your
> > currently in. Bad. Your setting the session and you shouldn't need
> > to do any more.
> >
> > HTH
> > Daniel
> >
> >
> >
> ------------------------------------------------------------------------
>
> >
> > _______________________________________________
> > rspec-users mailing list
> > [email protected] <mailto:[email protected]>
> > http://rubyforge.org/mailman/listinfo/rspec-users
> Thanks, Daniel.
>
> That was my understanding as well, but, for some reason, that has not
> been enough. The post was an attempt to simulate an actual login by
> posting to another controller (I know it was bad...) since just
> setting
> the session[:user] was not a success. Thank you for your help though.
>
> Take care,
> Ryan
>
>
> Can you post your before_filter method that checks if your logged in?
>
> Also your login method in your Admin controller.
>
> Cheers
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> rspec-users mailing list
> [email protected]
> http://rubyforge.org/mailman/listinfo/rspec-users
# The Logins are to track a users activity, and this supports
# when a user wants to access a page and needs to login first, sending
them to it after they login.
# Authenticate checks the username and password against the username
and password in the
# database.
def login
if request.post?
if @current_user = User.authenticate(params[:username],
params[:password])
login = Login.create(:remote_ip => request.remote_ip.to_s,
:user_agent => request.user_agent.to_s, :http_vars => request.env)
@current_user.logins << login
session[:user] = @current_user.id
uri = session[:original_uri]
session[:original_uri] = nil
redirect_to uri || home_url
return
else
flash[:error] = "Access denied"
end
end
if session[:user]
redirect_to home_url
return false
end
set_page_title "Log In"
end
# This checks that there is a current user, and checks if they are active
# In my case, I am keeping track of whether or not I have disabled
# a user. active?() returns true so long as they are have not been
deactivated.
def check_authentication
unless @current_user and @current_user.active?
session[:original_uri] = request.request_uri
redirect_to log_in_url
return false
end
true
end
Thank you again for your help.
Take care,
Ryan
_______________________________________________
rspec-users mailing list
[email protected]
http://rubyforge.org/mailman/listinfo/rspec-users
