Marnen Laibow-Koser-2 wrote:
>
> In my opinion this test belongs to the UserSession or User controller
> cause you're testing if a user is authorized not the application. You
> just need to put it into the application controller for its
> application-wide accessibility. Besides that I can't find anything wrong
> in the authorize function. Put it in an user test and it should work.
>
I'm not sure if I agree with you on that point. I have a user model and an
AccessControlController (terrible name I know) which handles the
login/logout actions, and the user model handles encrypting the password and
comparing a password against what's in the database.
What I'm doing in this method is merely checking if the user_id is present
in the session and if that's a valid user id. If it is I do nothing, if it
isn't I retain the uri they were trying to hit and redirect to the login
page.
This is application wide behavior and I feel its correct as far as I
understand the rails pattern to keep it in the application_controller.
Whether this is the right or wrong place for it, is it possible to test the
ApplicationController I should I just never put code into it?
--
View this message in context:
http://old.nabble.com/Finding-it-difficult-to-test-a-before_filter-on-my-ApplicationController-tp28253771p28254089.html
Sent from the RubyOnRails Users mailing list archive at Nabble.com.
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
