Ruby On Rails Classroom image

Neha  Jaggi / Professional / Web Technology

To post your Question Join Classroom
Lesson Topics's No:-  |1 | 2 | 3|Last
Lessons:- Requiring Signed-in Users

  Requiring Signed-in Users

Since the security restrictions for the edit and update actions are identical, we’ll handle them in a single RSpec describe block. Starting with the sign-in requirement, our initial tests verify that non-signed-in users attempting to access either action are simply sent to the signin page, as seen in Listing 9.11.




The code in Listing 9.11 introduces a second way, apart from Capybara’s visit method, to access a controller action: By issuing the appropriate HTTP request directly, in this case using the put method to issue a PUT request:


describe  "submitting to the update action"  do
    before { put user path(user) }
    specify { response.should redirect to(signin path) }


This issues a PUT request directly to /users/1, which gets routed to the update action of the Users controller (Table 7.1). This is necessary because there is no way for a browser to visit the update action directly—it can only get there indirectly by submitting the edit form—so Capybara can’t do it either. But visiting the edit page only tests the authorization for the edit action, not for update. As a result, the only way to test the proper authorization for the update action itself is to issue a direct request. (As you might guess, in addition to put Rails tests support get, post, and delete as well.)

      When using one of the methods to issue HTTP requests directly, we get access to the low-level response object. Unlike the Capybara page object, response lets us test for the server response itself, in this case verifying that the update action responds by redirecting to the signin page:

specify { response.should redirect to(signin path) }



Neha  Jaggi

Skills    Ruby On Rails

Qualifications :- High School - , College/University - Graphic Era Hill University, Dehradun, College/University - ,
Location :-Dehradun,Dehradun,UTTARAKHAND,India

Experienced Software Developer with a demonstrated history of working in the Information Technology and services industry. Skilled in Web Technologies (Ruby on Rails, PostgreSQL, php, Laravel and AJAX). 


  Students (0)