Rails - Dec 2007 - Testing HTTP Basic Authentication

I''m using the new 2.0 HTTP Basic Authentication module mentioned in
the announcement, and having trouble figuring out how to write a
functional tests that will do both positive and negative tests.

The framework documentation has the following snippet:

<<BEGIN SNIPPET>>
In your integration tests, you can do something like this:

  def test_access_granted_from_xml
    get(
      "/notes/1.xml", nil,
      :authorization =>
ActionController::HttpAuthentication::Basic.encode_credentials(users(:dhh).name,
users(:dhh).password)
    )

    assert_equal 200, status
  end
<<END SNIPPET>>

Looking at the code for the test_process implementation of get, the
parameters are: action, parameters = nil, session = nil, flash = nil.

That :authorization hash would actually be part of the session, not
the headers.  I looked around and couldn''t figure out how to set
headers in a test context.


I''d like to add tests to make sure that those sections that require
authentication are guarded and that entering the wrong account/
password fails.

Any suggestions?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Here is the testing code:

class Admin::EventsControllerTest < Test::Unit::TestCase
  fixtures :categories

  def setup
    @controller = Admin::EventsController.new
    @request    = ActionController::TestRequest.new
    @response   = ActionController::TestResponse.new
  end

  def login_as_admin
    @request.env[''HTTP_AUTHORIZATION'']
ActionController::HttpAuthentication::Basic.encode_credentials("admin",
"password")
  end

  def test_all_pages_for_admin_is_protected
    [:index, :edit, :show, :create, :update, :destroy].each do |actione|
      get actione
      assert_response :unauthorized
    end
  end

  def test_index_page_loads_upon_successful_login
    login_as_admin

    get :index, :id => categories(:all).id

    assert_response :success
    assert_template ''index''
    assert assigns(:events)
  end
end

On Dec 23, 2007 6:36 PM, richard-Ym6pGcEhVTrk1uMJSBkQmQ@public.gmane.org
<maymount-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
> I''m using the new 2.0 HTTP Basic Authentication module mentioned
in
> the announcement, and having trouble figuring out how to write a
> functional tests that will do both positive and negative tests.
>
-- 
http://www.rubyplus.org/
Free Ruby Screencasts

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---

Ahh, that makes sense.

The key part being:

  @request.env[''HTTP_AUTHORIZATION'']
ActionController::HttpAuthentication::Basic.encode_credentials("admin",
"password")

Thanks!

On Dec 23, 11:07 pm, "Bala Paranj"
<bcpar...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> Here is the testing code:
>
> class Admin::EventsControllerTest < Test::Unit::TestCase
>   fixtures :categories
>
>   def setup
>     @controller = Admin::EventsController.new
>     @request    = ActionController::TestRequest.new
>     @response   = ActionController::TestResponse.new
>   end
>
>   def login_as_admin
>     @request.env[''HTTP_AUTHORIZATION''] >
ActionController::HttpAuthentication::Basic.encode_credentials("admin",
> "password")
>   end
>
>   def test_all_pages_for_admin_is_protected
>     [:index, :edit, :show, :create, :update, :destroy].each do |actione|
>       get actione
>       assert_response :unauthorized
>     end
>   end
>
>   def test_index_page_loads_upon_successful_login
>     login_as_admin
>
>     get :index, :id => categories(:all).id
>
>     assert_response :success
>     assert_template ''index''
>     assert assigns(:events)
>   end
> end
>
> On Dec 23, 2007 6:36 PM, rich...-Ym6pGcEhVTrk1uMJSBkQmQ@public.gmane.org
<maymo...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>
>
>
> > I''m using the new 2.0 HTTP Basic Authentication module
mentioned in
> > the announcement, and having trouble figuring out how to write a
> > functional tests that will do both positive and negative tests.
>
> --http://www.rubyplus.org/
> Free Ruby Screencasts
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---