> -----Original Message-----
> From: rspec-users-bounces at rubyforge.org [mailto:rspec-users-bounces at
rubyforge.org] On Behalf Of David Chelimsky
> Sent: Wednesday, May 27, 2009 5:55 PM
> To: rspec-users
> Subject: Re: [rspec-users] spec for authenticated user
>> ? before_filter :requires_user,
>> ?????????????? :except => :create
>>
>> ?def show
>> ? #-------
>>
>> ??? # the currently authenticated user
>> ??? @user = user
>>
>> ? end
>>
>> How shall?we check the currently authenticated user using rspec?
>
> What''s in requires_user?
On Wed, May 27, 2009 at 8:40 AM, Diwakar, ANGLER - EIT
<diwakar at angleritech.com> wrote:> private; def requires_user
> if user.nil?
>
> if request.format.html?
>
> session[ :redirected_from ] ||= request.env[ "REQUEST_URI"
]
>
> redirect_to( sign_in_url )
> else
> render( :status => 403, :text => ''An authenticated
user is required.'' )
> end
> end
>
> end
What''s setting the "user" variable before #requires_user is
called? Or
is "user" a method inside that controller?
Ignoring that question for a moment, all you need to do is write out
(on paper/in Vim/whatever) the behaviour of each scenario that can
occur while traversing through this controller. For example, one
[verbose] scenario is:
"When a user who''s not logged-in and whose session isn''t
being
redirected requests HTML from FooBarsController#show , they should be
redirected to the sign-up page."
Once you have the behaviour of each scenario mapped out, write specs
for each scenario.
When that''s all done, I recommend writing your specs before you write
code.
-Nick