测试控制器问题(在Rails 3.2中)

时间:2022-03-19 12:38:32

I created a in-house gem for managing records called 'record_search', which includes a controller named 'ApiController' In one app, I needed to hook in authorization behaviors to prevent the data from being publicly accessible, so I added a ActiveSupport::Concern module to allow the app to add a before_filter. How can I properly test this before_filter? (using rspec)

我创建了一个用于管理名为'record_search'的记录的内部gem,其中包含一个名为'ApiController'的控制器。在一个应用程序中,我需要挂钩授权行为以防止数据被公共访问,所以我添加了一个ActiveSupport ::关注模块允许应用添加before_filter。我怎样才能正确测试这个before_filter? (使用rspec)

In Gem:

app/controllers/api_controller.rb

module RecordSearch
  class ApiController < ApplicationController
    respond_to :json

    def search
      render json: #app-specific code
    end

    def find
      render json: #app-specific code
    end

    include Extensions #define any authorization logic here
  end
end

Local app:

app/controllers/concerns/record_search/extensions.rb

module RecordSearch::Extensions
  extend ActiveSupport::Concern
  include ApplicationHelper #defines current_user method

  included do
    before_filter :require_premium_user, :only => [:find,:search]
  end

  private

  def require_premium_user
    unless current_user
      return render :json => {"error" => "not authorized"}
    end
  end
end

1 个解决方案

#1


0  

Assuming controller is the current controller under test, then you could use:

假设控制器是当前正在测试的控制器,那么您可以使用:

describe "searching when not a premimum user" do
   let(:user) { ... } # code to create a regular user
   before { ... } # code to login user
   it "should return an error message" do
      expect(controller).to receive(:render).with({"error" => "not authorized"})
      # code to trigger find or search
   end
end

with comparable examples for a premium user. See also http://apidock.com/rails/ActionController/Assertions/ResponseAssertions/assert_response, although I'm not familiar with using Rails' assertions.

与高级用户的可比较示例。另请参阅http://apidock.com/rails/ActionController/Assertions/ResponseAssertions/assert_response,尽管我不熟悉使用Rails的断言。

As an aside, the actual require_premium_user code didn't make sense to me.

顺便说一句,实际的require_premium_user代码对我来说没有意义。

#1


0  

Assuming controller is the current controller under test, then you could use:

假设控制器是当前正在测试的控制器,那么您可以使用:

describe "searching when not a premimum user" do
   let(:user) { ... } # code to create a regular user
   before { ... } # code to login user
   it "should return an error message" do
      expect(controller).to receive(:render).with({"error" => "not authorized"})
      # code to trigger find or search
   end
end

with comparable examples for a premium user. See also http://apidock.com/rails/ActionController/Assertions/ResponseAssertions/assert_response, although I'm not familiar with using Rails' assertions.

与高级用户的可比较示例。另请参阅http://apidock.com/rails/ActionController/Assertions/ResponseAssertions/assert_response,尽管我不熟悉使用Rails的断言。

As an aside, the actual require_premium_user code didn't make sense to me.

顺便说一句,实际的require_premium_user代码对我来说没有意义。