tags:

views:

1412

answers:

2
+3  Q: 

Ruby on Rails functional testing with the RESTful Authentication plugin

I started writing functional tests for my rails app today. I use the RESTful authentication plugin. I ran into a couple confusing things I hope someone can clarify for me.

1) I wrote a quick login function because most of the functions in my rails app require authentication.

def login_as(user)
   @request.session[:user_id] = user ? user.id : nil
end

The issue I see with this function, is it basically fakes authentication. Should I be worried about this? Maybe it is okay to go this route as long as I test the true authentication method somewhere. Or maybe this is terrible practice.

2) The second confusing thing is that in some places in my functional tests, I need the full authentication process to happen. When a user is activated, I have the do_activate method create some initial objects for the user. It is analogous to the creation of a blank notebook object and pen object for a student application, if that makes sense.

So in order to properly test my application, I need the user to hit that activation state so those objects are created. I am currently using Factory Girl to create the user, and then calling the login_as function above to fake authentication.

I guess another option would be to skip the full authentication sequence and just create the blank objects with Factory Girl. I could test the proper authentication somewhere else.

What do you think? If I should go through the proper sequence, why isn't the code below invoking the do_activate function?

user = Factory.create(:user)
user.active = 1
user.save

Thank you!

+1  A: 

Here is a similar question I asked and a bunch of links I pulled together.

srboisvert  2009-05-15 08:43:21
I took a look at that question before I posted but I don't user RSpec. So the links and answers are not too helpful.
Tony  2009-05-15 16:18:14
+2  A: 

Faking it is perfectly acceptable.

However, write other tests that ensure that the things you want protected are protected. So

test "it should show the profile page" do
  user = Factory(:user)
  login_as(user)
  get :show, :id => user
  assert_response :success
end

test "it should not show the profile page cos I'm not logged in" do
  user = Factory(:user)
  get :show, :id => user
  assert_response :redirect
end

Feel free to hit me up for followups!

Brian Hogan  2009-05-16 01:46:50

related questions

Is there a rake task for backing up the data in your database?
How to represent cross-model information in MVC?
WYSIWYG editor gem for Rails?
Best Solution For Authentication in Ruby on Rails
Acts-as-readable Rails plugin Issue
Associating source and search keywords with account creation
Any tips on getting Rails to run with an Access back-end?
Being as DRY as possible in a Ruby on Rails App
How Do You Secure database.yml?
What IDE to use for developing in Ruby on Rails on windows?
Is Ruby On Rails ready for the Enterprise?
OpenID authentication in Ruby on Rails
Why Doesn't My Cron Job Work Properly?
Why does sqlite3-ruby-1.2.2 not work on OS X?
Ruby mixins and calling super methods
Why all the Active Record hate?
Haml: how do I set a dymanic class value?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Ruby On Rails with Windows Vista - Best Setup?
What is good forum software to add to an existing Rails application?
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.