Forum: RSpec Where do I find help about user roles?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Stefan F. (Guest)
on 2009-03-24 17:30
(Received via mailing list)
I'm trying to create a scenario with a 'given I am logged in'. I'm
struggling to find good documentation about this, the rspec/cucumber
book doesn't have this chapter written yet.

Could you point me in the right direction? Currently I'm starting to
use Factory_girl gem to do it but not sure if that is the correct way
or how cucumber is designed to handle these kinds of 'given's.

Thanks in advance.
James B. (Guest)
on 2009-03-24 20:27
Stefan F. wrote:
> I'm trying to create a scenario with a 'given I am logged in'. I'm
> struggling to find good documentation about this, the rspec/cucumber
> book doesn't have this chapter written yet.
>
> Could you point me in the right direction? Currently I'm starting to
> use Factory_girl gem to do it but not sure if that is the correct way
> or how cucumber is designed to handle these kinds of 'given's.
>
> Thanks in advance.

Authentication is a very large topic.  There are a number of
authentication plugins and gems available (logins).  I happen to use the
AuthLogic gem at the moment.  There is a fairly good tutorial on
Authlogic at
http://www.binarylogic.com/2008/11/3/tutorial-auth....

Authorisation (Roles) is a separate matter altogether.  I have a minimal
authorisation function that simply checks a flag attribute on the user
model.  This suffices for testing but needs be replaced in production.

Note as well that at the moment I do not use mocks for this stuff.

One of my sample scenarios looks like this:

  Scenario: Add a new client
    Given I do have a user named "authuser"
      And the user named "authuser" authenticates
      And the user named "authuser" is authorized to "add" "clients"
 ...

The user steps look like this:

(note: some do not approve of instance @ variables in tests)

When /have an? user named "(.*)"/ do |name|
  Then "add an user named \"#{name}\""
end

When /(?:add|create) an?(?:new)? user named "(.*)"/ do |name|
  User.find_by_username(name).destroy
  Then "initialise a new user named \"#{name}\""
  Then "should save the new user"
end

When /initialise a new user named "(.*)"/ do |name|
  @my_new_user = nil
  my_user = User.new
  my_user.username = "#{name}"
  my_user.password = "#{name}-password"
  my_user.password_confirmation = "#{name}-password"
...
  @my_new_user = my_user
end

When /should save the new user/ do
  @my_new_user.save!
end

...

The authentication step looks like this:

When /user named "(.*)" authenticates/ do |name|
  visit new_user_session_path
  Then "see an authentication request message"
  Then "enter the username \"#{name}\""
  Then "enter the password \"#{name}-password\""
  Then "press the authenticate button"
  Then "see an authentication success message"
  visit root_path
  have_no_selector("#authentication_request")
end


And so on.  No doubt there are better ways to do it but this works for
me.

HTH
James B. (Guest)
on 2009-03-24 20:37
James B. wrote:

> When /(?:add|create) an?(?:new)? user named "(.*)"/ do |name|
>   User.find_by_username(name).destroy

s/b
  User.find_by_username(name).destroy if User.find_by_username(name)

Sorry about that.
Andrew P. (Guest)
on 2009-03-24 21:13
(Received via mailing list)
Have a look at fbrp http://github.com/diabolo/fbrp/tree/master , it has
a
feature based rewrite of RestfulAuthentications tests, using
Object_Daddy
and Cucumber. Lots of logging in without using features

HTH

Andrew

2009/3/24 Stefan F. <removed_email_address@domain.invalid>
This topic is locked and can not be replied to.