Forum: Ruby on Rails Testing with login engine: Best practices?

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
sross (Guest)
on 2005-11-28 03:49
(Received via mailing list)
I¹m using the login engine, but when it got to retesting, I noodled over
to get logged in before my tests for protected pages. What I settled on:

# test_helper.rb

  def get_logged_in
    @request.session[:user] = User.find_first
    assert_not_nil @request.session[:user]
    @request.session[:user].logged_in_at =

Then in my tests, each method protected by login calls get_logged_in.
Questions: 1) Is this flawed? 2) Is there a better way to handle this?

james.adam (Guest)
on 2005-11-28 10:28
(Received via mailing list)
If you're testing, you don't need to updated the logged_in_at field...

Another option, if you don't actually want to test the security but
instead focus on the behaviour of your own controllers, is to disabled
the filter when testing. In

  class YourController;
    # we don't want to test authorization here
    skip_before_filter :authorize_action

    # Raise errors beyond the default web-based presentation
    def rescue_action(e) raise e end;

  class RoleControllerTest < Test::Unit::TestCase

    fixtures ...
    def setup()
      # put a user into the session if your actions will expect one
      @request.session[:user] = User.find...(whatever)



- james
This topic is locked and can not be replied to.