If you’re testing, you don’t need to updated the logged_in_at field…
Another option, if you don’t actually want to test the security but
instead focus on the behaviour of your own controllers, is to disabled
the filter when testing. In
RAILS_ROOT/test/functional/your_controller_test.rb:
class YourController;
# we don’t want to test authorization here
skip_before_filter :authorize_action
# Raise errors beyond the default web-based presentation
def rescue_action(e) raise e end;
end
class RoleControllerTest < Test::Unit::TestCase
fixtures ...
def setup()
...
# put a user into the session if your actions will expect one
@request.session[:user] = User.find...(whatever)
end
....
end
james
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.