I am writing a few low level tests for my controllers to verify
security.
New to rspec and am seeing some unexpected activity:
If I run this spec:
describe “GET index” do
it “does not load for guest role” do
get :new
flash[:notice].should match RESTRICTED_PAGE_NOTICE
response.should redirect_to(login_path)
end
Which hits
class PracticesController < ApplicationController
def index
@practices = Practice.all
respond_to do |format|
format.html # index.html.erb
end
end
end
But the controller also inherits from the application controller which:
class ApplicationController
…
when ‘practices’
flash[:notice] = RESTRICTED_PAGE_NOTICE
redirect_to login_path if action_name != ‘new’ && action_name
!=
‘create’
end
I have verified the redirect and message in a browser, so this code is
executing as expected in ‘reality’.
Then why do I get this error:
- PracticesController GET index does not load for guest role
Failure/Error: response.should redirect_to(login_path)
Expected response to be a <:redirect>, but was <200>.
Expected block to return true value.
It is true, if the controller is isolated and not inheriting from the
app
controller, it would be a 200. But with the app controller it should
redirect before it ever hits the method.
The line in the app controller “flash[:notice] = RESTRICTED_PAGE_NOTICE”
clearly gets evaluated as the line in the spec “flash[:notice].should
match
RESTRICTED_PAGE_NOTICE” passes, BUT this line in the app controller
“redirect_to login_path if action_name != ‘new’ && action_name !=
‘create’”
does not get evaluated as rspec says I have a 200 response? I am really
confused and don’t like what feels to be a weird paradox…
Can anyone enlighten me?
Thanks,
David