Tonight I installed the ‘restful authentication’ plugin. The first thing
I always do, after following the ‘setup’ instructions from the
generator, is run the plugin’s tests. Plus, I copied the proper
‘include’ line from the session_controller.rb to
application_controller.rb.
The plugin failed several tests on its session_controller. Has anyone
else seen this?
cremes$ ruby sessions_controller_test.rb
Loaded suite sessions_controller_test
Started
.FFF…
Finished in 0.198387 seconds.
Failure:
test_should_fail_cookie_login(SessionsControllerTest)
[sessions_controller_test.rb:74]:
is not true.
Failure:
test_should_fail_expired_cookie_login(SessionsControllerTest)
[sessions_controller_test.rb:67]:
is not true.
Failure:
test_should_fail_login_and_not_redirect(SessionsControllerTest)
[/Users/cremes/Documents/development/ruby/library/config/…/vendor/rails/actionpack/lib/action_controller/assertions/response_assertions.rb:26:in assert_response' /Users/cremes/Documents/development/ruby/library/config/../vendor/rails/actionpack/lib/action_controller/assertions/response_assertions.rb:18:inassert_response’
sessions_controller_test.rb:29:in
`test_should_fail_login_and_not_redirect’]:
Expected response to be a <:success>, but was <302>
9 tests, 12 assertions, 3 failures, 0 errors
I confirmed that it is allowing logins where the password is clearly
incorrect.
Also, I ran ‘rake tmp:clear’ to clear out all session files and other
cruft.
This is on OSX 10.4.8 with Ruby 1.8.4 running Rails 1.2RC1 and the
latest restful authentication plugin from its home repository.
It seems to me that logged_in is returning the symbol :false instead of
false. On my system, :false evaluates to true.
treybean$ irb
irb(main):001:0> a = :false
=> :false
irb(main):002:0> a
=> :false
irb(main):003:0> if a
irb(main):004:1> puts “a must be true”
irb(main):005:1> else
irb(main):006:1* puts “a must be false”
irb(main):007:1> end
a must be true
=> nil
irb(main):008:0>
I wonder if this is a recent change, or possibly something that might
be fixed my upgrading to Ruby 1.8.5
It seems to me that logged_in is returning the symbol :false instead of
false. On my system, :false evaluates to true.
Yes, I just tracked this down myself. All over authenticated_system.rb
the author uses the symbol :false when I think he means the value false.
For example:
def logged_in?
current_user ||= :false
end
Interestingly, changing every occurrence of :false to false doesn’t
magically make all the tests complete successfully. Tests that used to
work now fail and the tests that failed now work.
I wonder if this is a recent change, or possibly something that might
be fixed my upgrading to Ruby 1.8.5
I definitely think Rick meant to use the symbol. After all, he even
uses this as a condition in current_user=. I looked at the svn log and
see that he made these changes yesterday. Regression maybe? My bet is
still on the version of ruby.
I definitely think Rick meant to use the symbol. After all, he even
uses this as a condition in current_user=. I looked at the svn log
and
see that he made these changes yesterday. Regression maybe? My
bet is
still on the version of ruby.
Any suggestions on a stable tag for restful_authentication? I’d like
to give a stable version of it a test drive.
I use :false, because if I used false or nil it would hit the db again
after each hit. If someone wants to submit a patch with fixed tests,
that’d be great. I’m using this code in 2 apps now and it works fine.
I think there are some instances where it’s expecting current_user to
return nil/false. Just use logged_in? instead.
I use :false, because if I used false or nil it would hit the db again
after each hit. If someone wants to submit a patch with fixed tests,
that’d be great. I’m using this code in 2 apps now and it works fine.
I think there are some instances where it’s expecting current_user to
return nil/false. Just use logged_in? instead.
Oh, apparently != is not the same as ||= . Silly mistake, it’s fixed
now.
