Where do I find help about user roles?

I’m trying to create a scenario with a ‘given I am logged in’. I’m
struggling to find good documentation about this, the rspec/cucumber
book doesn’t have this chapter written yet.

Could you point me in the right direction? Currently I’m starting to
use Factory_girl gem to do it but not sure if that is the correct way
or how cucumber is designed to handle these kinds of 'given’s.

Thanks in advance.

Stefan F. wrote:

I’m trying to create a scenario with a ‘given I am logged in’. I’m
struggling to find good documentation about this, the rspec/cucumber
book doesn’t have this chapter written yet.

Could you point me in the right direction? Currently I’m starting to
use Factory_girl gem to do it but not sure if that is the correct way
or how cucumber is designed to handle these kinds of 'given’s.

Thanks in advance.

Authentication is a very large topic. There are a number of
authentication plugins and gems available (logins). I happen to use the
AuthLogic gem at the moment. There is a fairly good tutorial on
Authlogic at
http://www.binarylogic.com/2008/11/3/tutorial-authlogic-basic-setup.

Authorisation (Roles) is a separate matter altogether. I have a minimal
authorisation function that simply checks a flag attribute on the user
model. This suffices for testing but needs be replaced in production.

Note as well that at the moment I do not use mocks for this stuff.

One of my sample scenarios looks like this:

Scenario: Add a new client
Given I do have a user named “authuser”
And the user named “authuser” authenticates
And the user named “authuser” is authorized to “add” “clients”

The user steps look like this:

(note: some do not approve of instance @ variables in tests)

When /have an? user named “(.*)”/ do |name|
Then “add an user named “#{name}””
end

When /(?:add|create) an?(?:new)? user named “(.*)”/ do |name|
User.find_by_username(name).destroy
Then “initialise a new user named “#{name}””
Then “should save the new user”
end

When /initialise a new user named “(.*)”/ do |name|
@my_new_user = nil
my_user = User.new
my_user.username = “#{name}”
my_user.password = “#{name}-password”
my_user.password_confirmation = “#{name}-password”

@my_new_user = my_user
end

When /should save the new user/ do
@my_new_user.save!
end

The authentication step looks like this:

When /user named “(.*)” authenticates/ do |name|
visit new_user_session_path
Then “see an authentication request message”
Then “enter the username “#{name}””
Then “enter the password “#{name}-password””
Then “press the authenticate button”
Then “see an authentication success message”
visit root_path
have_no_selector("#authentication_request")
end

And so on. No doubt there are better ways to do it but this works for
me.

HTH

James B. wrote:

When /(?:add|create) an?(?:new)? user named “(.*)”/ do |name|
User.find_by_username(name).destroy

s/b
User.find_by_username(name).destroy if User.find_by_username(name)

Sorry about that.

Have a look at fbrp http://github.com/diabolo/fbrp/tree/master , it has
a
feature based rewrite of RestfulAuthentications tests, using
Object_Daddy
and Cucumber. Lots of logging in without using features

HTH

Andrew

2009/3/24 Stefan F. [email protected]

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs