Forum: RSpec Where do I find help about user roles?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
261768d5620821bc4985a995bc9d01d0?d=identicon&s=25 Stefan Fountain (Guest)
on 2009-03-24 16:30
(Received via mailing list)
I'm trying to create a scenario with a 'given I am logged in'. I'm
struggling to find good documentation about this, the rspec/cucumber
book doesn't have this chapter written yet.

Could you point me in the right direction? Currently I'm starting to
use Factory_girl gem to do it but not sure if that is the correct way
or how cucumber is designed to handle these kinds of 'given's.

Thanks in advance.
171ea139761951336b844e708d1547ab?d=identicon&s=25 James Byrne (byrnejb)
on 2009-03-24 19:27
Stefan Fountain wrote:
> I'm trying to create a scenario with a 'given I am logged in'. I'm
> struggling to find good documentation about this, the rspec/cucumber
> book doesn't have this chapter written yet.
>
> Could you point me in the right direction? Currently I'm starting to
> use Factory_girl gem to do it but not sure if that is the correct way
> or how cucumber is designed to handle these kinds of 'given's.
>
> Thanks in advance.

Authentication is a very large topic.  There are a number of
authentication plugins and gems available (logins).  I happen to use the
AuthLogic gem at the moment.  There is a fairly good tutorial on
Authlogic at
http://www.binarylogic.com/2008/11/3/tutorial-auth....

Authorisation (Roles) is a separate matter altogether.  I have a minimal
authorisation function that simply checks a flag attribute on the user
model.  This suffices for testing but needs be replaced in production.

Note as well that at the moment I do not use mocks for this stuff.

One of my sample scenarios looks like this:

  Scenario: Add a new client
    Given I do have a user named "authuser"
      And the user named "authuser" authenticates
      And the user named "authuser" is authorized to "add" "clients"
 ...

The user steps look like this:

(note: some do not approve of instance @ variables in tests)

When /have an? user named "(.*)"/ do |name|
  Then "add an user named \"#{name}\""
end

When /(?:add|create) an?(?:new)? user named "(.*)"/ do |name|
  User.find_by_username(name).destroy
  Then "initialise a new user named \"#{name}\""
  Then "should save the new user"
end

When /initialise a new user named "(.*)"/ do |name|
  @my_new_user = nil
  my_user = User.new
  my_user.username = "#{name}"
  my_user.password = "#{name}-password"
  my_user.password_confirmation = "#{name}-password"
...
  @my_new_user = my_user
end

When /should save the new user/ do
  @my_new_user.save!
end

...

The authentication step looks like this:

When /user named "(.*)" authenticates/ do |name|
  visit new_user_session_path
  Then "see an authentication request message"
  Then "enter the username \"#{name}\""
  Then "enter the password \"#{name}-password\""
  Then "press the authenticate button"
  Then "see an authentication success message"
  visit root_path
  have_no_selector("#authentication_request")
end


And so on.  No doubt there are better ways to do it but this works for
me.

HTH
171ea139761951336b844e708d1547ab?d=identicon&s=25 James Byrne (byrnejb)
on 2009-03-24 19:37
James Byrne wrote:

> When /(?:add|create) an?(?:new)? user named "(.*)"/ do |name|
>   User.find_by_username(name).destroy

s/b
  User.find_by_username(name).destroy if User.find_by_username(name)

Sorry about that.
85d99e7678d8720f6e00ab0f60fe6ea9?d=identicon&s=25 Andrew Premdas (Guest)
on 2009-03-24 20:13
(Received via mailing list)
Have a look at fbrp http://github.com/diabolo/fbrp/tree/master , it has
a
feature based rewrite of RestfulAuthentications tests, using
Object_Daddy
and Cucumber. Lots of logging in without using features

HTH

Andrew

2009/3/24 Stefan Fountain <stefan@soocial.com>
This topic is locked and can not be replied to.