Rspec 用于检查用户是否在 rails 中使用设计 gem 登录
Rspec for checking whether a user is signed in or not in rails using devise gem
我在 rails 中使用设计 gem 来验证 user.I 需要编写测试用例来检查用户是否使用 Rspec 登录。只有登录的用户才有权访问 post 的索引 page.It 非常适合 Rspec 中的登录用户。但是对于注销的用户,我已经尝试了几个步骤,但我无法得到它 right.I 已经使用 Warden 进行简单的身份验证以测试 purpose.My post 已注销用户的控制器规格是:
describe "Unauthorized Access" do
let(:user) {create(:user)}
it "User tries to view post after Sign Out" do
get :index
expect(response).to have_http_status 401
end
end
spec 文件夹中的 Warden 助手。
RSpec.shared_context "api request global before and after hooks" do
before(:each) do
Warden.test_mode!
end
after(:each) do
Warden.test_reset!
end
end
RSpec.shared_context "api request authentication helper methods" do
def sign_in(user)
login_as(user, scope: :users)
end
def sign_out
logout(:users)
end
end
当我单击退出按钮时,它被重定向到登录页面并且 rails 日志显示这样的日志
Started GET "/" for 127.0.0.1 at 2018-09-05 11:33:10 +0530
Processing by PostsController#index as HTML
Completed 401 Unauthorized in 2ms (ActiveRecord: 0.0ms)
Started GET "/users/sign_in" for 127.0.0.1 at 2018-09-05 11:33:10 +0530
Processing by Devise::SessionsController#new as HTML
Rendering devise/sessions/new.html.erb within layouts/application
Rendered devise/shared/_links.html.erb (0.9ms)
Rendered devise/sessions/new.html.erb within layouts/application (5.0ms)
Completed 200 OK in 69ms (Views: 67.9ms | ActiveRecord: 0.0ms)
但是当我 运行 测试时 rspec 控制台显示错误。
expected the response to have status code 401 but it was 302
0) PostsController Unauthorized Access User tries to view post after Sign Out
Failure/Error: expect(response).to have_http_status 401
expected the response to have status code 401 but it was 302
# ./spec/controllers/posts_controller_spec.rb:150:in `block (3 levels) in <top (required)>'
Rspec日志
(0.1ms) SELECT "schema_migrations"."version" FROM "schema_migrations" ORDER BY "schema_migrations"."version" ASC
(0.4ms) begin transaction
Processing by PostsController#index as HTML
Completed 401 Unauthorized in 8ms (ActiveRecord: 0.0ms)
(0.1ms) rollback transaction
您应该按以下方式进行测试,根据您的要求进行更改。
describe PostsController do
describe "Index" do
it "should allow user to view the list of posts" do
get :index, {}, sign_in(@user)
expect(response).to redirect_to(posts_path)
end
it "should not list posts if the user is not logged in" do
get :index
expect(response.status).to eq(302)
expect(response).to redirect_to(new_user_sessions_path)
end
end
end
现在这个测试会做什么,当它运行时它会调用你的控制器,假设你已经输入 authenticate_user!,它会检查用户是否登录以查看列表。否则,action 将 return 401.
您也可以尝试以下方法
RSpec.describe "Posts", :type => :request do
context "Index" do
it 'should return 401 when not logged in' do
sign_out user
get posts_path
expect(response).to have_http_status(302)
follow_redirect!
expect(response).to have_http_status(401)
end
end
end
我在 rails 中使用设计 gem 来验证 user.I 需要编写测试用例来检查用户是否使用 Rspec 登录。只有登录的用户才有权访问 post 的索引 page.It 非常适合 Rspec 中的登录用户。但是对于注销的用户,我已经尝试了几个步骤,但我无法得到它 right.I 已经使用 Warden 进行简单的身份验证以测试 purpose.My post 已注销用户的控制器规格是:
describe "Unauthorized Access" do
let(:user) {create(:user)}
it "User tries to view post after Sign Out" do
get :index
expect(response).to have_http_status 401
end
end
spec 文件夹中的 Warden 助手。
RSpec.shared_context "api request global before and after hooks" do
before(:each) do
Warden.test_mode!
end
after(:each) do
Warden.test_reset!
end
end
RSpec.shared_context "api request authentication helper methods" do
def sign_in(user)
login_as(user, scope: :users)
end
def sign_out
logout(:users)
end
end
Started GET "/" for 127.0.0.1 at 2018-09-05 11:33:10 +0530
Processing by PostsController#index as HTML
Completed 401 Unauthorized in 2ms (ActiveRecord: 0.0ms)
Started GET "/users/sign_in" for 127.0.0.1 at 2018-09-05 11:33:10 +0530
Processing by Devise::SessionsController#new as HTML
Rendering devise/sessions/new.html.erb within layouts/application
Rendered devise/shared/_links.html.erb (0.9ms)
Rendered devise/sessions/new.html.erb within layouts/application (5.0ms)
Completed 200 OK in 69ms (Views: 67.9ms | ActiveRecord: 0.0ms)
expected the response to have status code 401 but it was 302
0) PostsController Unauthorized Access User tries to view post after Sign Out
Failure/Error: expect(response).to have_http_status 401
expected the response to have status code 401 but it was 302
# ./spec/controllers/posts_controller_spec.rb:150:in `block (3 levels) in <top (required)>'
(0.1ms) SELECT "schema_migrations"."version" FROM "schema_migrations" ORDER BY "schema_migrations"."version" ASC
(0.4ms) begin transaction
Processing by PostsController#index as HTML
Completed 401 Unauthorized in 8ms (ActiveRecord: 0.0ms)
(0.1ms) rollback transaction
您应该按以下方式进行测试,根据您的要求进行更改。
describe PostsController do
describe "Index" do
it "should allow user to view the list of posts" do
get :index, {}, sign_in(@user)
expect(response).to redirect_to(posts_path)
end
it "should not list posts if the user is not logged in" do
get :index
expect(response.status).to eq(302)
expect(response).to redirect_to(new_user_sessions_path)
end
end
end
现在这个测试会做什么,当它运行时它会调用你的控制器,假设你已经输入 authenticate_user!,它会检查用户是否登录以查看列表。否则,action 将 return 401.
您也可以尝试以下方法
RSpec.describe "Posts", :type => :request do
context "Index" do
it 'should return 401 when not logged in' do
sign_out user
get posts_path
expect(response).to have_http_status(302)
follow_redirect!
expect(response).to have_http_status(401)
end
end
end