更简洁的使用 without_access_control 的方式
我正在开发一个使用 declarative_authorization 来保证模型安全的应用程序,并且有很多测试,我正在构建固定装置,并且不希望/不需要它们通过授权框架。目前我正在使用类似下面的代码片段的东西,但由于这将是一个相当常见的任务,我想知道是否有更好或更简洁的方法来实现相同的目标。
def disable_auth(code, *args)
without_access_control do
return code.call(*args)
end
end
get :index, :product_id => disable_auth( lambda { Factory(:product) } )
I'm working on an app that uses declarative_authorization for model security and there are allot of tests where I'm constructing fixtures and don't want/need them to go through the authorization framework. Currently I'm using something like the code snippet below but since this is going to be a fairly common task I was wondering if there was a better or more concise way to accomplish the same goal.
def disable_auth(code, *args)
without_access_control do
return code.call(*args)
end
end
get :index, :product_id => disable_auth( lambda { Factory(:product) } )
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我通常在测试的开始部分以授权用户身份登录。这使得编写测试来验证我的权限是否按照我希望的方式工作变得很容易。
我不会按照你描述的方式做。
I usually sign in as an authorized user in the begin block of my tests. This makes it easy to write tests that verify that my permissions are working the way I want them to.
I wouldn't do it the way you describe.