CanCan 能力的功能测试错误地失败
我正在尝试在我的应用程序中测试 CanCan 功能,该应用程序也使用 Authlogic。我已经验证了使用实际站点时正确的行为有效,但我想编写一个功能测试,如果这种行为将来出现问题,它会提醒我。我的能力文件很简单,如下所示:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new
can :read, User
can :manage, User, :id => user.id
cannot :create, User
can :destroy, UserSession
if user.role? :guest
can :create, UserSession
cannot :destroy UserSession
end
end
end
我对 UserSessionsController 的测试也很简单,如下所示:
test "should redirect new for member" do
default_user = login :default_user
assert default_user.role? :member
assert_raise(CanCan::AccessDenied) { get :new }
assert_redirected_to root_path
end
仅供参考,我的 test_helper.rb 如下所示:
ENV["RAILS_ENV"] = "test"
require File.expand_path('../../config/environment', __FILE__)
require 'rails/test_help'
require 'authlogic/test_case'
class ActiveSupport::TestCase
fixtures :all
setup :activate_authlogic
def login(user_login)
UserSession.create users(user_login)
users(user_login)
end
end
当我运行代码时,我的测试失败了,但是:
test_should_redirect_new_for_member FAIL
CanCan::AccessDenied expected but nothing was raised.
Assertion at test/functional/user_sessions_controller_test.rb:13:in `block in <class:UserSessionsControllerTest>'
如果我注释掉assert_raise,重定向断言也失败。有人发现我的代码有任何问题导致此测试失败吗?
I am trying to test a CanCan ability in my app that also uses Authlogic. I have verified the correct behavior works when using the actual site, but I want to write a functional test that will alert me if this behavior breaks in the future. My ability file is simple, and looks as follows:
class Ability
include CanCan::Ability
def initialize(user)
user ||= User.new
can :read, User
can :manage, User, :id => user.id
cannot :create, User
can :destroy, UserSession
if user.role? :guest
can :create, UserSession
cannot :destroy UserSession
end
end
end
My test for the UserSessionsController is also simple, and looks like this:
test "should redirect new for member" do
default_user = login :default_user
assert default_user.role? :member
assert_raise(CanCan::AccessDenied) { get :new }
assert_redirected_to root_path
end
Just for reference, my test_helper.rb looks like this:
ENV["RAILS_ENV"] = "test"
require File.expand_path('../../config/environment', __FILE__)
require 'rails/test_help'
require 'authlogic/test_case'
class ActiveSupport::TestCase
fixtures :all
setup :activate_authlogic
def login(user_login)
UserSession.create users(user_login)
users(user_login)
end
end
When I run my code, my test fails, however:
test_should_redirect_new_for_member FAIL
CanCan::AccessDenied expected but nothing was raised.
Assertion at test/functional/user_sessions_controller_test.rb:13:in `block in <class:UserSessionsControllerTest>'
If I comment out the assert_raise, the redirect assertion also fails. Does anyone see anything wrong with my code that is causing this test to fail?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
问题是我正在挽救我的 ApplicationController 中的 AccessDenied,因此从未引发异常。
The problem was that I was rescuing the AccessDenied in my ApplicationController, so the exception was never being raised.
您还需要阻止新的操作。
具有“成员”角色的用户可能有权访问新操作(用户的显示表单)并限制创建操作的访问权限。
还有一件事,我们不需要使用
Can 本身就能完成所有事情。
You need to block new action too.
May be User having 'member' role have access to new action(display form for user) and restricted access to create action.
And one more thing, we don't need to use
We can do everything by
canitself.