Sha256: 05f515e26fb5f868a21df91e101923091265b38a6da6f90f571491e5192170c3
Contents?: true
Size: 1.17 KB
Versions: 6
Compression:
Stored size: 1.17 KB
Contents
require 'spec_helper'
class ForgeriesController < ActionController::Base
include Clearance::Controller
protect_from_forgery
before_filter :authorize
# This is off in test by default, but we need it for this test
self.allow_forgery_protection = true
def create
redirect_to action: 'index'
end
end
describe ForgeriesController do
context 'signed in user' do
before do
Rails.application.routes.draw do
resources :forgeries
get '/sign_in' => 'clearance/sessions#new', as: 'sign_in'
end
@user = create(:user)
@user.update_attribute(:remember_token, 'old-token')
@request.cookies['remember_token'] = 'old-token'
@request.session[:_csrf_token] = 'golden-ticket'
end
after do
Rails.application.reload_routes!
end
it 'succeeds with authentic token' do
post :create, authenticity_token: 'golden-ticket'
subject.should redirect_to(action: 'index')
end
it 'fails with invalid token' do
post :create, authenticity_token: 'hax0r'
subject.should deny_access
end
it 'fails with no token' do
post :create
subject.should deny_access
end
end
end
Version data entries
6 entries across 6 versions & 1 rubygems