RSpec.describe Rails::Auth::ErrorPage::DebugMiddleware do let(:request) { Rack::MockRequest.env_for("https://www.example.com") } let(:example_config) { fixture_path("example_acl.yml").read } let(:example_acl) do Rails::Auth::ACL.from_yaml( example_config, matchers: { allow_x509_subject: Rails::Auth::X509::Matcher, allow_claims: ClaimsMatcher } ) end subject(:middleware) { described_class.new(app, acl: example_acl) } context "access granted" do let(:code) { 200 } let(:app) { ->(env) { [code, env, "Hello, world!"] } } it "renders the expected response" do response = middleware.call(request) expect(response.first).to eq code end end context "access denied" do let(:app) { ->(_env) { raise(Rails::Auth::NotAuthorizedError, "not authorized!") } } it "renders the error page" do code, _env, body = middleware.call(request) expect(code).to eq 403 expect(body.join).to include("Access Denied") end end end