Sha256: 7a6ce98bc54643f583f18b034db74ea7be14492a53c46797199ef317d130f816
Contents?: true
Size: 1.48 KB
Versions: 4
Compression:
Stored size: 1.48 KB
Contents
require 'spec_helper'
require 'support/controllers/controller_helpers'
# Matcher that asserts user was denied access.
RSpec::Matchers.define :deny_access do
match do |controller|
redirects_to_sign_in?(controller) && sets_flash?(controller)
end
def redirects_to_sign_in?(controller)
expect(controller).to redirect_to(controller.sign_in_url)
end
def sets_flash?(controller)
controller.flash[:notice].match(/sign in to continue/)
end
end
# A dummy 'secured' controller to test
class SecuredAppsController < ActionController::Base
include Authenticate::Controller
before_action :require_authentication, only: :show
def new
head :ok
end
def show
head :ok
end
end
describe SecuredAppsController, type: :controller do
before do
Rails.application.routes.draw do
resource :secured_app, only: [:new, :show]
get '/sign_in' => 'authenticate/sessions#new', as: 'sign_in'
end
end
after do
Rails.application.reload_routes!
end
context 'with authenticated user' do
before { sign_in }
it 'allows access to new' do
get :new
expect(subject).to_not deny_access
end
it 'allows access to show' do
get :show
expect(subject).to_not deny_access
end
end
context 'with an unauthenticated visitor' do
it 'allows access to new' do
get :new
expect(subject).to_not deny_access
end
it 'denies access to show' do
get :show
expect(subject).to deny_access
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems