require 'setup' spec :AuthorizationTest do context :inheritance do it 'inherits token auth procedures from superclass' do a = mock_controller { token_auth {|t| t == 'x'} } b = mock_controller(a) app(b) get assert(last_response.status) == 401 token_authorize 'x' get assert(last_response.status) == 501 end it 'directly overrides token auth inherited from superclass' do a = mock_controller { token_auth {|t| t == 'x'} } b = mock_controller(a) { token_auth {|t| t == 'y'} } app(b) get assert(last_response.status) == 401 token_authorize 'y' get assert(last_response.status) == 501 end it 'uses `inherit` to override token auth inherited from superclass' do a = mock_controller { token_auth {|t| t == 'x'} } b = mock_controller(a) { token_auth {|t| t == 'y'} } c = mock_controller(a) { import :token_auth, from: b } app(c) get assert(last_response.status) == 401 token_authorize 'y' get assert(last_response.status) == 501 end it 'inherits token auth procedures via `inherit`' do a = mock_controller { token_auth {|t| t == 'x'} } b = mock_controller { import :token_auth, from: a } app(b) get assert(last_response.status) == 401 token_authorize 'x' get assert(last_response.status) == 501 end end context 'protect all request methods' do before do app mock_controller { token_auth {|t| t == 'st'} define_method(:get) {} } end it 'return "401 Unauthorized" if token missing' do get assert(last_response.status) == 401 end it 'return "401 Unauthorized" if token is wrong' do get assert(last_response.status) == 401 end it 'return "200 Ok" when correct token provided' do token_auth 'st' get assert(last_response.status) == 200 end end end