spec/rails/auth/error_page/middleware_spec.rb in rails-auth-1.2.0 vs spec/rails/auth/error_page/middleware_spec.rb in rails-auth-1.3.0

@@ -2,25 +2,54 @@
   let(:request)    { Rack::MockRequest.env_for("https://www.example.com") }
   let(:error_page) { "<h1> Unauthorized!!! </h1>" }
 
   subject(:middleware) { described_class.new(app, page_body: error_page) }
 
-  context "access granted" do
-    let(:code) { 200 }
-    let(:app)  { ->(env) { [code, env, "Hello, world!"] } }
+  context "unspecified content type" do
+    describe "access granted" do
+      let(:code) { 200 }
+      let(:app)  { ->(env) { [code, env, "Hello, world!"] } }
 
-    it "renders the expected response" do
-      response = middleware.call(request)
-      expect(response.first).to eq code
+      it "renders the expected response" do
+        response = middleware.call(request)
+        expect(response.first).to eq code
+      end
     end
+
+    describe "access denied" do
+      let(:app) { ->(_env) { raise(Rails::Auth::NotAuthorizedError, "not authorized!") } }
+
+      it "renders the error page" do
+        code, _env, body = middleware.call(request)
+        expect(code).to eq 403
+        expect(body).to eq [error_page]
+      end
+    end
   end
 
-  context "access denied" do
-    let(:app) { ->(_env) { raise(Rails::Auth::NotAuthorizedError, "not authorized!") } }
+  context "JSON content type" do
+    let(:app)     { ->(_env) { raise(Rails::Auth::NotAuthorizedError, "not authorized!") } }
+    let(:message) { { message: "Access denied" }.to_json }
 
-    it "renders the error page" do
-      code, _env, body = middleware.call(request)
-      expect(code).to eq 403
-      expect(body).to eq [error_page]
+    context "via request path" do
+      let(:request) { Rack::MockRequest.env_for("https://www.example.com/foobar.json?x=1&y=2") }
+
+      it "renders a JSON response" do
+        code, env, body = middleware.call(request)
+        expect(code).to eq 403
+        expect(env["Content-Type"]).to eq "application/json"
+        expect(body).to eq [message]
+      end
+    end
+
+    context "via Accept header" do
+      it "renders a JSON response" do
+        request["HTTP_ACCEPT"] = "application/json"
+
+        code, env, body = middleware.call(request)
+        expect(code).to eq 403
+        expect(env["Content-Type"]).to eq "application/json"
+        expect(body).to eq [message]
+      end
     end
   end
 end