Adding Users and Roles
Now that we have Devise installed, letâs see how we can use testing to expose security issues.
The most basic security issue is user login. Since our application involves projects that would presumably be limited to a specific, private set of users, it makes sense that you would need to be logged in to access the application. This is testable logicâa logged-in user can access a page, whereas an ordinary browser who happens along the page cannot.
So hereâs an integration test for the project index page:
| security/01/gatherer/spec/features/user_and_role_spec.rb | |
| âLine 1Â | require â"rails_helper"â |
| â-Â | |
| â-Â | describe â"with users and roles"â âdoâ |
| â-Â | |
| â5Â | âdefâ log_in_as(user) |
| â-Â | visit new_user_session_path ... |
Get Rails 4 Test Prescriptions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
