Using Roles
Now that you have the concept of users and roles in the system, you need to look at other places where users need access to a project. Two interesting places spring to mind:
-
The project index list, where access should be limited to only the projects that the user can see
-
The new tasks form, which should be limited to only the projects a user can see
Let’s look at the index page. Two places need code here. A User instance needs some way to return the list of projects the user can see, and the controller index action needs to call that method. That argues for an integration test, though only weakly. Sometimes I’ll skip an integration test if the logic is very close to Rails default integration and would easily be caught manually. Another ...
Get Rails 5 Test Prescriptions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.