O'Reilly logo

Rails 4 Test Prescriptions by Noel Rappin

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Using Roles

Now that we have the concept of users and roles in the system, we need to look at other places where users need access to a project. Two interesting places spring to mind:

  • The project index list should be limited to only the projects that the user can see.

  • Adding tasks should be limited to only the projects a user can see.

Let’s look at the index page. Two places need code here. A User instance needs some way to return the list of projects the user can see, and the controller index action needs to call that method. That argues for an integration test, though only weakly. (Sometimes I’ll skip an integration test if the logic is very close to Rails default integration and would very easily be caught manually.)

security/04/gatherer/spec/features/user_and_role_spec.rb ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required