Home/ Questions/Q 7720139
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T03:35:20+00:00

In section 9.2.1 of Michael Hartl’s new Rails Tutorial Book (3.2), there is a

  • 0

In section 9.2.1 of Michael Hartl’s new Rails Tutorial Book (3.2), there is a test defined to ensure that if a user is logged in they cannot update (PUT) changes to another user. If this is attempted, the user should be redirected to the home page. Because a webpage can’t directly issue a PUT, the RSPEC test uses:

before { put user_path(wrong_user) }
{ response.should redirect_to(root_path) }

This test case fails and looking at the log it seems to be exiting on because the first before_filter (signed_in_user) in the UserController is redirecting to the sign in page.

Here is my github page for this sample app:
https://github.com/treetopvt/sample_app

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    In chapter 8 there was an exercise to switch from cookies to sessions. in my SessionsHelper module I replaced 

    cookies.permanent[:remember_token] = user.remember_token

    with

    session[:remember_token] = user.remember_token

    The move to sessions worked fine, but because I was no longer “permanently” storing a cookie, the test fails. I undid my exercise changes from Chapter 8, moving back to cookies, and all tests pass. Now, any ideas on how I change my authorization test to work while using sessions? This is my current test:

                describe "as wrong user" do
            let(:user) { FactoryGirl.create(:user) }
            let(:wrong_user) { FactoryGirl.create(:user, email:"wrong@example.com") }
            before { sign_in user }

            describe "Visiting Users#edit page" do
                before { visit edit_user_path(wrong_user) }
                it { should have_selector('title', text: full_title('')) }
            end

            describe "submitting a PUT request to the Users#update action" do
                before { put user_path(wrong_user) } #put is an update?
                specify{ response.should redirect_to(root_path) }
            end
        end
    • 0