我正在研究Michael Hartl教程的最新版本,我无法通过第9.2章的几个测试来传递:
http://ruby.railstutorial.org/chapters/updating-showing-and-deleting-users#sec-authorization
我已经验证了我的gem版本,重新启动了Rails服务器,运行了bundle更新,并重建了测试数据库无济于事。我已经从git存储库中重新编写了,并且遍历了我认为相关的每一行。我在第9章中没有遇到任何麻烦,但我正在努力做到这一点,特别是像这样的网络安全部分,因为我想在完成教程后使用这个模型创建一个新网站。非常感谢任何帮助。
作为旁注,编辑重定向似乎工作正常,但使用PUT的测试失败,即使它们在控制器中使用相同的重定向功能,我也不明白他们为什么会表现不同。再次感谢您的帮助。
约翰
失败消息:
1)用户控制器中提交更新操作的非登录用户的身份验证授权 失败/错误:指定{response.should redirect_to(signin_path)} 预期的响应是重定向到> http://www.example.com/signin,但重定向到> https://www.example.com/users/45 #./spec/requests/authentication_pages_spec.rb:60:in块(6级)顶部 (必需)'
2)认证授权为错误的用户向Users#update动作提交PUT请求 失败/错误:指定{response.should redirect_to(root_path)} 预期的响应是重定向到> http://www.example.com/但是重定向到> https://www.example.com/users/49 #./spec/requests/authentication_pages_spec.rb:77:在'top(5级)中'top (必需)'
这是验证规范,其中2个失败的测试来自: 需要'spec_helper'
describe "Authentication" do
subject { page }
describe "signin page" do [...]
describe "signin" do [...]
describe "authorization" do
describe "for non-signed-in users" do
let(:user) { FactoryGirl.create(:user) }
describe "in the Users controller" do
describe "visiting the edit page" do
before { visit edit_user_path(user) }
it { should have_selector('title', text: 'Sign in') }
end
describe "submitting to the update action" do
before { put user_path(user) }
specify { response.should redirect_to(signin_path) } #<---Failure 1
end
end
end
describe "as wrong user" do
let(:user) { FactoryGirl.create(:user) }
let(:wrong_user) { FactoryGirl.create(:user, email: "wrong@example.com") }
before { sign_in user }
describe "visiting Users#edit page" do
before { visit edit_user_path(wrong_user) }
it { should_not have_selector('title', text: full_title('Edit user')) }
end
describe "submitting a PUT request to the Users#update action" do
before { put user_path(wrong_user) }
specify { response.should redirect_to(root_path) } #<--- Failure 2
end
end
end
end
实用程序中的sign_in函数:
def sign_in(user)
visit signin_path
fill_in "Email", with: user.email
fill_in "Password", with: user.password
click_button "Sign in"
# Sign in when not using Capybara as well.
cookies[:remember_token] = user.remember_token
end
以下是用户控制器:
class UsersController < ApplicationController
before_filter :signed_in_user, only: [:edit, :update]
before_filter :correct_user, only: [:edit, :update]
def show
@user = User.find(params[:id])
end
def new
@user = User.new
end
def create
@user = User.new(params[:user])
if @user.save
sign_in @user
flash[:success] = "Welcome to the Sample App!"
redirect_to @user
else
render 'new'
end
end
def edit
end
def update
if @user.update_attributes(params[:user])
flash[:success] = "Profile updated"
sign_in @user
redirect_to @user
else
render 'edit'
end
end
private
def signed_in_user
redirect_to signin_url, notice: "Please sign in." unless signed_in?
end
def correct_user
@user = User.find(params[:id])
redirect_to(root_path) unless current_user?(@user)
end
end
我的路线,以防万一:
Railstut::Application.routes.draw do
resources :users
resources :sessions, only: [:new, :create, :destroy]
root to: 'static_pages#home'
match '/signup', to: 'users#new'
match '/signin', to: 'sessions#new'
match '/signout', to: 'sessions#destroy', via: :delete
match '/help', to: "static_pages#help"
match '/about', to: "static_pages#about"
match '/contact', to: "static_pages#contact"
end
答案 0 :(得分:3)
我明白了。发生这种情况是因为我在应用程序控制器中打开了SSL。我添加了环境测试,现在一切都过去了。
class ApplicationController < ActionController::Base
protect_from_forgery
include SessionsHelper
if Rails.env.production?
force_ssl
end
end