我正在使用Michael Hartl的教程。当我运行测试时,我收到此错误:
1) Authentication authorization for non-signed-in users when attempting to visit a
protected page as non-admin user submitting a DELETE request to the Users#destroy action
Failure/Error: specify { response.should redirect_to(root_path) }
Expected response to be a redirect to <http://www.example.com/> but
was a redirect to <http://www.example.com/users>
# ./spec/requests/authentication_pages_spec.rb:81:in `block (7 levels)
in <top required)>'
这是我的authentication_pages_spec.rb。代码可能与教程示例中显示的稍有不同。这些变化对于通过最近的测试是必要的。到目前为止,一切都很完美。
require 'spec_helper'
describe "Authentication" do
let(:user) { FactoryGirl.create(:user) }
subject { page }
describe "signin page" do
before { visit signin_path }
it { should have_selector('h1', text: 'Sign in') }
it { should have_selector('title', text: 'Sign in') }
end
describe "signin" do
before { visit signin_path }
describe "with invalid information" do
before { click_button "Sign in" }
it { should have_selector('title', text: 'Sign in') }
it { should have_selector('div.alert.alert-error', text: 'Invalid') }
describe "after visiting another page" do
before { click_link "Home"}
it { should have_selector('div.alert.alert-error') }
end
end
describe "with valid information" do
let(:user) { FactoryGirl.create(:user) }
before do
fill_in "Email", with: user.email
fill_in "Password", with: user.password
click_button "Sign in"
end
it { should have_selector('title', text: user.name) }
it { should have_link('Users', href: users_path) }
it { should have_link('Profile', href: user_path(user)) }
it { should have_link('Settings', href: edit_user_path(user)) }
it { should have_link('Sign out', href: signout_path) }
it { should_not have_link('Sign in', href: signin_path) }
describe "followed by signout" do
before { click_link "Sign out" }
it { should have_link('Sign in') }
end
end
end
describe "authorization" do
describe "for non-signed-in users" do
let(:user) { FactoryGirl.create(:user) }
describe "when attempting to visit a protected page" do
before do
visit edit_user_path(user)
fill_in "Email", with: user.email
fill_in "Password", with: user.password
click_button "Sign in"
end
describe "after signing in" do
it "should render the desired protected page" do
page.should have_selector('title', text: 'Edit user')
end
end
describe "as non-admin user" do
let(:user) { FactoryGirl.create(:user) }
let(:non_admin) { FactoryGirl.create(:user) }
before { sign_in non_admin }
describe "submitting a DELETE request to the Users#destroy action" do
before { delete user_path(user) }
specify { response.should redirect_to(root_path) }
end
end
end
end
describe "in the Users controller" do
describe "visiting the edit page" do
before { visit edit_user_path(user) }
it { should have_selector('title', text: "Sign in") }
end
describe "submitting to the update action" do
before { put user_path(user) }
specify { response.should redirect_to(signin_path) }
end
describe "visiting the user index" do
before {visit users_path }
it { should have_selector('title', text: 'Sign in') }
end
end
describe "as wrong user" do
let(:user) { FactoryGirl.create(:user) }
let(:wrong_user) { FactoryGirl.create(:user, email: "wrong@example.com") }
before { sign_in user }
describe "visiting User#edit page" do
before { visit edit_user_path(wrong_user) }
it { should_not have_selector('title', text: full_title('Edit user')) }
end
describe "submitting a PUT request to the User#update action" do
before { put user_path(wrong_user) }
specify { response.should redirect_to(root_path) }
end
end
end
end
有人有想法吗?感谢您的帮助&amp; intrest!
答案 0 :(得分:3)
在您的users_controller#destroy中,您已重定向到users_path
而不是root_path
(您期望的那样)。你能展示你的#destroy行动吗?
答案 1 :(得分:0)
我刚刚完成本章并遇到了同样的问题,但我不认为接受的答案是正确的,这就是原因:
您的用户控制器 中的销毁操作应该 重定向到users_path,而不是root_path,因为我们希望管理员在删除后返回到用户列表一,我们想要将尝试发出DELETE请求的任何非管理员重定向回主页。
重新阅读该部分后,我意识到我在用户控制器中错过了一个过滤器:
before_action :admin_user, only: :destroy
添加使测试通过。