我必须做错事或者我需要眼镜。我在这里遵循这个教程:
http://vaidehijoshi.github.io/blog/2015/09/29/using-pundit-the-cool-kid-of-authorization/
我已按照说明在application_policy.rb文件夹中创建了user_policy.rb个文件和app/policies个文件。
Pundit似乎没有在IntegrationTests内检测到我的UserPolicy文件。
class UserPolicy < ApplicationPolicy
def update?
user == resource
end
end
在我的UserController中,我有定义的REST API操作。目前,我只是在测试&#34;更新&#34;动作:
def update
user = User.find_by({id: params[:id]})
authorize user
render json: { error: "Failed to find" }, status: :not_found and return unless user
if user.update!(user_params)
render json: user
else
render json: { error: "Not found" }, status: :not_found
end
end
test "update other user's data should raise NotAuthorized exception" do
@user_two = users(:two)
put user_path(@user_two.id), params: { first_name: "Jim" }, headers: @authorization_header
assert_response :success # forcing fail test for now to test plumbing
end
我收到以下错误:
.E
Error:
UsersControllerTest#test_update_other_user's_data_should_raise_NotAuthorized_exception:
Pundit::NotDefinedError: unable to find policy `UserPolicy` for `#<User id: 298486374, first_name: "MyString", last_name: "MyString", email: "MyString", password_digest: "MyString", created_at: "2016-05-27 13:30:07", updated_at: "2016-05-27 13:30:07", role_id: nil>`
app/controllers/users_controller.rb:42:in `update'
test/controllers/users_controller_test.rb:60:in `block in <class:UsersControllerTest>'
任何想法我可能做错了什么?
如果有任何帮助,我的UserControllerTest文件如下所示:
require 'test_helper'
class UsersControllerTest < ActionDispatch::IntegrationTest
def authenticate
token = Knock::AuthToken.new(payload: { sub: users(:one).id }).token
@authorization_header = { HTTP_AUTHORIZATION: "Bearer #{token}" }
end
setup do
# load "#{Rails.root}/db/seeds.rb"
Rails.application.load_seed
authenticate
@user = users(:one)
end
test "logged in user should return ok" do
get users_path, headers: @authorization_header
assert_response :ok
end
test "not logged in user should return unauthorized" do
get users_path
assert_response :unauthorized
end
test "user json should not contain password_digest" do
get user_path(@user.id), headers: @authorization_header
assert_response :ok
json = JSON.parse(response.body)
assert json.key?("password_digest") == false
end
test "create user without authorization header should return created" do
user = {
first_name: "Bob",
last_name: "Brown",
email: "bob@gmail.com",
password: "abc",
password_confirmation: "abc"
}
post users_path, params: user
assert_response :created
json = JSON.parse(response.body)
assert !json.empty?
end
test "update user should return ok" do
put user_path(@user.id), params: { first_name: "Bob"}, headers: @authorization_header
assert_response :ok
updated_user = User.find_by({id: @user.id})
assert_equal "Bob", updated_user.first_name
end
test "update other user's data should raise NotAuthorized exception" do
@user_two = users(:two)
put user_path(@user_two.id), params: { first_name: "Jim" }, headers: @authorization_header
assert_response :success
end
test "delete user shoudl return ok" do
assert_difference "User.count", -1 do
delete user_path(@user.id), headers: @authorization_header
end
end
end
在我一小时前添加Pundit内容之前,我的所有测试都已通过。
答案 0 :(得分:1)
要修复,我跑了:
bin/spring stop
bin/spring binstub --remove --all
bundle update spring
bundle exec spring binstub --all
答案 1 :(得分:0)
好的....我不知道发生了什么事,但显然,我退出了所有的Mac终端和Atom IDE,我键入了我的代码。
然后我打开终端并再次执行rails test命令,这次它起作用了:
....E
Error:
UsersControllerTest#test_update_other_user's_data_should_raise_NotAuthorized_exception:
Pundit::NotAuthorizedError: not allowed to update? this #<User id: 298486374, first_name: "MyString", last_name: "MyString", email: "MyString", password_digest: "MyString", created_at: "2016-05-27 15:19:51", updated_at: "2016-05-27 15:19:51", role_id: nil>
app/controllers/users_controller.rb:42:in `update'
test/controllers/users_controller_test.rb:60:in `block in <class:UsersControllerTest>'
...奇异