我试着搜索这个并发现了很多问题,但没有一个能给我一个有效的答案。我应该做一个测试,确保管理员用户不能删除自己。
这是我在 authentication_pages_spec.rb 中的内容
describe "as admin user" do
let(:admin) { FactoryGirl.create(:admin) }
before { sign_in admin }
describe "can't delete self" do
before { delete user_path(admin) }
specify { response.should redirect_to(users_path),
flash[:error].should =~ /Cannot delete own admin account!/i }
end
end
这是我在 users_controller.rb 中的内容
def destroy
user = User.find(params[:id])
if (current_user == user) && (current_user.admin?)
flash[:error] = "Cannot delete own admin account!"
else
user.destroy
flash[:success] = "User destroyed."
end
redirect_to users_path
end
测试失败,结果:
1) Authentication authorization as admin user can't delete self
Failure/Error: flash[:error].should =~ /Cannot delete own admin account!/i }
expected: /Cannot delete own admin account!/i
got: nil (using =~)
# ./spec/requests/authentication_pages_spec.rb:139:in `block (5 levels) in <top (required)>'
Finished in 3.75 seconds
83 examples, 1 failure
Failed examples:
rspec ./spec/requests/authentication_pages_spec.rb:138 # Authentication authorization as admin user can't delete self
最佳答案
我就是这样做的。希望至少可以作为引用。
spec/requests/authentication_pages.spec
describe "authorization" do
...
context "as an admin user" do
let(:admin) { create(:admin) }
before do
visit signin_path
sign_in(admin)
end
context "prevents admin users from destroying themselves" do
it "does not delete the user" do
expect do
delete user_path(admin)
end.not_to change(User, :count)
end
context "after failing to delete" do
let(:no_suicide) { "Cannot delete own admin account!" }
before { delete user_path(admin) }
specify do
response.should redirect_to(users_url),
flash[:error].should == no_suicide
end
end
end
end
end
app/controllers/users_controller.rb
class UsersController < ApplicationController
...
before_filter :admin_user, only: :destroy
...
def destroy
user = User.find(params[:id])
if !current_user?(user)
user.destroy
flash[:success] = "User destroyed."
else
flash[:error] = "Cannot delete own admin account!"
end
redirect_to users_url
end
...
private
def admin_user
redirect_to root_url unless current_user.admin?
end
...
end
关于ruby-on-rails - Ruby 教程第 9 章练习 #9 - 测试失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/13180713/