Devise 1.2 ruby on rails
I'm having difficulty testing sign up. When the user clicks sign up, they're logged in and i should see a flash message. This works but my test fails. Not sure why. How does sign up work? is there some sort of internal redirect that happens? This step fails:
Then I should see "You have registered successfully. If enabled, a confirmation was sent your e-mail."
Confirmation is not enabled in my user model.
Tehcnically, you shouldn't feel the need to unit test the devise mechanism--the gem itself is well-tested. I can understand wanting to make sure it is behaving the way you configured it though, so:
Devise definitely redirects after a successful authentication. It will set the flash message and then redirect either to what you set as the root in your routes file, or if you attempted to access a page within the site and got redirected to the login page, it will redirect you back to the page you were trying to access.
For your test, try testing that you get redirected to what you set as root in your routes.rb fil. I.e. in the devise instructions, it says to set it like
root :to => "home#index"
So, in your test try something like this:
require 'spec_helper'
describe YourController do
include Devise::TestHelpers
before (:each) do
#user = Factory.create(:user)
sign_in #user
end
describe "GET 'index'" do
it "should be successful" do
get 'index'
response.should be_success
end
it "should redirect to root" do
get 'index'
response.should redirect_to(root_url)
end
end
You can add your flash message test to this as well. Hope this helps!
Related
When a user logins into my page it redirects them to the sign-in page without error. It actually logs them in but for some reason it won't redirect to the user's show page.
I have this, which as worked in other cases, in my application controller:
def after_sign_in_path_for(user)
user_url(user)
end
here is the link to my repo https://github.com/samwat2/Ships-Project
I'm new to rails and I'm not quiet sure this isn't working! When it has before...
From looking at your repo, you added the two custom fields :first_name and :last_name to the registration form, and you validate the presence of those attributes. If you have added these validations after creating some users, and try to login with a user that misses some of these fields, devise will encounter a validation error when saving the user and redirect back to the login form, even though the authentication itself was successful.
Try making the users valid by filling the missing attributes, and the login should behave again as intended.
I have a Rails 3.2.x app using the rails_admin gem on the back end. I'm also using Devise for authentication and have a role field on the User model to say whether or not the user is an admin or employee.
What I'm trying to do is setup an authorization for rails_admin so if you visit http://domain.com/admin it will only allow it if the current_user.role == "admin" otherwise redirect to my home controller index path home_index_path
I've setup an initializer that should do this, and it does deny admin access if the role is not admin, but I get the following error: No route matches {:controller=>"home"}. I'm thinking it might have to do with the routes.rb and where I have the RailsAdmin line mounted in routes.rb but am not sure. Ultimately this should check the role to make sure it's equal to admin if not, redirect_to home_index_path and flash a message.
Any help is greatly appreciated.
rails_admin.rb
RailsAdmin.config do |config|
config.authorize_with do |controller|
unless current_user.role == 'admin'
flash[:error] = "You are not an admin"
redirect_to home_index_path
end
end
end
After some google searching I found an issue that addresses this. It looks like the namespace is different so redirecting to `main_app.root_path did the trick. I still cannot get the flash message to work. Any thoughts on this?
RailsAdmin.config do |config|
config.authorize_with do |controller|
unless current_user.role == 'admin'
redirect_to main_app.root_path
flash[:error] = "You are not an admin"
end
end
end
I had to secure the login view (with the simple email/password form).
I'm using devise. The thing is the sign in error messages get lost somewhere (probably redirections from http to https I guess).
I tried to do the following on my application controller:
after_filter :set_devise_flash_messages, :if => :devise_controller?
def set_devise_flash_messages
if resource.errors.any?
flash[:error] = flash[:error].to_a.concat resource.errors.full_messages
flash[:error].uniq!
end
end
private :set_devise_flash_messages
but it's not working either.
Any ideas?
Thanks!!!
So, I was missing something.
I had secured the 'new' action for the devise/sessions controllers, but I wasn't securing the 'create' action. So that was causing the loss of flash messages (in between the re directions of that action's protocol).
Cheers!
I want to be logged in as a user during my tests that use javascript, so I figured I should have a helper method which logs a user in via frontend.
However with the helper
def log_user_in_via_frontend(user)
visit root_path
fill_in 'user_session_login', :with => user.login
fill_in 'user_session_password', :with => user.password
click_on('Login')
end
I am able to be logged in and am redirected to the right page as long as I don't put :js => true at the end. I call this helper via
user = FactoryGirl.create(:user)
log_user_in_via_frontend(user)
Visiting root_path afterwards yields No route matches {:controller=>\"users\", :action=>\"show\", :id=>#<User id: nil, login: nil...
What's the best way to have an logged in user in my selenium tests?
Actually by now this works for me. I am not sure what for exactly, but I think the key is deactivate transitional fixture, and to have database cleaner do the cleaning.
I have configured basic authentication (in controller)
above everything in controller file:
before_filter :check_logged_in, :only => [:edit, :update, :destroy]
On the bottom of the file:
private
def check_logged_in
authenticate_or_request_with_http_basic("Ads") do |username, password|
username == "admin" && password == "apple"
end
end
It works like a charm, but there is one thing I don;t understand - when I provide username and password it stays logged in for a long period of time and when I click on 'delete' or 'update' for specific entries I'm not getting prompted again. I thought something went wrong, but when I opened another browser - it prompted me again, but only once, I didn;t have to authenticate for the rest.
Then I thought it was a cookie issue, but nothing changed even though I deleted all the cookies in Chrome. So I got a couple of questions:
Is there any way to say for how long I'm going to be authenticated?
Is there any way to be prompted for authentication everytime I click on the resource mentioned here - :check_logged_in, :only => [:edit, :update, :destroy] ?
HTTP basic authentication doesn´t use cookies. The login information is sent with every HTTP request to the specified web server. You are logged in until you close your web browser or delete all active logins.