我有一个使用 cancan 的 rails 应用程序,我正在测试几个不同的角色。我正在寻找跨多个控制器设置这些测试的最干燥的方法。
这是我目前所拥有的缩短版本。有一个更好的方法吗?对我来说还是有点沉重。
describe OrganizationsController do
render_views
before do
# User roles
@unauthenticated = User.new
@org_admin = Factory.create(:organization_admin)
@org_staff = Factory.create(:org_staff)
@customer = Factory.create(:customer)
@admin = Factory.create(:admin)
@organization = Factory.create(:organization)
@org_for_admin = Factory.create(:organization, :user_group_id => @org_admin.user_group_id)
@org_attr = FactoryGirl.attributes_for(:organization)
end
describe "GET 'show'" do
authorized = %w(org_admin admin org_staff customer)
not_authorized = %w(unauthenticated)
not_authorized.each do |u|
context "an organization by a user with role: #{u}" do
before do
user = instance_variable_get("@#{u}")
get :show, :id => @organization.id, :format => 'json'
end
it { should_not respond_with :success }
it { should respond_with :forbidden }
end
end
authorized.each do |u|
context "an organization by a user with role: #{u}" do
before do
user = instance_variable_get("@#{u}")
get :show, :id => @organization.id, :format => 'json', :token => user.token
end
it { should respond_with :success }
it { should render_template :show }
it { should respond_with_content_type(/json/) }
it { should assign_to(:organization).with_kind_of(Organization) }
end
end
end
describe "GET 'update'" do
authorized = [%w(admin organization), %w(org_admin org_for_admin)]
not_authorized = [%w(unauthenticated organization), %w(org_staff org_for_admin), %w(customer organization), %w(org_admin organization)]
not_authorized.each do |u, o|
context "an organization by a user with role: #{u}" do
before do
user = instance_variable_get("@#{u}")
organization = instance_variable_get("@#{o}")
put :update, :id => organization.id, :organization => @org_attr, :format => 'json'
end
it { should_not respond_with :success }
it { should respond_with :forbidden }
end
end
authorized.each do |u, o|
context "an organization by a user with role: #{u}" do
before do
user = instance_variable_get("@#{u}")
organization = instance_variable_get("@#{o}")
put :update, :id => organization.id, :organization => @org_attr, :format => 'json', :token => user.token
end
it { should respond_with :success }
it { should render_template :update }
it { should respond_with_content_type(/json/) }
it { should assign_to(:organization).with_kind_of(Organization) }
end
end
end
end
或者,我是否应该使用 cancan 匹配器并将这些类型的能力测试移动到模型规范中,并且只对每个控制器操作进行成功和禁止的测试?也欢迎在反模式/风格建议方面对我的测试提出任何其他评论。
谢谢!