我正在阅读最新版本的 Michael Hartl 教程,但我无法通过第 9.2 章中的几个测试:
http://ruby.railstutorial.org/chapters/updating-showing-and-deleting-users#sec-authorization
我已经验证了我的 gem 版本,重新启动了 Rails 服务器,运行了包更新,并重建了测试数据库,但无济于事。我已经从 git 存储库中重新复制,并检查了我认为相关的每一行。在第 9 章之前我没有遇到任何问题,但我正在努力做到彻底,尤其是像这样的网络安全部分,因为我想在完成教程后使用这个模型创建一个新站点。任何帮助都深表感谢。
作为旁注,编辑重定向似乎工作正常,但使用 PUT 的测试失败,即使它们在控制器中使用相同的重定向功能,我不明白为什么它们会表现不同。再次感谢您的帮助。
约翰
失败消息:
1) 用户控制器中未登录用户的身份验证授权提交更新操作失败/错误:指定 { response.should redirect_to(signin_path) } 预期响应是重定向到 >http://www.example。 com/signin 但重定向到 >https://www.example.com/users/45 # ./spec/requests/authentication_pages_spec.rb:60:in `block (6 levels) in top (required)'
2) 身份验证授权错误用户向 Users#update 操作提交 PUT 请求失败/错误:指定 { response.should redirect_to(root_path) } 预期响应是重定向到 >http://www.example.com/ 但是是重定向到 >https://www.example.com/users/49 # ./spec/requests/authentication_pages_spec.rb:77:in 'top (required)' 中的 `block (5 levels)'
这是身份验证规范,其中 2 个失败的测试来自:require 'spec_helper'
describe "Authentication" do
subject { page }
describe "signin page" do [...]
describe "signin" do [...]
describe "authorization" do
describe "for non-signed-in users" do
let(:user) { FactoryGirl.create(:user) }
describe "in the Users controller" do
describe "visiting the edit page" do
before { visit edit_user_path(user) }
it { should have_selector('title', text: 'Sign in') }
end
describe "submitting to the update action" do
before { put user_path(user) }
specify { response.should redirect_to(signin_path) } #<---Failure 1
end
end
end
describe "as wrong user" do
let(:user) { FactoryGirl.create(:user) }
let(:wrong_user) { FactoryGirl.create(:user, email: "wrong@example.com") }
before { sign_in user }
describe "visiting Users#edit page" do
before { visit edit_user_path(wrong_user) }
it { should_not have_selector('title', text: full_title('Edit user')) }
end
describe "submitting a PUT request to the Users#update action" do
before { put user_path(wrong_user) }
specify { response.should redirect_to(root_path) } #<--- Failure 2
end
end
end
end
实用程序中的 sign_in 函数:
def sign_in(user)
visit signin_path
fill_in "Email", with: user.email
fill_in "Password", with: user.password
click_button "Sign in"
# Sign in when not using Capybara as well.
cookies[:remember_token] = user.remember_token
end
这是用户控制器:
class UsersController < ApplicationController
before_filter :signed_in_user, only: [:edit, :update]
before_filter :correct_user, only: [:edit, :update]
def show
@user = User.find(params[:id])
end
def new
@user = User.new
end
def create
@user = User.new(params[:user])
if @user.save
sign_in @user
flash[:success] = "Welcome to the Sample App!"
redirect_to @user
else
render 'new'
end
end
def edit
end
def update
if @user.update_attributes(params[:user])
flash[:success] = "Profile updated"
sign_in @user
redirect_to @user
else
render 'edit'
end
end
private
def signed_in_user
redirect_to signin_url, notice: "Please sign in." unless signed_in?
end
def correct_user
@user = User.find(params[:id])
redirect_to(root_path) unless current_user?(@user)
end
end
还有我的路线,以防万一:
Railstut::Application.routes.draw do
resources :users
resources :sessions, only: [:new, :create, :destroy]
root to: 'static_pages#home'
match '/signup', to: 'users#new'
match '/signin', to: 'sessions#new'
match '/signout', to: 'sessions#destroy', via: :delete
match '/help', to: "static_pages#help"
match '/about', to: "static_pages#about"
match '/contact', to: "static_pages#contact"
end