3

我正在使用 Pundit gem 对我的封闭系统 Ruby on Rails 应用程序进行授权(使用 Rails 4.1.5 和 Rspec 3.0)

我已将我的应用程序策略配置为在未按照 Pundit 文档中的建议定义用户时引发异常:

class ApplicationPolicy
  attr_reader :user, :record

  def initialize(user, record)
    raise Pundit::NotAuthorizedError, "must be logged in" unless user
    @user = user
    @record = record
  end
end

我如何编写一个规范来验证每个 Pundit 策略是否拒绝一个 nil 用户?

我做了以下尝试:

RSpec.describe PostPolicy do
  it "should raise an exception when users aren't logged in" do
    expect(AccountFolderPolicy.new(nil, record)).to  raise_error(Pundit::NotAuthorizedError)
  end
end

但它出错了

 Failure/Error: expect(PostPolicy.new(nil, record)).to raise_error(Pundit::NotAuthorizedError)
 Pundit::NotAuthorizedError:
   must be logged in

关于如何正确测试这个的任何建议?

4

1 回答 1

5

除非您使用raise_error具有以下块形式的匹配器,expect否则 RSpec 无法在后台捕获错误:

RSpec.describe PostPolicy do
  it "should raise an exception when users aren't logged in" do
    expect do
      AccountFolderPolicy.new(nil, record)
    end.to  raise_error(Pundit::NotAuthorizedError)
  end
end

或者

RSpec.describe PostPolicy do
  it "should raise an exception when users aren't logged in" do
    expect { AccountFolderPolicy.new(nil, record) }.to  raise_error(Pundit::NotAuthorizedError)
  end
end
于 2014-12-08T16:58:11.963 回答