On Apr 16, 5:44 pm, TheRailsWayOrTheHighway
<
HungerAfterRighteousn...@gmail.com> wrote:
> Peculiarly, I am pursuing the same thing.
>
> Instead of
>
> Given /^a registered user "([^\"]*)"$/ do |arg1|
> UserSession.create(users(arg1))
> visit '/workouts'
> end
>
> I am doing
>
> Given /^a registered user "([^\"]*)"$/ do |arg1|
> @usr = User.create(:login => arg1, :password => "pswd")
> puts("++++ Given a registered user #...@usr.login}, right before
> UserSession.create")
> UserSession.create(@usr)
> end
>
If you visit the RSpec list with this problem you will probably be
advised to avoid creating user sessions directly and to authenticate
through the API of your app. I went through this learning curve with
both cucumber and authlogic last Christmas. Unless you are testing
authlogic itself I doubt very much that you need any addition to
env.rb, In any case place local customizations in another file such as
local_env,rb. "support/env.rb" is overwritten by script/cucumber and
you should run that script whenever cucumber is updated, which is
rather often.
Briefly, what I did in environment.rb is add this at the end.
# Add gem configuration calls here
config.gem 'authlogic'
That takes care of having authlogic available wherever you call it
inside your app and insures that your app will not start without it.
After setting up the application_controller and filter methods then
verify that one can authenticate via the UI. Once that works then set
up a helper step something like this:
When /user named "(.+)" authenticates/ do |name|
visit new_user_session_path
Then "see an authentication request message"
Then "enter the username \"#{name}\""
Then "enter the password \"#{name}-password\""
Then "press the authenticate button"
Then "see an authentication success message"
visit root_path
have_no_selector("#authentication_request")
end
Each of the Then clauses in that step are themselves steps that do the
appropriate things on the UI. I use a separate user factory step but
your approach works fine.
In your feature you would write this:
Scenario: A user can visit the workouts page
Given a user named "mike"
And the user named "mike" authenticates
When they visit the "workouts" page
Then they should see "something to do with workouts"
Despite the wordiness, this approach of calling steps from steps keeps
each step very small and easy to debug or refactor as the UI is
elaborated. Diving authentication through the UI tests the effect of
each change, including those made to routing as new controllers are
added, which can have surprising effects on authentication, I caught
many errors in my authentication and authorization logic as I built
additional bits, none of which would have been found until much later
had I bypassed the UI and created the user session directly.
HTH