I'm trying to test a controller with authlogic+acl9. I followed the
documentation so i can login from a test, but it looks like is
somethign wonrg, because acl9 decide user has not the correct role.
As you see in logs the user login, and the role seems to be applied.
but acl9 is not happy...
I have this in test_helpers:
require "authlogic/test_case"
def login(user, role = nil)
activate_authlogic
assert UserSession.create(user)
user.has_role!(role.to_sym) if role
end
And i try to do this functional test:
test "only admin should access" do
login(users(:admin),:admin)
get :new
assert_template :new
end
Then get this Failure:
test_only_admin_should_access(ClustersControllerTest)
[test/functional/clusters_controller_test.rb:8:in
`test_only_admin_should_access'
expecting <:new> but rendering with <"">
With this logs:
User Load (1.0ms) SELECT * FROM "users" WHERE ("users"."id" = 1)
User Update (0.4ms) UPDATE "users" SET "login_count" = 1,
"current_login_ip" = '0.0.0.0', "perishable_token" = 'cw-
KpoZ9IvgCbfwPnXjr', "last_request_at" = '2010-02-16 08:57:48',
"updated_at" = '2010-02-16 08:57:48', "current_login_at" = '2010-02-16
08:57:48' WHERE "id" = 1
SQL (0.4ms) SELECT max("audits".version) AS max_version FROM
"audits" WHERE ("audits"."auditable_type" = 'User' AND
"audits"."auditable_id" = 1)
User Load (0.9ms) SELECT * FROM "users" WHERE ("users"."id" = 1)
Audit Create (0.4ms) INSERT INTO "audits" ("auditable_type",
"username", "action", "auditable_id", "version", "user_type",
"changes", "ip", "user_id", "created_at") VALUES('User', NULL,
'login', 1, 1, 'User', 'User admin logged', '0.0.0.0', 1, '2010-02-16
08:57:48')
User Load (1.0ms) SELECT * FROM "users" WHERE ("users"."id" = 1)
Audit Update (0.2ms) UPDATE "audits" SET "created_at" =
'2010-02-16 08:57:48', "user_type" = 'User', "version" = 1, "ip" =
'0.0.0.0', "username" = 'admin', "changes" = 'User admin logged',
"auditable_type" = 'User', "auditable_id" = 1, "user_id" = 1, "action"
= 'login' WHERE "id" = 1
Audit Update (0.2ms) UPDATE "audits" SET "changes" = 'User admin
logged' WHERE "id" = 1
Role Load (0.7ms) SELECT "roles".* FROM "roles" INNER JOIN
"roles_users" ON "roles".id = "roles_users".role_id WHERE
("roles"."name" = 'notify') AND ("roles_users".user_id = 1 ) LIMIT 1
Role Load (0.4ms) SELECT * FROM "roles" WHERE (name = 'notify' and
authorizable_type IS NULL and authorizable_id IS NULL) LIMIT 1
Role Load (0.2ms) SELECT * FROM "roles" INNER JOIN "roles_users"
ON "roles".id = "roles_users".role_id WHERE ("roles_users".user_id =
1 )
Role Load (0.2ms) SELECT * FROM "roles" WHERE (name = 'admin' and
authorizable_type IS NULL and authorizable_id IS NULL) LIMIT 1
Role Create (0.5ms) INSERT INTO "roles" ("name", "updated_at",
"authorizable_type", "authorizable_id", "created_at") VALUES('admin',
'2010-02-16 08:57:48', NULL, NULL, '2010-02-16 08:57:48')
Role Load (0.4ms) SELECT "roles".id FROM "roles" INNER JOIN
"roles_users" ON "roles".id = "roles_users".role_id WHERE
("roles"."id" = 1) AND ("roles_users".user_id = 1 ) LIMIT 1
SQL (0.3ms) INSERT INTO "roles_users" ("updated_at", "role_id",
"user_id", "created_at") VALUES ('2010-02-16 08:57:48', 1, 1,
'2010-02-16 08:57:48')
Processing ClustersController#new (for 0.0.0.0 at 2010-02-16 09:57:49)
[GET]
Parameters: {"action"=>"new", "controller"=>"clusters"}
User Load (1.0ms) SELECT * FROM "users" WHERE ("users"."id" = 1)
LIMIT 1
User Update (0.2ms) UPDATE "users" SET "perishable_token" =
'SK2Z1ZT8WVHZNeosa0Lv', "last_request_at" = '2010-02-16 08:57:49',
"updated_at" = '2010-02-16 08:57:49' WHERE "id" = 1
undefined method `lang' for nil:NilClass
Redirected to http://test.host/login
I have this in application_controller:
rescue_from 'Acl9::AccessDenied', :with => :access_denied
def access_denied
if @current_user
Role.manual_audit(@current_user, "Access denied to:
#{params[:controller]}/#{params[:action]}", @current_user, "deny")
render :template => 'system/access_denied'
else
flash[:error] =
I18n.t("application.invalid_user_permision_denied")
redirect_to login_path # <= it falls here
end
end
Somebody can point me what is wrong?
TIA
I see that there is this error happening somewhere in the pipeline:
undefined method `lang' for nil:NilClass
Could this be leading to access denied?
Also, I assume you have proper access control defined in your
ClustersController
class ClustersController
access_control do
actions :new do
allow :admin
end
end
...
end
You can also put another before_filter prior to access_control to see
your "current_user" has :admin role when logged in...