应用程序堆栈:Rails3,Cancan,Devise,sherya

我有一些嵌套的资源,想用sheya进行测试,我得到以下DoubleRerenderError:

Error:
test: If anonymous user tries to GET index of fav_blogs should respond with 401.    (BlogItemsControllerTest):
AbstractController::DoubleRenderError: Render and/or redirect were called multiple times  in this action. Please note that you may only call render OR redirect, and at most once per action. Also note that neither redirect nor render terminate execution of the action, so if you want to exit an action after redirecting, you need to do something like "redirect_to(...) and return".

该测试将检查非身份验证的用户是否能够访问嵌套资源(他不应该)

测试方法

context "If anonymous user tries to GET index of fav_blogs" do
  setup do
    get :index, :end_user_id => end_users(:end_user_one).id, :format => "xml"
  end
  should_respond_with 401
  should_not_assign_to :blog_items
end

ControlerMethod:

def index

  if params[:end_user_id] # if it is nested
    authenticate_end_user!
    authorize! :read, @end_user

    @blog_items = @end_user.blog_items
  else
    @PAGE_SIZE = 10
    page = Integer(params[:page]) || 0

    offset = @PAGE_SIZE * page
    @blog_items = BlogItem.limit( offset + @PAGE_SIZE ).offset( offset ).order('updated_at DESC').all
  end

  respond_with(@blog_items)
end

所有具有经过身份验证的用户工作正常的测试 - 可能有人可以给我一个提示。非常感谢!本

有帮助吗?

解决方案

好吧,我完成了 - 问题正在发生

authenticate_end_user!
authorize! :read, @end_user

堵塞。第一行将在没有授权的情况下导致401失败,但无论如何,第二行将被执行。因此,将身份验证放在forter_filter中,并在另一个或您的控制器操作中授权。本

许可以下: CC-BY-SA归因
不隶属于 StackOverflow
scroll top