Description

The ActiveTest Authorisation is an example, but fully functional, plugin for the ActiveTest::Controller subject. It gives you the ability to test that a controller’s action requires a user to have the correct permissions to access it.

It provides two behaviours (requires_permission_on and accepts_permission_on) and two assertions (assert_requires_permission and assert_accepts_permission).

It assumes the following:

• You are using some variant of Simple Access Control or acl_system2.
• You have login_as and logout methods for logging users in and out (e.g. ActiveTest Authentication)
• You are probably using ActiveTest Authentication as well.

Example

  class SomeControllerTest < ActiveTest::Controller

    setup

    def setup
      login_as :admin
    end

    requires_permission_on :index, :login_as => :unprivileged
    accepts_permission_on :index

  end