diff options
author | David Heinemeier Hansson <david@loudthinking.com> | 2005-01-09 15:20:00 +0000 |
---|---|---|
committer | David Heinemeier Hansson <david@loudthinking.com> | 2005-01-09 15:20:00 +0000 |
commit | 75fca04590a310bedc66a455d7508168ae932ba4 (patch) | |
tree | ebb61524bb141a5b045530cc170ca7c1914ab148 /actionpack/test/controller | |
parent | 298cbbd3a0a3cd678b9134ad2f998abbb25e51b6 (diff) | |
download | rails-75fca04590a310bedc66a455d7508168ae932ba4.tar.gz rails-75fca04590a310bedc66a455d7508168ae932ba4.tar.bz2 rails-75fca04590a310bedc66a455d7508168ae932ba4.zip |
Added authentication framework to protect actions behind a condition and redirect on failure. See ActionController::Authentication for more.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@351 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'actionpack/test/controller')
-rw-r--r-- | actionpack/test/controller/authentication_test.rb | 89 | ||||
-rw-r--r-- | actionpack/test/controller/render_test.rb | 5 |
2 files changed, 94 insertions, 0 deletions
diff --git a/actionpack/test/controller/authentication_test.rb b/actionpack/test/controller/authentication_test.rb new file mode 100644 index 0000000000..abf0409d08 --- /dev/null +++ b/actionpack/test/controller/authentication_test.rb @@ -0,0 +1,89 @@ +require File.dirname(__FILE__) + '/../abstract_unit' + +class AuthenticationTest < Test::Unit::TestCase + class ApplicationController < ActionController::Base + authentication :by => '@session[:authenticated]', :failure => { :controller => "login" } + end + + class WeblogController < ApplicationController + def show() render_text "I showed something" end + def index() render_text "I indexed something" end + def edit() render_text "I edited something" end + def update() render_text "I updated something" end + def login() @session[:authenticated] = true; render_nothing end + end + + class AuthenticatesWeblogController < WeblogController + authenticates :edit, :update + end + + class AuthenticatesAllWeblogController < WeblogController + authenticates_all + end + + class AuthenticatesAllExceptWeblogController < WeblogController + authenticates_all_except :show, :index, :login + end + + class AuthenticatesSomeController < AuthenticatesAllWeblogController + authenticates_all_except :show + end + + def setup + @request = ActionController::TestRequest.new + @response = ActionController::TestResponse.new + end + + def test_access_on_authenticates + @controller = AuthenticatesWeblogController.new + + get :show + assert_success + + get :edit + assert_redirected_to :controller => "login" + end + + def test_access_on_authenticates_all + @controller = AuthenticatesAllWeblogController.new + + get :show + assert_redirected_to :controller => "login" + + get :edit + assert_redirected_to :controller => "login" + end + + def test_access_on_authenticates_all_except + @controller = AuthenticatesAllExceptWeblogController.new + + get :show + assert_success + + get :edit + assert_redirected_to :controller => "login" + end + + def test_access_on_authenticates_some + @controller = AuthenticatesSomeController.new + + get :show + assert_success + + get :edit + assert_redirected_to :controller => "login" + end + + def test_authenticated_access_on_authenticates + @controller = AuthenticatesWeblogController.new + + get :login + assert_success + + get :show + assert_success + + get :edit + assert_success + end +end
\ No newline at end of file diff --git a/actionpack/test/controller/render_test.rb b/actionpack/test/controller/render_test.rb index ce778e1d7d..f983960e2e 100644 --- a/actionpack/test/controller/render_test.rb +++ b/actionpack/test/controller/render_test.rb @@ -126,6 +126,11 @@ class RenderTest < Test::Unit::TestCase assert_raises(ActionController::UnknownAction, "No action responded to [clone]") { process_request } end + def test_private_methods + @request.action = "determine_layout" + assert_raises(ActionController::UnknownAction, "No action responded to [determine_layout]") { process_request } + end + def test_access_to_request_in_view ActionController::Base.view_controller_internals = false |