Ruby on rails Rails用于在应用程序控制器中从伤残者中救援的小型测试AuthenticationToken
嘿,我目前正在使用内置在rails中的minitest框架。尝试在我的ApplicationController中测试一些方法,以保护_免受_伪造和从InvalidAuthenticationToken异常中恢复。作为参考,我的ApplicationController如下所示:Ruby on rails Rails用于在应用程序控制器中从伤残者中救援的小型测试AuthenticationToken,ruby-on-rails,testing,minitest,Ruby On Rails,Testing,Minitest,嘿,我目前正在使用内置在rails中的minitest框架。尝试在我的ApplicationController中测试一些方法,以保护_免受_伪造和从InvalidAuthenticationToken异常中恢复。作为参考,我的ApplicationController如下所示: class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an excepti
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
rescue_from ActionController::InvalidAuthenticityToken, with: :handle_invalid_token
def access_denied(exception)
redirect_to root_path, :alert => exception.message
end
protected
def handle_invalid_token
flash[:alert] = I18n.translate('devise.failure.invalid_token')
redirect_to new_user_session_path
end
end
class ApplicationControllerexception.message
结束
受保护的
def句柄\u无效\u令牌
flash[:alert]=I18n.translate('devease.failure.invalid_token')
重定向到新用户会话路径
结束
结束
我正在寻找其他方法来测试ActionController::InvalidAuthenticationToken中的rescue_和protect_from_伪造with::exception方法。有没有可能用minitest来模拟这些东西,请原谅我的经验仅限于基本的模型/控制器/视图测试
这里没有太多,但我想我应该为我的ApplicationControllerTest包含这个类
require 'test_helper'
class ApplicationControllerTest < ActionController::TestCase
test 'invalid access token' do
end
end
需要“测试助手”
类ApplicationControllerTest
我这样做是通过删除一个测试控制器:
class StubController < ApplicationController
def authenticate_user
authenticate_user!
head 200
end
def authenticate_user_invalid
authenticate_user!
end
end
Rails.application.routes.disable_clear_and_finalize = true
# Create a new route for our new action
Rails.application.routes.draw do
get 'authenticate_user', to: 'stub#authenticate_user'
get 'authenticate_user_invalid', to: 'stub#authenticate_user_invalid'
end
class StubControllerTest < ActionController::TestCase
test 'authenticate_user sets current_user if valid user token and email' do
user = users(:authenticatable_user)
@request.headers['Authorization'] = "Token token=#{user.token},email=#{user.email_address}"
get :authenticate_user
assert_equal user, assigns(:current_user)
end
end
class StubController
存根控制器只是将ApplicationController
子类化,然后我将其添加到madeup操作中,该操作将触发我想要测试的实际方法。如果一切按计划进行,你可以测试副作用,看看它是否有效。希望这能给你足够的信息,你可以破解它来满足你的需要