开发者

Ruby on Rails: 2.3.8, custom before filters don't work?

开发者 https://www.devze.com 2023-03-20 19:10 出处:网络
So, I\'ve been trying to set up a before_filter for checking permissions for whether or not someone can delete an object.But it hasn\'t been working... eventually I do the following:

So, I've been trying to set up a before_filter for checking permissions for whether or not someone can delete an object. But it hasn't been working... eventually I do the following:

   before_filter :test_hack, :only => :destroy

  def test_hack
    return false
  end

the destroy method here:

def destroy
    @content = Content.find(params[:id])

#will get rid of this when the before filter works...
# but this doesn't stop it from getting deleted either
    if not has_permission_to_change?(@content) 
      puts "This content is not gonig to get deleted"   
      flash[:error] = 'You do not have permission to delete this content.'
    else
      @content.destroy
    end

the failing test:

   should "not allow the deleting of #{plural_name} on different accounts" do
      login_as(@user)
      p = Factory(factory_name, :account => Factory(:account))

      as开发者_运维技巧sert_difference("#{klass}.count", 0) do
        begin
          delete :destroy, :id => p.id
          raise "program flow should not reach this message"
        rescue ActiveRecord::RecordNotFound
          assert true
        end
      end

Content belongs_to an account

console output:

Loaded suite test/functional/contents_controller_test
Started
This content is not gonig to get deleted 
E
Finished in 0.649422 seconds.

  1) Error:
test: destroy contents! should not allow the deleting of contents on different accounts. (ContentsControllerTest):
RuntimeError: program flow should not reach this message


Once again, the bahavior of your test is absolutely normal:

Your line raise "program flow should not reach this message"will ALWAYS be executed since there is an object with the id you pass: you just created it

You should just keep:

 assert_difference("#{klass}.count", 0) do
   delete :destroy, :id => p.id
  end

And I an't see where your before_filter is useful here


In your test,

delete :destroy, :id => p.id

won't raise any exceptions, so the execution continues normally, reaching the next line

raise "program flow should not reach this message"

and the test fails, because this is not caught. The before_filter has nothing to do with it, according to your test output, it's not even invoked.

0

精彩评论

暂无评论...
验证码 换一张
取 消