I have implemented cancan and would like to test abilities as recommended on the cancan wiki. I trying to replicate "user can only destroy projects which he owns."
spec/models/ability_spec.rb:
require "cancan/matchers"
require 'spec_helper'
describe Ability do
context "user is investigator" do
it "user can only destroy projects which he owns" do
user = FactoryGirl.create(:user)
ability = Ability.new(user)
ability.should be_able_to(:destroy, Project.new(:user => user))
end
end
end
However I get:
ActiveModel::MassAssignmentSecurity::Error:
Can't mass-assign protected attributes: user
Models:
class User < ActiveRecord::Base
has_many :projects, dependent: :destroy
devise :database_authenticatable, etc...
attr_accessible :email, :password, :password_confirmation, :remember_me, :locale
validates :role, :presence => true
end
class Project < ActiveRecord::Base
belongs_to :user
end
Factory:
FactoryGirl.define do
factory :user do |f|
f.email { Faker::Internet.email }
f.password "secret"
f.role 1
end
end
I understand why this error arrises, and have tried various ways round it, but don't have a good enough understanding of factories to crack it. Can you help?
So the problem was related to not using Factory Girl when creating the project. It should have been:
describe Ability do
context "user is investigator" do
it "user can only destroy projects which he owns" do
user = FactoryGirl.create(:user)
ability = Ability.new(user)
ability.should be_able_to(:destroy, FactoryGirl.create(:project, :user => user))
end
end
end
Related
I am having an issue regarding Factory Girl in Rails. I currently have pundit setup am trying to test my user policies yet the factory does not seem to work when in rspec.
Inside the rails console, I can load up the console and type:
user=FactoryGirl.create(:admin_user)
r=user.roles
This works correctly creates a user and the correct associations between a user and a role. However, when the factory is used in rspec- A user is created but not the associated assignment. (I discovered this by using 'pp' inside the specific tests.)
I do not need to create a role, since the roles are set so I am looking them up.
Any ideas?
Models
class User < ApplicationRecord
has_many :assignments, dependent: :destroy
has_many :roles, through: :assignments, dependent: :destroy
def has_role?(roles)
roles.each do |role|
if self.roles.include? role
return true
end
end
false
end
class Role < ApplicationRecord
# Associations
has_many :assignments
has_many :users, through: :assignments
class Assignment < ApplicationRecord
# Associations
belongs_to :user
belongs_to :role
Factories
FactoryGirl.define do
factory :user do
first_name {Faker::Name.first_name}
last_name {Faker::Name.last_name}
email {Faker::Internet.email}
password {Faker::Internet.password(8)}
factory :admin_user do
after(:create) do |user|
Assignment.create(user: user , role: Role.find_by(label:'System Admin') )
end
end
end
end
Tests
User Policy Test
describe UserPolicy do
subject { UserPolicy }
let (:current_user) { FactoryGirl.build_stubbed :user}
let (:other_user) { FactoryGirl.build_stubbed :user }
let (:admin) { FactoryGirl.build_stubbed :admin_user}
permissions :index? do
it "denies access if not an admin" do
expect(UserPolicy).not_to permit(current_user)
end
it "allows access for an admin" do
expect(UserPolicy).to permit(admin)
end
end
end
Other Test With same Issue
feature 'User index page', :devise do
after(:each) do
Warden.test_reset!
end
scenario 'user sees own email address' do
user = FactoryGirl.create(:admin_user)
expect(user.has_role?(Role.where(label: 'System Admin'))).to eq true
login_as(user, scope: :user)
visit users_path
expect(page).to have_content user.email
end
end
This test fails since the user has no role assigned.
Controller
class AssignmentsController < ApplicationController
def create
#assignment = Assignment.new(assignment_params)
if #assignment.save
redirect_to users_path(), :notice => "Role Added"
else
flash[:alert]="Unable to Add Role"
end
end
I cannot get Factory Girl to produce a User object when accepts_nested_attributes_for is enabled.
Given the models:
class Account < ApplicationRecord
belongs_to :meta, polymorphic: true, dependent: :destroy
end
class User < ApplicationRecord
has_one :account, as: :meta
validates :fname, presence: true
validates :lname, presence: true
validates_presence_of :account
#accepts_nested_attributes_for :account
end
And, the factories:
FactoryGirl.define do
factory :account do
sequence(:email) { |n| "account#{n}#mack.com" }
password "abcdef123"
password_confirmation "abcdef123"
confirmed_at Date.today
end
end
FactoryGirl.define do
factory :user do
sequence(:fname) { |n| "first#{n}" }
sequence(:lname) { |n| "last#{n}" }
after(:build) do |user|
user.build_account attributes_for(:account)
end
end
end
The following spec:
describe User, :type => :model do
it "has a valid factory" do
user = build(:user)
expect(user).to be_valid
end
end
Fails if I uncomment the accepts_nested_attributes_for in the User model. I would like to use the nested attributes for working with User objects, but I cannot figure out how to get FactorGirl to build a User with nested attributes enabled.
I get the following error:
1) User has a valid factory
Failure/Error: expect(user).to be_valid
expected #<User id: nil, fname: "first1", lname: "last1", created_at: nil, updated_at: nil> \
to be valid, but got errors: Account meta must exist
I am using Rails version 5.0.0beta1 and Factory Girl 4.6.0.
I've been battling this all day -- thanks for your help.
Edit: I see the same behavior using the rails console, so it would seem like the issue is independent of Factory Girl.
Still a bit new to rspec and can't get the following test to pass (problem area the 'it "should have the right treatings in the right order" do' block):
user_spec.rb
describe User do
before do
#user = User.new(name: "Example User", email: "user#example.com",
password: "foobar", password_confirmation: "foobar")
end
describe "treating associations" do
before { #user.save }
let!(:older_treating) do
FactoryGirl.create(:treating, user: #user, created_at: 1.day.ago)
end
let!(:newer_treating) do
FactoryGirl.create(:treating, user: #user, created_at: 1.hour.ago)
end
it "should have the right treatings in the right order" do
#user.sent_treatings.should == [newer_treating, older_treating]
#user.received_treatings.should == [newer_treating, older_treating]
end
end
end
Based on my User and Treating models below, I know I need to have 'requestor' and 'requestee' embedded somewhere in the test, and I have tried different variations, but they all continue to fail. Here are the models:
user.rb
class User < ActiveRecord::Base
attr_accessible :name, :email, :password, :password_confirmation
has_secure_password
has_many :sent_treatings, :foreign_key => "requestor_id", :class_name => "Treating"
has_many :received_treatings, :foreign_key => "requestee_id", :class_name => "Treating"
end
treating.rb
class Treating < ActiveRecord::Base
attr_accessible :intro, :proposed_date, :proposed_location
validates :requestor_id, presence: true
validates :requestee_id, presence: true
belongs_to :requestor, class_name: "User"
belongs_to :requestee, class_name: "User"
default_scope order: 'treatings.created_at DESC'
end
Here is my factories.rb file:
factories.rb
FactoryGirl.define do
factory :user do
sequence(:name) { |n| "Person #{n}" }
sequence(:email) { |n| "person_#{n}#example.com"}
password "foobar"
password_confirmation "foobar"
factory :admin do
admin true
end
end
factory :treating do
intro "Lorem ipsum"
user
end
end
Looking for an explanation of logic behind the appropriate code to fill in the ' it "should have the right treatings in the right order" do' block of the user_spec test. Thanks!
EDIT: sorry, forgot error message, here it is:
Failures:
1) User treating associations should have the right treatings in the right order
Failure/Error: FactoryGirl.create(:treating, user: #user, created_at: 1.day.ago)
NoMethodError:
undefined method user=' for #<Treating:0x0000010385ec70>
# ./spec/models/user_spec.rb:143:inblock (3 levels) in '
You are trying to override a field which doesn't exist.
You don't have user but a requestor or requestee.
Try for example
FactoryGirl.create(:treating, requestor: #user, created_at: 1.hour.ago)
I am using Ruby on Rails 3.1.0, rspec-rails 2 and Factory gems. I have some trouble related to the validation process when I state a Factory object for an Account class.
In the model file I have:
class Account < ActiveRecord::Base
belongs_to :user
attr_accessible :name, ..., :password
validates :name,
:presence => true
...
validates :password,
:presence => true
end
In the factory file I have:
FactoryGirl.define do
factory :account, do
sequence(:name) { |n| "Foo #{n}"}
...
password 'psw_secret'
association :user
end
factory :user do
auth 'registered'
end
end
When in the spec file I state let!(:account) { Factory(:account) } it works as expected but when I use the following:
let!(:user) { Factory(:user, :account => Factory(:account)) }
I get this error:
Failure/Error: let!(:user) { Factory(:user, :account => Factory(:account)) }
ActiveRecord::RecordInvalid:
Validation failed: Account password can not be blank, Account is invalid
Why I get that error? How can I solve the problem?
I think you should do it the other way around:
#user = Factory(:user)
#account = Factory(:account, :user => #user)
The relation is defined on account, not on user.
Hope this helps.
I have a class User as follows
class User < ActiveRecord::Base
has_one :session
has_and_belongs_to_many :posts
has_and_belongs_to_many :replies
attr_accessor :clear_text_password;
validates_presence_of :username
validates_uniqueness_of :username
validates :clear_text_password, :presence => true, :length => {:minimum => 6}
validates_confirmation_of :clear_text_password
validates_presence_of :e_mail
validates_uniqueness_of :e_mail
def User.authenticate(name, password)
if user = find_by_username(name)
if user.password == encrypt_password(password)
user
end
end
end
end
Now, my rspec test file is as below
require 'spec_helper'
require 'rspec'
require 'rspec-rails'
require 'user'
describe User do
describe "my first test" do
it "should redirect if user is authenticated" do
user = User.authenticate('abcd','abcdef')
c=false
if user
c=true
end
c.should == true
end
end
end
The database table users has the username and password "abcd" and "abcdef" . but the test always fails. the method call always returns false. Please help!!