如何测试在Rails / Capybara / Cucumber或Rspec的职位 [英] How to test posts in Rails / Capybara / Cucumber or Rspec

问题描述

我使用的是rspec，黄瓜和capybara，我正在寻找一种方法来测试一个恶意的用户不能攻击一个表单，然后发布到他/她没有权限的url。我在cancan中设置了我的权限，这个应该工作，但是，我可以测试它的唯一方法是自己攻击表单。

I'm using rspec, cucumber and capybara and I'm looking for a way to test that a malicious user can't hack a form then post to an url he/she doesn't have permission to. I have my permissions set up in cancan such that this "should" work, however, the only way I can test it is by hacking a form myself.

我如何自动化这种测试？使用webrat，我可以在rspec的单元测试中使用

How can I automate this sort of testing? With webrat I could do this in a unit test with rspec with something like

put :update, :user_id => @user.id, :id => @user_achievement.id
response.should contain("Error, you don't have permission to access that!") 

在capybara，然而，访问只是得到的似乎。我找不到一个办法做到这一点，我已经googled无处不在。

In capybara, however, visit only does get's it seems. I can't find a way to do this, I've googled everwhere.

任何帮助将非常感激，
感谢

Any help would be much appreciated, Thanks

推荐答案

p>我想你可以这样做与rack-test
https://github.com/brynary / rack-test

I think you can do this with rack-test https://github.com/brynary/rack-test

：

gem 'rack-test'

module CapybaraApp
  def app; Capybara.app; end
end
World(CapybaraApp)
World(Rack::Test::Methods)

step defintions某处：

step defintions somewhere:

When /^I send a POST request to "([^"]*)"$/ do |path|
  post path
end

的内容来自这里： http ：//www.anthonyeden.com/2010/11/testing-rest-apis-with-cucumber-and-rack-test

更新：I认为你可以跳过你的env.rb文件的更新版本的Rails和/或Cucumber（不知道是哪个，我只是不在我的较新的项目，它的工作正常）

UPDATE: I think you can skip the changes to your env.rb file with newer versions of Rails and/or Cucumber (not sure which, I just don't do that part on my newer projects and it works fine)

这篇关于如何测试在Rails / Capybara / Cucumber或Rspec的职位的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！