Ruby on Rails Tutorial Chapter 10 Exercise RSpec F

2019-08-01 07:25发布

问题:

I'm working on the exercises from Chapter 10 of the Rails Tutorial and ran in to a snag with the exercise that has me ensure that an admin user can't delete themselves. My initial idea was to simply check the id of the current user and compare it against params[:id] to make sure that they're not equal. My destroy action in my Users controller looked like this:

def destroy
  if current_user.id == params[:id].to_i
    flash[:notice] = "You cannot delete yourself."
  else
    User.find(params[:id]).destroy
    flash[:success] = "User destroyed."
  end
  redirect_to users_path
end

This works perfectly when I test it manually in the app but 3 of my RSpec tests fail with the same "undefined method 'to_i'" error (as seen below):

1) UsersController DELETE 'destroy' as an admin user should destory the user
   Failure/Error: delete :destroy, :id => @user
     NoMethodError:
       undefined method `to_i' for #<User:0x000001032de188>
   # ./app/controllers/users_controller.rb:48:in `destroy'
   # ./spec/controllers/users_controller_spec.rb:310:in `block (5 levels) in <top (required)>'
   # ./spec/controllers/users_controller_spec.rb:309:in `block (4 levels) in <top (required)>'

2) UsersController DELETE 'destroy' as an admin user should redirect to the users page
   Failure/Error: delete :destroy, :id => @user
     NoMethodError:
       undefined method `to_i' for #<User:0x000001032b5850>
   # ./app/controllers/users_controller.rb:48:in `destroy'
   # ./spec/controllers/users_controller_spec.rb:315:in `block (4 levels) in <top (required)>'

3) UsersController DELETE 'destroy' as an admin user should not allow you to destroy self
   Failure/Error: delete :destroy, :id => @admin
     NoMethodError:
       undefined method `to_i' for #<User:0x0000010327e350>
   # ./app/controllers/users_controller.rb:48:in `destroy'
   # ./spec/controllers/users_controller_spec.rb:321:in `block (5 levels) in <top (required)>'
   # ./spec/controllers/users_controller_spec.rb:320:in `block (4 levels) in <top (required)>'

If I use the params[:id] to find the user and compare it to the current_user like I have below then it works both in the app and in RSpec.

def destroy
  if current_user == User.find(params[:id])
    flash[:notice] = "You cannot delete yourself."
  else
    User.find(params[:id]).destroy
    flash[:success] = "User destroyed."
  end
  redirect_to users_path
end

Why would there be a problem in RSpec with the "to_i" method? If anyone is wondering I was leaning toward that approach because I thought it would best to simply compare the current user id to the id of the user targeted for deletion (via the params[:id]) instead of hitting the db to "find" the user.

For reference this is my RSpec test:

  describe "DELETE 'destroy'" do
    before(:each) do
        @user = Factory(:user)
    end 

    ...

    describe "as an admin user" do
      before(:each) do
        @admin = Factory(:user, :email => "admin@example.com", :admin => true)
        test_sign_in(@admin)
      end

      it "should destory the user" do
        lambda do
          delete :destroy, :id => @user
        end.should change(User, :count).by(-1)
      end

      it "should redirect to the users page" do
        delete :destroy, :id => @user
        response.should redirect_to(users_path)
      end

      it "should not allow you to destroy self" do
        lambda do
          delete :destroy, :id => @admin
        end.should change(User, :count).by(0)
        response.should redirect_to(users_path)
        flash[:notice].should =~ /cannot delete yourself/
      end
    end
  end

Any help would be appreciated!

回答1:

In your specs, try using @user.id instead of @user on your :id parameter (I realize the Tutorial says to just use @user, but something may be going on where the id isn't being properly extracted):

delete :destroy, :id => @user.id

But you may consider restructuring to something like this:

@user = User.find(params[:id])
if current_user == @user
  flash[:notice] = "You cannot delete yourself."
else
  @user.destroy
  flash[:success] = "User destroyed."
end