Topic: restful_authentication default tests are failing - can't work out why.

Hey all

I just installed restful_authentication in a new project and have run it's specs.  I'm getting a few failures.  Just looking at the first, i can't understand why it's failing - can anyone see?

#failing line from test
route_for(:controller => 'users', :action => 'update', :id => '1').should == "/users/1"

#reported reason for failure
The recognized options <{"action"=>"show", "id"=>"1", "controller"=>"users"}> did not match <{"action"=>"update", "id"=>"1","controller"=>"users"}>, difference: <{"action"=>"update"}>
If you're expecting this failure, we suggest
{:get=>"/users/1"}.should_not be_routable

So, it looks like "/users/1" with a put isn't pointing to update.  But, when i do rake routes i see

  user GET    /users/:id(.:format)  {:controller=>"users", :action=>"show"}
       PUT    /users/:id(.:format)  {:controller=>"users", :action=>"update"}
       DELETE /users/:id(.:format)  {:controller=>"users", :action=>"destroy"}

It looks like the route should work.  And, in the console i can do this:

>> include Spec::Rails::Example::RoutingHelpers
=> Object
>> params_from(:put, '/users/1')
=> {:action=>"update", :controller=>"users", :id=>"1"}

So, i don;t understand why the test is failing.  Any ideas?

thanks - max

Last edited by Max Williams (2010-01-27 12:51:49)

###########################################
#If i've helped you then please recommend me at Working With Rails:
#http://www.workingwithrails.com/person/ … i-williams

Re: restful_authentication default tests are failing - can't work out why.

Hi Max.
Just a shot in the dark here but whenever I try to use controller/action params when a restfull route has been set up I always have problems with being directed to the show action when I wanted a path.

It looks like the same is happening here
You want the update action right?
I would guess that the test has to make use of the edit_users_path instead of the :controller action arguments

route_for(edit_users_path(1)).should == "/users/1" or something like is the test that is needed.
I don't know about the route_for syntax but you get the idea.

What you want and what you need are too often not the same thing!
When your head is hurting from trying to solve a problem, stop standing on it. When you are the right way up you will see the problem differently and you just might find the solution.
(Quote by me 15th July 2009)

Re: restful_authentication default tests are failing - can't work out why.

Hi james.

edit_user_path(1) would go to "users/1/edit" though.  Edit and update are totally different - edit, like new, actually specifies the action in the url, rather than just being set with the regular restful path and the method type.

When you say you were redirected to the show action, are you sure that you specified the method in those cases?

###########################################
#If i've helped you then please recommend me at Working With Rails:
#http://www.workingwithrails.com/person/ … i-williams

Re: restful_authentication default tests are failing - can't work out why.

Sorry,  Don't know what I was thinking when I pointed you to the edit path. lol!
And you are right about the method.
Which is also missing from the

route_for(:controller => 'users', :action => 'update', :id => '1').should == "/users/1"

I still think that this is the same issue though.
:controller => 'users', :action => 'update', :id => '1'
If I put those arguments in to a view helper would expect to be taken to the show action from previous experience.
I think that it's the test that is wrong, only I'm not sure how it should look.

Last edited by jamesw (2010-02-01 07:31:56)

What you want and what you need are too often not the same thing!
When your head is hurting from trying to solve a problem, stop standing on it. When you are the right way up you will see the problem differently and you just might find the solution.
(Quote by me 15th July 2009)

Re: restful_authentication default tests are failing - can't work out why.

I went to check what i have and remembered that i actually ditched restful_authentication in favour of authlogic, for this new project i just started.  So, it's actually kind of academic now smile

However, i think that this

route_for(:controller => 'users', :action => 'update', :id => '1').should == "/users/1"

is still valid because that IS the route for the update action.  I know the method isn't specified but we're not asking about it.  The other tests, which had stuff like this


route_for(:controller => 'users', :action => 'delete', :id => '1').should == "/users/1"

DID work.  Ie, we're not testing the method here.  If you know what i mean.  Anyway it doesn't matter now, the tests have all been deleted smile

cheers tho

###########################################
#If i've helped you then please recommend me at Working With Rails:
#http://www.workingwithrails.com/person/ … i-williams

Re: restful_authentication default tests are failing - can't work out why.

lol, I was starting to think that it might be a problem with the way the routes were defined.

I tend to roll out my own authentication the AWDWR way.
It's simple, effective and totally under your control

What you want and what you need are too often not the same thing!
When your head is hurting from trying to solve a problem, stop standing on it. When you are the right way up you will see the problem differently and you just might find the solution.
(Quote by me 15th July 2009)

Re: restful_authentication default tests are failing - can't work out why.

awdwr?

###########################################
#If i've helped you then please recommend me at Working With Rails:
#http://www.workingwithrails.com/person/ … i-williams

Re: restful_authentication default tests are failing - can't work out why.

Sorry, Agile Web Development With Rails

a link for those that don't know about it
http://www.pragprog.com/titles/rails3/a … rd-edition

The way DHH (David Heinemeier Hanson)  and co have set up authorization is really really simple
On the user It uses SHA1 Digest for the password, a virtual method for the password confirmation and a really simple form

On the controller side of things it uses a before filter in the application controller to verify that a user is logged in.
If the user is not logged in then the method redirects to a login action. The before filter has an exception for the login action obviously.

On the login action if the user is validated then the user id gets added to the session.

I've adapted it a little for my own purposes and added a current_user method and I've also got a public side to my site so I've used name spaces.

I have a before filter to an authorize in my application controller which does not define the authorise method

I only have two controller that descend directly from the application controller. One for the public side of the app and one for the administration side. So all  the controllers in the admin section descend from my admin controller which has the authorisation method fleshed out and all the controllers in the public side of the app descend from a public controller which has an empty authorisation method

It takes very little time tio set up (about 10 minuites once you know what you are doing lol )

The beauty of this is that generated controllers that have not had the change to descend from the correct controller immediately raise an undefined method 'authorise' error because there is no authorise method defined in the application controller so you can't forget to make the change.

Hope that makes sense.

I'm now starting to implement Ryan Bates' cancan gem and the two combined give me awesome control.

Last edited by jamesw (2010-02-01 09:09:21)

What you want and what you need are too often not the same thing!
When your head is hurting from trying to solve a problem, stop standing on it. When you are the right way up you will see the problem differently and you just might find the solution.
(Quote by me 15th July 2009)

Re: restful_authentication default tests are failing - can't work out why.

In the user model the password and password confirmation fields are just virtual attributes
It goes something like this

  def password
    @password
  end
 
  def password=(pwd)
    @password = pwd
    return if pwd.blank?
    create_new_salt
    self.hashed_password = User.encrypted_password(self.password, self.salt)
  end

private

  def password_non_blank
    errors.add(:password, "Missing password") if hashed_password.blank?
  end

  def create_new_salt
    self.salt = self.object_id.to_s + rand.to_s
  end

  def self.encrypted_password(password, salt)
    string_to_hash = password + "somerandomstring" + salt
    Digest::SHA1.hexdigest(string_to_hash)
  end

What you want and what you need are too often not the same thing!
When your head is hurting from trying to solve a problem, stop standing on it. When you are the right way up you will see the problem differently and you just might find the solution.
(Quote by me 15th July 2009)

Re: restful_authentication default tests are failing - can't work out why.

ah yeah, i have read that, a while ago now.  TBH i'm not that keen on a lot of the stuff in that book, it seems out of kilter with how rails is done nowadays.  I did read version 2 though, i think it's been updated since.

###########################################
#If i've helped you then please recommend me at Working With Rails:
#http://www.workingwithrails.com/person/ … i-williams

Re: restful_authentication default tests are failing - can't work out why.

yeah, most of the authentication plugins (including authlogic) work this way, ie using a salt and salted hash system.

###########################################
#If i've helped you then please recommend me at Working With Rails:
#http://www.workingwithrails.com/person/ … i-williams

Re: restful_authentication default tests are failing - can't work out why.

It was updated to 2.3.2 last year.

I'd be interested to know of other sources that you use to keep up to date with

I love the book
It's kinda my bible now along with the latest pickaxe book.

What you want and what you need are too often not the same thing!
When your head is hurting from trying to solve a problem, stop standing on it. When you are the right way up you will see the problem differently and you just might find the solution.
(Quote by me 15th July 2009)

Re: restful_authentication default tests are failing - can't work out why.

yeah...it's not so much that it's out of date with the api, i just think that it relies too much on the rails magic wow factor, which is actually the biggest pitfall of rails imo.  Ie, being able to do stuff without really understanding how/why it works.

###########################################
#If i've helped you then please recommend me at Working With Rails:
#http://www.workingwithrails.com/person/ … i-williams

Re: restful_authentication default tests are failing - can't work out why.

I know what you mean. A little knowledge is a very dangerous thing.
There is an unfortunate tendancy for people to code the depot app and read no further and it's the stuff after that that's the real important stuff.

The book is amazingly in depth but if you never get past the first 200 pages you don't really learn a great deal.
It's the last 3/4 of the book that I refer to on quite a regular basis.

What you want and what you need are too often not the same thing!
When your head is hurting from trying to solve a problem, stop standing on it. When you are the right way up you will see the problem differently and you just might find the solution.
(Quote by me 15th July 2009)

Re: restful_authentication default tests are failing - can't work out why.

ah right.  to be fair i think i didn't read that far. smile

###########################################
#If i've helped you then please recommend me at Working With Rails:
#http://www.workingwithrails.com/person/ … i-williams

Re: restful_authentication default tests are failing - can't work out why.

lol :-)

What you want and what you need are too often not the same thing!
When your head is hurting from trying to solve a problem, stop standing on it. When you are the right way up you will see the problem differently and you just might find the solution.
(Quote by me 15th July 2009)

Re: restful_authentication default tests are failing - can't work out why.

hehe, yeah.  at the time i had a degree project to write and it seemed like a better idea to press ahead with an incomplete but workable understanding of rails.  That's the pitfall i was talking about, a lot of people get caught by it i think.   Maybe i'll go back and read the rest of the book.

###########################################
#If i've helped you then please recommend me at Working With Rails:
#http://www.workingwithrails.com/person/ … i-williams

Re: restful_authentication default tests are failing - can't work out why.

Seriously, I think, even with your knowledge I'm sure you'd get a lot out of it.

What you want and what you need are too often not the same thing!
When your head is hurting from trying to solve a problem, stop standing on it. When you are the right way up you will see the problem differently and you just might find the solution.
(Quote by me 15th July 2009)