Rails is supposed to encourage test-driven development. It generates a lot of tests at the same time it generates a web application. The problem is, it also makes it easy to create a working application without running any tests. The fact that the controllers, models and views are reloaded every time you hit refresh in your browser in development mode means it is simple to 'test' each change you make by guessing what it affected and running through those parts of the application using the browser.

This is, of course, not rigorous testing. Nevertheless, I managed to deploy pdxspurs.com without running any tests at all. Now I'm trying to make the tests for that site work. It's more difficult than writing the application in the first place. The most difficult tests are those generated by acts_as_authenticated. I have increased the password strength, so the tests generated, which rely on password 'test', don't work. They all depend on knowing what the encrypted password is, so I have to run my strong passwords through the encryption, find the encrypted password in the database, together with another gnarly-looking hex string called the 'salt', and paste them into the test code, to get the users to authenticate automatically when you run the tests. I'll post here when I work it out.

PS. Best intro to acts_as_authenticated -
robmayhew.com/todo-list-u...ed%e2%80%99/

PPS. Nick Kallen's talk at RailsConf about ActiveRecord depended heavily on RSpec. I didn't follow it that well. He would write a method called User.in_role?(role) which would fail if user was not in the role given. Then he added 'return true' to the method, so in_role? would be true for any role so now the tests passed. But this involves writing code which you know is wrong, which you are going to have to delete - so why write it? I've a ways to go before using RSpec for testing.