rodmclaughlin.com

What I had to do to get authlogic working with Ruby on Rails 3.1.3 (25 jan 12)

  # admin_controller_spec:
require 'spec_helper'

describe "should be authenticated if we managed to log in" do

  before(:all) do
    @controller = logout_user( nil ) # just to show this method doesn't blow up if noone's home
    @controller = AdminController.new # created just for this test - shows how to use authlogic
  end

  before(:each) do
    Authlogic::Session::Base.controller = Authlogic::ControllerAdapters::RailsAdapter.new(self)
    @controller = logout_user( @controller )
  end

  it "should succeed on index and new for an admin user" do
    @admin = create_admin
    get :index
    response.should be_success
    get :new
    response.should be_success
  end

  it "should fail on new for an ordinary user" do
    @user = create_user
    @controller = AdminController.new # created just for this test - shows how to use authlogic
    get :index
    response.should be_success
    get :new
    response.should_not be_success
  end

end

# application_controller.rb:
 helper_method :current_user_session, :current_user

 private
   def current_user_session
     return @current_user_session if defined?(@current_user_session)
     @current_user_session = UserSession.find
   end

   def current_user
     return @current_user if defined?(@current_user)
     @current_user = current_user_session && current_user_session.user
   end

   def require_user
     unless current_user
       store_location
       flash[:notice] = "You must be logged in to access this page"
       redirect_to new_user_session_url
       return false
     end
   end

   def require_admin
      user = (! current_user.nil?)
      admin = false
      if user
        current_user.roles.each { |role| admin = true if role.name =~ /admin/i }
      end
      unless admin
        store_location
        flash[:notice] = "You must be an administrator to access this page"
        redirect_to new_user_session_url
      end
      admin
   end

# assets_controller.rb:
 before_filter :require_user

# admin_controller.rb:
  before_filter :require_admin, :only => :new

  def index
    @objects = []
    respond_to do |format|
      format.html { render :xml => @objects, :layout => false }
      format.xml  { render :xml => @objects, :layout => false }
    end
  end

  def new
    @object = Object.new
    respond_to do |format|
      format.html { render :xml => @object, :layout => false }
      format.xml  { render :xml => @object, :layout => false }
    end
  end

end

 


# factories.rb:
Factory.define :valid_user , :class => User do |u|
 u.password "Mathieu1!"
 u.password_confirmation "Mathieu1!"
 u.email "mathieu.rousseau.32@gmail.com"
 u.single_access_token "k3cFzLIQnZ4MHRmJvJzg"
end
Factory.define :role, :class => Role do |f|
  f.sequence(:name) {|n| "role#{n}" }
end

Factory.define :admin, :parent => :role, :class => Role do |f|
  f.sequence(:name) { "administrator" }
end

Factory.define :permission, :class => Permission do |f|
end


# user.rb:
class User < ActiveRecord::Base
  acts_as_authentic do |c|
  end
  attr_accessible :email, :password, :password_confirmation
  has_many :permissions

  def roles
    arr = []
    permissions.each { |perm| arr << perm.role }
    arr.uniq
  end

end

# permission.rb:
class Permission < ActiveRecord::Base
  belongs_to :user
  belongs_to :role

  validates_presence_of :user_id
  validates_presence_of :role_id
end

# role.rb:
class Role < ActiveRecord::Base
  has_and_belongs_to_many :users
end

# user_sessions_controller.rb:
 def create
   @user_session = UserSession.new(params[:user_session])
   if @user_session.save
     flash[:notice] = "Login successful"
     redirect_to '/'
   else
     redirect_to '/'
   end
 end

# user_session.rb:
class UserSession < Authlogic::Session::Base
end

# spec_test_helper.rb:
module SpecTestHelper # used in specs and tests

  def logout_user( old_controller )
    return nil if old_controller.nil?
    @controller = UserSessionsController.new
    put :destroy
    @controller = old_controller
    @controller
  end

  def create_user
    Authlogic::Session::Base.controller = Authlogic::ControllerAdapters::RailsAdapter.new(self)
    user = Factory.build(:valid_user)
    UserSession.create user
    user
  end

  def create_admin
    perm = Factory.build(:permission)
    role = Factory.build(:admin)
    role.save
    perm.role = role
    admin = create_user
    perm.user = admin
    perm.save!
    admin
  end

end

# test_helper.rb:
require File.expand_path('../../spec/spec_test_helper', __FILE__)
include SpecTestHelper

#spec_helper.rb:
require File.dirname( __FILE__ ) + '/spec_test_helper'
include SpecTestHelper

# routes.rb:
  resources :user_sessions
  resources :accounts, :controller => "users"
  resources :users
  resources :admin
  match 'login' => "user_sessions#new",      :as => :login
  match 'logout' => "user_sessions#destroy", :as => :logout

# application.html.erb:
       <% if current_user_session %>

         | <%= link_to "logout", "/logout" %>

       <% else %>

         | <%= link_to "log in", "/user_sessions/new/" %>

       <% end %>