Created
May 2, 2009 17:54
-
-
Save r38y/105642 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# authorization controller... the other controllers inherit from this | |
class TeachController < ApplicationController | |
before_filter :find_section | |
before_filter :instructor_required # don't forget to fill out more controller tests if this changes | |
layout "admin" | |
private | |
def instructor_required | |
(logged_in? && (current_user.admin? || @section.taught_by?(current_user))) || access_denied | |
end | |
def find_section | |
@section = Section.find(params[:section_id]) | |
end | |
end | |
# the do_put part is mostly what changes between actions... I tried the whole example group thing but couldn't get it to work | |
# I end up putting the three specs below in every action... mostly just tests that that controller inherits from the | |
# authorization controller | |
def do_put | |
put :update, :section_id => @section, :quiz_id => @quiz, :id => @quiz_exception, :student_id => @student | |
end | |
it "should be successful if user is an admin" do | |
do_put | |
response.should be_success | |
end | |
it "should be successful if user is an instructor but not an admin" do | |
@user.stub!(:admin?).and_return(false) | |
@section.stub!(:taught_by?).and_return(true) | |
do_put | |
response.should be_success | |
end | |
it "should redirect to login page if user is not an admin and does not teach the section" do | |
@user.stub!(:admin?).and_return(false) | |
@section.stub!(:taught_by?).and_return(false) | |
do_put | |
response.should redirect_to(login_path) | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment