Agile Web Development with Rails, Edition 4

15.1 Task J1: Selecting the locale 14.4 Iteration I4: Adding a Sidebar

14.5 Playtime

Verify that accessing product information requires login

edit test/functional/products_controller_test.rb
  test "should require login" do
    logout
    get :index
    assert_redirected_to login_path
  end

Verify that the test passes

rake test:functionals
Loaded suite /home/rubys/.rvm/gems/ruby-1.8.7-p374/gems/rake-10.1.1/lib/rake/rake_test_loader
Started
[deprecated] I18n.enforce_available_locales will default to true in the future. If you really want to skip validation of your locale you can set I18n.enforce_available_locales = false to avoid this message.
................................................
Finished in 1.039421 seconds.
 
48 tests, 80 assertions, 0 failures, 0 errors

Look at the data in the database

sqlite3 db/development.sqlite3 .schema
CREATE TABLE "carts" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "created_at" datetime, "updated_at" datetime);
CREATE TABLE "line_items" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "product_id" integer, "cart_id" integer, "created_at" datetime, "updated_at" datetime, "quantity" integer DEFAULT 1, "price" decimal, "order_id" integer);
CREATE TABLE "orders" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(255), "address" text, "email" varchar(255), "pay_type" varchar(255), "created_at" datetime, "updated_at" datetime);
CREATE TABLE "products" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "title" varchar(255), "description" text, "image_url" varchar(255), "price" decimal(8,2), "created_at" datetime, "updated_at" datetime);
CREATE TABLE "schema_migrations" ("version" varchar(255) NOT NULL);
CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(255), "hashed_password" varchar(255), "salt" varchar(255), "created_at" datetime, "updated_at" datetime);
CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version");

Try requesting the xml... see auth failure.

curl --max-time 15 --silent http://localhost:3000/products/2/who_bought.xml
<html><body>You are being <a href="http://localhost:3000/login">redirected</a>.</body></html>

Enable basic auth

edit app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
  before_filter :authorize
 
    # ...
 
  protected
 
    def authorize
      if request.format == Mime::HTML 
        unless User.find_by_id(session[:user_id])
          redirect_to login_url, :notice => "Please log in"
        end
      else
        authenticate_or_request_with_http_basic do |username, password|
          user = User.authenticate(username, password)
        end
      end
    end

Try requesting the xml... see auth succeed.

curl --max-time 15 --silent --user dave:secret http://localhost:3000/products/2/who_bought.xml
<order_list for_product="CoffeeScript">
  <order>
    <name>Dave Thomas</name>
    <email>customer@example.com</email>
  </order>
</order_list>

15.1 Task J1: Selecting the locale 14.4 Iteration I4: Adding a Sidebar