15.1 Task J1: Selecting the locale 14.4 Iteration I4: Adding a Sidebar
Verify that accessing product information requires login
edit test/functional/products_controller_test.rb
test "should require login" do
logout
get :index
assert_redirected_to login_path
end
Verify that the test passes
rake test:functionals
Loaded suite /home/rubys/.rvm/gems/ruby-1.8.7-p352/gems/rake-0.9.2.2/lib/rake/rake_test_loader
Started
................................................
Finished in 1.855968 seconds.
48 tests, 80 assertions, 0 failures, 0 errors
Look at the data in the database
sqlite3 db/development.sqlite3 .schema
CREATE TABLE "carts" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "created_at" datetime, "updated_at" datetime);
CREATE TABLE "line_items" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "product_id" integer, "cart_id" integer, "created_at" datetime, "updated_at" datetime, "quantity" integer DEFAULT 1, "price" decimal, "order_id" integer);
CREATE TABLE "orders" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(255), "address" text, "email" varchar(255), "pay_type" varchar(255), "created_at" datetime, "updated_at" datetime);
CREATE TABLE "products" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "title" varchar(255), "description" text, "image_url" varchar(255), "price" decimal(8,2), "created_at" datetime, "updated_at" datetime);
CREATE TABLE "schema_migrations" ("version" varchar(255) NOT NULL);
CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar(255), "hashed_password" varchar(255), "salt" varchar(255), "created_at" datetime, "updated_at" datetime);
CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version");
Try requesting the xml... see auth failure.
curl --silent http://localhost:3000/products/2/who_bought.xml
<html><body>You are being <a href="http://localhost:3000/login">redirected</a>.</body></html>
Is this the best way to detect request format?
Enable basic auth
edit app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
before_filter :authorize
# ...
protected
def authorize
if request.format == Mime::HTML
unless User.find_by_id(session[:user_id])
redirect_to login_url, :notice => "Please log in"
end
else
authenticate_or_request_with_http_basic do |username, password|
user = User.authenticate(username, password)
end
end
end
Try requesting the xml... see auth succeed.
curl --silent --user dave:secret http://localhost:3000/products/2/who_bought.xml
<order_list for_product="CoffeeScript">
<order>
<name>Dave Thomas</name>
<email>customer@example.com</email>
</order>
</order_list>
15.1 Task J1: Selecting the locale 14.4 Iteration I4: Adding a Sidebar