15.3 Iteration J3: Limiting Access 15.1 Iteration J1: Adding Users

56 (tests|runs), 153 assertions, 0 failures, 0 errors.
<0> was expected to be
>=
<1>.

Traceback:
  /home/rubys/git/awdwr/edition4/checkdepot.rb:38:in `assert_test_summary'
  /home/rubys/git/awdwr/edition4/checkdepot.rb:406:in `block in <class:DepotTest>'

Generate empty controllers for sessions and administration

rails generate controller Sessions new create destroy

      create  app/controllers/sessions_controller.rb

       route  get 'sessions/destroy'

       route  get 'sessions/create'

       route  get 'sessions/new'

      invoke  erb

      create    app/views/sessions

      create    app/views/sessions/new.html.erb

      create    app/views/sessions/create.html.erb

      create    app/views/sessions/destroy.html.erb

      invoke  test_unit

      create    test/controllers/sessions_controller_test.rb

      invoke  helper

      create    app/helpers/sessions_helper.rb

      invoke    test_unit

      invoke  assets

      invoke    coffee

      create      app/assets/javascripts/sessions.coffee

      invoke    scss

      create      app/assets/stylesheets/sessions.scss

rails generate controller Admin index

      create  app/controllers/admin_controller.rb

       route  get 'admin/index'

      invoke  erb

      create    app/views/admin

      create    app/views/admin/index.html.erb

      invoke  test_unit

      create    test/controllers/admin_controller_test.rb

      invoke  helper

      create    app/helpers/admin_helper.rb

      invoke    test_unit

      invoke  assets

      invoke    coffee

      create      app/assets/javascripts/admin.coffee

      invoke    scss

      create      app/assets/stylesheets/admin.scss

Implement login in and out by storing the user_id in the session

edit app/controllers/sessions_controller.rb

class SessionsController < ApplicationController

  def new

  end

  def create

    user = User.find_by(name: params[:name])

    if user.try(:authenticate, params[:password])

      session[:user_id] = user.id

      redirect_to admin_url

    else

      redirect_to login_url, alert: "Invalid user/password combination"

    end

  end

  def destroy

    session[:user_id] = nil

    redirect_to store_index_url, notice: "Logged out"

  end

end

Create the view using form_for as there is no underlying model

edit app/views/sessions/new.html.erb

<div class="depot_form">

  <% if flash[:alert] %>

    <p id="notice"><%= flash[:alert] %></p>

  <% end %>

  <%= form_tag do %>

    <fieldset>

      <legend>Please Log In</legend>

      <div>

        <%= label_tag :name, 'Name:' %>

        <%= text_field_tag :name, params[:name] %>

      </div>

      <div>

        <%= label_tag :password, 'Password:' %>

        <%= password_field_tag :password, params[:password] %>

      </div>

      <div>

        <%= submit_tag "Login" %>

      </div>

    </fieldset>

  <% end %>

</div>

Create a landing page for the administrator

edit app/views/admin/index.html.erb

<h1>Welcome</h1>

<p>

  It's <%= Time.now %>.

  We have <%= pluralize(@total_orders, "order") %>.

</p>

Make the orders count available to the admin page

edit app/controllers/admin_controller.rb

class AdminController < ApplicationController

  def index

    @total_orders = Order.count

  end

end

Connect the routes to the controller actions

edit config/routes.rb

Do a login

get /login

Your Downloads

Rails, Angular, Postgres, and Bootstrap

• Home
• Questions
• News
• Contact

Please Log In

Name:

Password:

post /login

• name => dave
• password => secret

get http://localhost:3000/admin

Your Downloads

Rails, Angular, Postgres, and Bootstrap

• Home
• Questions
• News
• Contact

Welcome

It's 2017-06-14 08:07:31 -0400. We have 3 orders.

edit test/controllers/admin_controller_test.rb

require 'test_helper'

class AdminControllerTest < ActionDispatch::IntegrationTest

  test "should get index" do

    get admin_url

    assert_response :success

  end

end

Fix the sessions controller test

edit test/controllers/sessions_controller_test.rb

require 'test_helper'

class SessionsControllerTest < ActionDispatch::IntegrationTest

  test "should prompt for login" do

    get login_url

    assert_response :success

  end

  test "should login" do

    dave = users(:one)

    post login_url, params: { name: dave.name, password: 'secret' }

    assert_redirected_to admin_url

    assert_equal dave.id, session[:user_id]

  end

  test "should fail login" do

    dave = users(:one)

    post login_url, params: { name: dave.name, password: 'wrong' }

    assert_redirected_to login_url

  end

  test "should logout" do

    delete logout_url

    assert_redirected_to store_index_url

  end

end

rails test

Run options: --seed 3369

# Running:

.............E

Error:

DslUserStoriesTest#test_two_people_buying:

NoMethodError: undefined method `split' for nil:NilClass

    app/models/order.rb:36:in `charge!'

    app/jobs/charge_order_job.rb:7:in `perform'

    app/controllers/orders_controller.rb:42:in `block in create'

    app/controllers/orders_controller.rb:36:in `create'

    test/integration/dsl_user_stories_test.rb:95:in `checks_out'

    test/integration/dsl_user_stories_test.rb:63:in `block in test_two_people_buying'

    test/integration/dsl_user_stories_test.rb:54:in `test_two_people_buying'

bin/rails test test/integration/dsl_user_stories_test.rb:53

..........................................

Finished in 1.915715s, 29.2319 runs/s, 74.6458 assertions/s.

56 runs, 143 assertions, 0 failures, 1 errors, 0 skips

15.3 Iteration J3: Limiting Access 15.1 Iteration J1: Adding Users