16.1 Task K1: Selecting the locale 15.4 Iteration J4: Adding a Sidebar
Verify that accessing product information requires login
edit test/controllers/products_controller_test.rb
test "should require login" do
logout
get products_url
follow_redirect!
assert_select 'h2', 'Please Log In'
end
Verify that the test passes
rails test:controllers
Run options: --seed 3241
# Running:
.............................................
Finished in 4.354234s, 10.3348 runs/s, 15.3873 assertions/s.
45 runs, 67 assertions, 0 failures, 0 errors, 0 skips
Look at the data in the database
echo .schema | rails dbconsole
CREATE TABLE "schema_migrations" ("version" varchar NOT NULL PRIMARY KEY);
CREATE TABLE "ar_internal_metadata" ("key" varchar NOT NULL PRIMARY KEY, "value" varchar, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL);
CREATE TABLE "products" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "title" varchar, "description" text, "image_url" varchar, "price" decimal(8,2), "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL);
CREATE TABLE "carts" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL);
CREATE TABLE "line_items" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "product_id" integer, "cart_id" integer, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL, "quantity" integer DEFAULT 1, "price" decimal, "order_id" integer, CONSTRAINT "fk_rails_11e15d5c6b"
FOREIGN KEY ("product_id")
REFERENCES "products" ("id")
, CONSTRAINT "fk_rails_af645e8e5f"
FOREIGN KEY ("cart_id")
REFERENCES "carts" ("id")
);
CREATE INDEX "index_line_items_on_product_id" ON "line_items" ("product_id");
CREATE INDEX "index_line_items_on_cart_id" ON "line_items" ("cart_id");
CREATE TABLE "orders" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar, "address" text, "email" varchar, "pay_type" integer, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL);
CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "name" varchar, "password_digest" varchar, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL);
Try requesting the xml... see auth failure.
curl --max-time 15 --silent http://localhost:3000/products/2/who_bought.xml
<html><body>You are being <a href="http://localhost:3000/login">redirected</a>.</body></html>
Enable basic auth
edit app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
before_action :authorize
# ...
protected
def authorize
if request.format == Mime[:html]
unless User.find_by(id: session[:user_id])
redirect_to login_url, notice: "Please log in"
end
else
authenticate_or_request_with_http_basic do |username, password|
user = User.find_by(name: username)
user && user.authenticate(password)
end
end
end
Try requesting the xml... see auth succeed.
curl --max-time 15 --silent --user dave:secret http://localhost:3000/products/2/who_bought.xml
<order_list for_product="Rails, Angular, Postgres, and Bootstrap">
<order>
<name>Dave Thomas</name>
<email>customer@example.com</email>
</order>
<order>
<name>Dave Thomas</name>
<email>customer@example.com</email>
</order>
<order>
<name>Dave Thomas</name>
<email>customer@example.com</email>
</order>
</order_list>
16.1 Task K1: Selecting the locale 15.4 Iteration J4: Adding a Sidebar