Using Roles

Learn to write tests on users and roles.

Using roles

Now that we have the concept of users and roles in the system, we need to look at other places where users need access to a project. Two interesting places spring to mind:

  • The project index list, where access should be limited to only the projects that the user can see

  • The new tasks form, which should be limited to only the projects a user can see

Let’s look at the index page. Two places need code here. A User instance needs some way to return the list of projects the user can see, and the controller index action needs to call that method. That argues for an integration test, though only weakly. Sometimes we’ll skip an integration test if the logic is very close to Rails default integration and would easily be caught manually. Another option would be a request test that used test doubles to confirm that a specific method is called on User or Project:

Get hands-on with 1200+ tech skills courses.