On pretty much every project I’ve ever been on, there have always been various roles in the system that experience different behavior. Admins can generally do everything, end users get the least functionality, and there are always a few in between that vary based on requirements. Unfortunately, all too often all possible scenarios aren’t tested, or they test only positive cases for each role.
In my current Ruby on Rails project, I am checking all roles and ensuring those who should be able to do certain things are able to, and those that shouldn’t are unable to. What I have found, is that usually, the Admin and one other role can usually do a set of things, and every other role can’t. So, I find that I set up my tests the following manner:
['root','hr'].each do |role_name|
context "logged in as #{role_name}" do
setup do
login_as_user(role_name)
end
should 'index' do
get :index
assert_response :success
# other assertions
end
end
end
This is for the roles who cannot do the actions:
['user','manager'].each do |role_name|
context "logged in as #{role_name}" do
setup do
login_as_user(role_name)
end
should 'index' do
get :index
assert_redirected_to root_url
# or logged out - or whatever you do with a violation of this type
end
end
endYou can now see that we have automated tests that assert the expected functionality for all roles in the system. As a developer who deploys and supports applications in production, it is very reassuring to me that our code has this level of tests. I know that when I deploy, there won’t be that many bugs, and I don’t have to fear production deployments; just schedule them and perform them.
