Zach Dennis wrote: > On Tue, Dec 16, 2008 at 8:30 PM, Zach Dennis <zach.den...@gmail.com> > wrote: >> >> I know why you're doing it, but I just want to know *why* you're doing >> it? Can you not tell through the application itself that someone is >> logged in, logged out, and verify their identity without having to >> expose the internals? >
In my case I am exploring the whole nature of BDD. Since experience, much of it bad, is the best teacher I am trying to cram as much of it as possible into the front end; before it gets expensive. Testing whether or not the application can detect and distinguish between authenticated and non-authenticate requests where it matters is important in my opinion. The situation being that some parts are accessible anonymously and some are not. It might be considered desirable to limit access to things like the log in form only to non-authenticated requests. It such a feature is required then the means to test for it must be provided as well. Regards, -- Posted via http://www.ruby-forum.com/. _______________________________________________ rspec-users mailing list rspec-users@rubyforge.org http://rubyforge.org/mailman/listinfo/rspec-users
