On Tue, Dec 9, 2008 at 3:52 AM, Andrew Premdas <[EMAIL PROTECTED]> wrote:
> You can improve the features you've given by
>
> 1. use named routes not url's
> 2. not checking for not seeing specific things
> 3. A combined step with a more examples table
>Given I am logged in as a developer
You can improve the features you've given by
1. use named routes not url's
2. not checking for not seeing specific things
3. A combined step with a more examples table
Given I am logged in as a developer
4. having a general policy for what happens when access fails and testing
that e.g.
I usually assume my scenario user has been Given permission
and instead, I do the authorization testing in the controller specs
with shared behaviors, for example,
it_should_behave_like "a login required action"
it_should_behave_like "a manager authorized action"
That said, I also might have
Hi,
my team and i have come to the point where we have defined a whole
bunch of stories for an application.
Almost all of the actions (besides login, etc.) should *not* be
accesible if not logged in.
Almost all of the actions require a specific user role.
So, my question is. How do you put that i
