Skip to content

Commit ded3b37

Browse files
LindseyBLindseyB
committed
Non-admins cannot create new posts.
1 parent 7939ad3 commit ded3b37

3 files changed

Lines changed: 38 additions & 6 deletions

File tree

features/blog.feature

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ Feature: The Hackety Blog
33
Given there is a blog post with the title "First Post"
44
When I go to the blog page
55
Then I should see "First Post"
6-
Scenario: I can create a post
6+
Scenario: Admins may create a post
77
Given I'm logged in as admin
88
And I go to the new post page
99
When I fill in "Title" with "new title"
@@ -18,3 +18,11 @@ Feature: The Hackety Blog
1818
When I go to the posts page
1919
Then I should see "First Post"
2020
And I should see "Second Post"
21+
Scenario: Not logged in users cannot create a post
22+
Given I'm not logged in
23+
And I go to the new post page
24+
Then I should see "Sorry, buddy"
25+
Scenario: Non-admin users cannot create a post
26+
Given I'm logged in
27+
And I go to the new post page
28+
Then I should see "Sorry, buddy"

features/step_definitions/common_steps.rb

Lines changed: 19 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,23 @@
1-
Given /^I'm logged in as admin$/ do
2-
password = "foobar"
3-
@user = Factory(:admin,:password => password, :password_confirmation => password)
1+
def login user
42
visit "/login"
5-
fill_in "email", :with => @user.email
6-
fill_in "password", :with => password
3+
fill_in "email", :with => user.email
4+
fill_in "password", :with => user.password
75
click_button "login"
86
end
97

8+
Given /^I'm logged in as admin$/ do
9+
password = "foobar"
10+
user = Factory(:admin,:password => password, :password_confirmation => password)
11+
login user
12+
end
13+
14+
Given /^I'm not logged in$/ do
15+
visit "/logout"
16+
end
17+
18+
Given /^I'm logged in$/ do
19+
password = "foobar"
20+
user = Factory(:user,:password => password, :password_confirmation => password)
21+
login user
22+
end
23+

hackety.rb

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,10 +28,20 @@
2828
end
2929

3030
get "/posts/new" do
31+
unless current_user.admin?
32+
flash[:notice] = "Sorry, buddy"
33+
redirect "/posts"
34+
end
35+
3136
haml :posts_new
3237
end
3338

3439
post "/posts" do
40+
unless current_user.admin?
41+
flash[:notice] = "Sorry, buddy"
42+
redirect "/posts"
43+
end
44+
3545
@post = Post.create(params)
3646
flash[:notice] = "Post Created"
3747
redirect "/posts/#{@post.id}"

0 commit comments

Comments
 (0)