如何为需要用户身份验证的API构造Rspec请求测试

Question

I am working on an API for an app. I'm trying to write rspec request tests for routes that require parameters, but also belong to users and I normally requires the JWT token to access.

For example, how would I write a spec for testing the route POST /stocklist/:stocklist_id/balance/show

For that I would need a user who also has a stocklist. I'm using FactoryGirl and I have functional tests using factories, but I'm unsure of how to incorporate so many parts in a test.

Answer 1

You can use Rack Test.

https://github.com/rack-test/rack-test

Below is an example. First we'll create a user and an associated stock_list. You should have examples for doing this in your functional tests. Then we need to find a way to pass the token that is needed. In rack-test, you can pass params. You'll need to pass the key and value of a key that will work in your test environment. Then you can test that the controller action actually produces the results that you hope for. Here I'm supposing that we have count 0 of some model and that one gets created in the post action.

describe 'my_api' do
  let!( :user ){ create :user }
  let!( :stock_list ){ create :stock_list, user: user }

  specify do
    expect( SomeModel.count      ).to eq 0
    post "/stocklist/#{stock_list.id}/balance/show", { token: "some_token" }

    expect( SomeModel.count      ).to eq 1
    expect( last_response.status ).to eq 200
    expect( JSON.parse( last_response.body, symbloize_keys:true )[:my_value] ).to eq 'something'
  end
end

Answer 2

You can mock the controller method that returns the logged in user, like this:

@user = FactoryGirl.create :user
# populate user with relationship objects

expect(controller).to_receive(:current_user).and_return(@user)

You can also set the http headers with authorization tokens if needed

request.env['HTTP_AUTHORIZATION'] = token