Adding Users and Roles

Now that we have Devise installed, let’s see how we can use testing to expose security issues.

The most basic security issue is user login. Since our application involves projects that would presumably be limited to a specific, private set of users, it makes sense that we would need to be logged in to access the application. This is testable logic—a logged-in user can access a page, whereas any random person who happens across the page can not access it.

Simulating user login

The following is an integration test for the project index page:

Get hands-on with 1400+ tech skills courses.