Merge pull request #310 from grzuy/acceptance_test_extend_request_object

Acceptance test ability to extend the request object
rack · Mar 22, 2018 · 2adade1 · 2adade1
2 parents 6614d0b + ba91e23
commit 2adade1
Showing 1 changed file with 34 additions and 0 deletions.
diff --git a/spec/acceptance/extending_request_object_spec.rb b/spec/acceptance/extending_request_object_spec.rb
@@ -0,0 +1,34 @@
+require_relative "../spec_helper"
+
+describe "Extending the request object" do
+  before do
+    class Rack::Attack::Request
+      def authorized?
+        env["APIKey"] == "private-secret"
+      end
+    end
+
+    Rack::Attack.blocklist("unauthorized requests") do |request|
+      !request.authorized?
+    end
+  end
+
+  # We don't want the extension to leak to other test cases
+  after do
+    class Rack::Attack::Request
+      remove_method :authorized?
+    end
+  end
+
+  it "forbids request if blocklist condition is true" do
+    get "/"
+
+    assert_equal 403, last_response.status
+  end
+
+  it "succeeds if blocklist condition is false" do
+    get "/", {}, "APIKey" => "private-secret"
+
+    assert_equal 200, last_response.status
+  end
+end