game edition actions are login protected

README.md

@@ -6,7 +6,6 @@ Rails application to record the results of the ping pong (pink pong) at "3scale
 
 * game views doubles tweaks
 * game double emails text tweaks
-* protect create/update games behind login
 * CSS love
 * gmail integration
 * heroku deploy

app/controllers/games_controller.rb

@@ -1,4 +1,5 @@
  class GamesController < ApplicationController
+   before_filter :authenticate_user!, :only => [:new, :create, :edit, :update]
    before_filter :load_users, :only => [:new, :create, :edit, :update]
    before_filter :find_or_create_users_by_emails, :only => [:create, :update]
 

features/game.feature

@@ -1,21 +1,30 @@
 Feature: Game feature
 
+Scenario: Create game requires login
+  Given I am not authenticated
+  When I visit the new game page
+  Then I should be requested to login
+
 Scenario: Create game with existing users
+  Given I am a new, authenticated user
   When I create a game
   Then I should see the game
   And the players should receive a game email
 
 Scenario: Create game using emails
+  Given I am a new, authenticated user
   When I create a game using emails
   Then I should see the game
   And the players should receive a game email
 
 Scenario: Create double with existing users
+  Given I am a new, authenticated user
   When I create a double
   Then I should see the game
   And the players should receive a double email
 
 Scenario: Create double using emails
+  Given I am a new, authenticated user
   When I create a double using emails
   Then I should see the game
   And the players should receive a double email

features/step_definitions/game_steps.rb

@@ -1,3 +1,7 @@
+When /^I visit the new game page$/ do
+  visit new_game_path
+end
+
 When /^I create a game$/ do
   User.make! :email => "aurelian@pinkpong.com"
   User.make! :email => "raimon@pinkpong.com"

features/step_definitions/user_steps.rb

@@ -0,0 +1,19 @@
+Given /^I am not authenticated$/ do
+  # nothing I am not authenticated
+  #visit('/users/sign_out') # ensure that at least
+end
+
+Given /^I am a new, authenticated user$/ do
+  email = 'testing@man.net'
+  password = 'secretpass'
+  User.make!(:email => email, :password => password, :password_confirmation => password)
+
+  visit '/users/sign_in'
+  fill_in "user_email", :with => email
+  fill_in "user_password", :with => password
+  click_button "Sign in"
+end
+
+Then /^I should be requested to login$/ do
+  assert_equal current_url, new_user_session_url
+end

test/functional/games_controller_test.rb

@@ -1,7 +1,11 @@
 require 'test_helper'
 
 class GamesControllerTest < ActionController::TestCase
+  include Devise::TestHelpers
+
   setup do
+    @request.env["devise.mapping"] = Devise.mappings[:admin]
+    @user = User.make!
     @game = Game.make!
   end
 
@@ -12,21 +16,22 @@ class GamesControllerTest < ActionController::TestCase
   end
 
   test "should get new" do
+    sign_in @user
     get :new
     assert_response :success
   end
 
   test "should create game" do
+    sign_in @user
     assert_difference('Game.count') do
       post :create, :game => @game.attributes
     end
-
     assert_redirected_to game_path(assigns(:game))
   end
 
   test "create does not blow with invalid emails" do
+    sign_in @user
     post :create, :game => { }, :loser_email => "invalid", :winner_email => "invalid", :winner_email => "invalid"
-
     assert_response :success
   end
 
@@ -36,20 +41,22 @@ class GamesControllerTest < ActionController::TestCase
   end
 
   test "should get edit" do
+    sign_in @user
     get :edit, :id => @game.to_param
     assert_response :success
   end
 
   test "should update game" do
+    sign_in @user
     put :update, :id => @game.to_param, :game => @game.attributes
     assert_redirected_to game_path(assigns(:game))
   end
 
   test "should destroy game" do
+    sign_in @user
     assert_difference('Game.count', -1) do
       delete :destroy, :id => @game.to_param
     end
-
     assert_redirected_to games_path
   end
 end