Merge pull request #310 from grzuy/acceptance_test_extend_request_object

Acceptance test ability to extend the request object
2026-03-25 09:25:49 +00:00 · 2018-03-22 17:25:47 -03:00 · 2018-03-22 17:25:47 -03:00 · 2adade17ff
commit 2adade17ff
parent 6614d0b6ee ba91e23419
1 changed files with 34 additions and 0 deletions
--- a/spec/acceptance/extending_request_object_spec.rb
+++ b/spec/acceptance/extending_request_object_spec.rb
@ -0,0 +1,34 @@
+require_relative "../spec_helper"
+
+describe "Extending the request object" do
+  before do
+    class Rack::Attack::Request
+      def authorized?
+        env["APIKey"] == "private-secret"
+      end
+    end
+
+    Rack::Attack.blocklist("unauthorized requests") do |request|
+      !request.authorized?
+    end
+  end
+
+  # We don't want the extension to leak to other test cases
+  after do
+    class Rack::Attack::Request
+      remove_method :authorized?
+    end
+  end
+
+  it "forbids request if blocklist condition is true" do
+    get "/"
+
+    assert_equal 403, last_response.status
+  end
+
+  it "succeeds if blocklist condition is false" do
+    get "/", {}, "APIKey" => "private-secret"
+
+    assert_equal 200, last_response.status
+  end
+end