unit testing: Should I use one custom assert method to test a role does not have access to any of a controllers actions or multiple test methods?

mercredi 1 juillet 2015

Should I use one custom assert method to test a role does not have access to any of a controllers actions or multiple test methods?

Say I have the following controller, UserAdmin. This controller has two actions methods: edit and delete. I'm writing unit tests to make sure a user without role X can not access these actions and I was wondering is there a preferred/standard way to do this. I have three thoughts:

1) A test method for each action that only test role access

testUserWithoutRoleXCanNotAccessEdit()
{
    //... test access to edit action
}

testUserWithoutRoleXCanNotAccessDelete()
{
    // ... test action to view action
}

2) One test method to cover all restricted actions that will test role access

testUserWithoutRoleXCanNotAccessRestrictedActions()
{
    // ... test access to each action
}

3) A test method for each action, but just use a custom assert for role access

testASuccessfullUserEditWillUpdateTheUser()
{
    // ... some asserts
    $this->assertUserHasRoleX();
}

testASuccessfullDeleteWillRemoveUserFromDatabase()
{
    // ... some asserts
    $this->assertUserHasRoleX();
}

Thanks!

unit testing

mercredi 1 juillet 2015

Should I use one custom assert method to test a role does not have access to any of a controllers actions or multiple test methods?

Aucun commentaire:

Enregistrer un commentaire