Add non-happy-path controller tests to check that the new, create, edit, update, and destroy actions behave correctly when an unauthenticated user attempts to access them.
Steps for each controller test
Add test:
test/controllers/limericks_controller_test.rb - controller test file.
Copy the corresponding happy-path test.
Rename the copy to reflect the new expectations:
"should not get new if not authenticated" - name of new new test.
"should not create limerick if not authenticated" - name of new create test.
"should not get edit if not authenticated" - name of new edit test.
"should not update limerick if not authenticated" - name of new update test.
"should not destroy limerick if not authenticated" - name of new destroy test.
Arrange:
Remove the code that signs in the user.
Act:
No change needed.
Assert:
assert_response - check that the HTTP response has a redirect status code.
assert_redirected_to - check that the HTTP redirect was to the Devise sign-in page.
new_user_session_url - the URL helper for the Devise sign-in page.
assert_not_nil - check that a flash['alert'] message was set.
Run tests:
rails test -v - command to run tests.
Screenshots to Submit
Each controller test for unauthenticated-user errors opened in VS Code.
The terminal output of rails test -v showing that the controller tests ran and passed.
The coverage report for controllers, showing 100% coverage for each controller.