<% salt = Digest::SHA256.hexdigest('salt') %> <% pass = Digest::SHA256.hexdigest("--#{salt}--password--")%> matz: name: Yukihiro Matsumoto email: matz@ruby-lang.org salt: <%= salt %> crypted_password: <%= pass %> why: name: Why the Lucky Stiff email: why@whytheluckystiff.net salt: <%= salt %> crypted_password: <%= pass %> ---------------------------------------------------------------------- def test_should_be_forbidden_if_not_editable_by login_as(:why) assert_raise AuthorizationFu::Exceptions::SecurityTransgression do get :edit, :id => posts(:one).id end end ------------------------------------------------------------------------- def test_login_known_user get login_path assert_response :success assert_template "sessions/new" post sessions_path, :email => users(:matz).email, :password => 'password‘ assert_response :redirect follow_redirect! assert_response :success assert_template "posts/index" assert_select "p", /Yukihiro Matsumoto/ end ------------------------------------------------------------------------