I've successfully got my controller specs working with subdomains by using a before filter like so
before do
request.host = "an_account.example.com"
end
When a user tries to access a subdomain they are not part of, they are logged out and sent back to devise's sign in action which ISNT under a subdomain i.e.
www.example.com/users/sign_in
Everything works fine in the browser, sneaky users are redirected are barred from entering unrelated subdomains and instead redirected to the sign in form.
However my controller specs are failing with
"Expected response to be a redirect to http://example.com/users/sign_in but was a redirect to http://an_account.example.com/users/sign_in"
Can anyone help on this?
Here is the before_filter which authorizes users
def authorize_account_subdomain!
if current_account.subdomain != request.subdomain
sign_out
flash[:warning] = t('errors.unauthorized')
redirect_to new_user_session_url(:subdomain => false)
end
end
and the test
context 'when signed_in' do
let(:user) { create(:user_with_account) }
let(:proposal) { create(:proposal, :account => user.account) }
let(:subdomain) { user.account.subdomain }
before do
sign_in user
end
context "when accessing other subdomain" do
before do
other_subdomain = "other_subdomain"
@request.host = "#{other_subdomain}.example.com"
end
it "can not access show action" do
post :show, :id => 1
access_denied!
end
end
end
#test helper
def access_denied!
response.should redirect_to new_user_session_url(:subdomain => false)
flash[:warning].should == I18n.t('errors.unauthorized')
end
