DEV Community

Cover image for Need rubyists help in RSpec Framework
Ajithkumar P S
Ajithkumar P S

Posted on

Need rubyists help in RSpec Framework

Recently I made a TDD for my project rails_todo_api it is a API only application with devise for user authentication and RSpec framework for testing. I'm new to testing and rspec. Here is my github repo: https://github.com/iak97/rails_todo_api.

I need a code review and feedback about it. What improvements and fixes I need to make to better the code. Thanks in advance!

Top comments (4)

Collapse
 
starswan profile image
Stephen Dicks

I have had a brief look and I'm not sure where you would like the comments. My main observation is that there doesn't seem to be any isolation, so user X can see and update user Y's todos if they can guess the id.

Collapse
 
starswan profile image
Stephen Dicks

A couple of other comments:

  1. Your code is not very idiomatic. Todos.where(id: current_user.id) should be written as current_user.todos
  2. It looks like something has gone wrong with your TDD process somewhere. Your controller request spec only specifies that you get ok and it returns either a list of known size or an 'id' field (for index and show). I would expect the test to assert what the todo actually looked like, which should then make you think about how it is rendered (which is just the default rendering I think). What does the status field actually look like? [Is it a number or text?]
  3. You probably want extra endpoints for 'in progress todos', 'non-closed todos' - should a todo have an (optional?) date field? (which then can be overrun?).

I think an API like this is a bit too simple an example - it's a good starting point, but it doesn't really encourage you to do what we developers do, which is to solve problems for users. It might be better to make it a full-stack rails application with a simple UI, as it might help you think of some more use cases (what happens to done todos - should they be binnable which expires after a period?) and make it more than an academic exercise. Testing rails applications with capybara is great fun as well!

Collapse
 
iamak profile image
Ajithkumar P S • Edited

@starswan Thanks for your valuable comments and it will definitely help me to learn and grow. I will take these points and better my code. In the upcoming days will try to build a full-stack application and test it.

Collapse
 
iamak profile image
Ajithkumar P S

@starswan Thank you for taking the time to review my project and providing feedback! I appreciate your observation regarding the lack of isolation in user data and I will fix this.

AWS Security LIVE!

Join us for AWS Security LIVE!

Discover the future of cloud security. Tune in live for trends, tips, and solutions from AWS and AWS Partners.

Learn More