# The controller action: def some_action authorize! :do_this_action, @some_

1. # The controller action:
2.  
3. def some_action
4. authorize! :do_this_action, @some_object
5. end
6.  
7. # The spec:
8.  
9. it "should work when authorized" do
10. sign_in @user
11. get :some_action
12. response.should be_success
13. end
14.  
15. it "should not work when not authorized" do
16. sign_in @other_user
17. get :some_action
18. response.should_not be_success
19. end
20.  
21. it "should check the user can do_this_action" do
22. mock(controller).authorize!(:do_this_action, some_object)
23. get :some_action
24. end
25.  
26. it "should check the user can do_this_action" do
27. mock(controller).authorize!(:some_action, some_object)
28. get :some_action
29. end