Rather than using the (yet-to-be-built) web interface for microposts, the code in Listing 10.26 operates at the level of the individual micropost actions, a strategy we first saw in Listing 9.14. In this case, a non-signed-in user is redirected upon submitting a POST request to /microposts (post microposts_path, which hits the create action) or submitting a DELETE request to /microposts/1 (delete micropost_path(micropost), which hits the destroy action).

                Writing the application code needed to get thetests in Listing 10.26 to pass requires a littlerefactoring first.Recall fromSection 9.2.1 thatweenforced thesignin requirement using a before filter that called the signed_in_user method (Listing 9.12). At the time, we only needed that method in the Users controller, but now we find that we need it in the Microposts controller as well, so we’ll move it into the Sessions helper, as shown in Listing 10.27.8