According to the documentation in the Devise home page, we can use the following before_filter to control the user access on specific controller functions.

before_filter :authenticate_user!

But when i try to test the controller function in RSpec, i got the following error.
Failure/Error: post :create
undefined method `authenticate!’ for nil:NilClass
 

After searching in Google, i found the solution which said that the Devise::TestHelper should be included in the controller spec as follow.

require 'spec_helper'

describe ServicesController do
  include Devise::TestHelpers
  render_views

  describe "access control" do

    it "should deny access to 'create'" do
      post :create
      response.should redirect_to(new_user_session_path)
    end

    it "should deny access to 'destroy'" do
      delete :destroy, :id => 1
      response.should redirect_to(new_user_session_path)
    end
  end

end

Done =)

Reference: Google Group – RSpec 2, Devise and Rails 3