}) Describe("Authenticate", func() { var ( permissions *ssh.Permissions password []byte authErr error ) BeforeEach(func() { permissions = nil password = []byte{} }) JustBeforeEach(func() { permissions, authErr = authenticator.Authenticate(metadata, password) }) Context("when the user name matches the user regex and valid credentials are provided", func() { BeforeEach(func() { metadata.UserReturns("diego:some-guid/0") password = []byte("some-user:some-password") }) It("authenticates the password against the provided user:password", func() { Expect(authErr).NotTo(HaveOccurred()) }) It("builds permissions for the requested process", func() { Expect(permissionsBuilder.BuildCallCount()).To(Equal(1)) guid, index, metadata := permissionsBuilder.BuildArgsForCall(0)