clearance 1.17.0 → 2.0.0.beta1

data/app/controllers/clearance/passwords_controller.rb

@@ -1,22 +1,11 @@
 require 'active_support/deprecation'
 
 class Clearance::PasswordsController < Clearance::BaseController
-  if respond_to?(:before_action)
-    skip_before_action :require_login,
-      only: [:create, :edit, :new, :update],
-      raise: false
-    skip_before_action :authorize,
-      only: [:create, :edit, :new, :update],
-      raise: false
-    before_action :ensure_existing_user, only: [:edit, :update]
-  else
-    skip_before_filter :require_login,
-      only: [:create, :edit, :new, :update],
-      raise: false
-    skip_before_filter :authorize,
-      only: [:create, :edit, :new, :update],
-      raise: false
-    before_filter :ensure_existing_user, only: [:edit, :update]
+  before_action :ensure_existing_user, only: [:edit, :update]
+  skip_before_action :require_login, only: [:create, :edit, :new, :update], raise: false
+
+  def new
+    render template: "passwords/new"
   end
 
   def create
@@ -24,7 +13,8 @@ class Clearance::PasswordsController < Clearance::BaseController
       user.forgot_password!
       deliver_email(user)
     end
-    render template: 'passwords/create'
+
+    render template: "passwords/create"
   end
 
   def edit
@@ -34,14 +24,10 @@ class Clearance::PasswordsController < Clearance::BaseController
       session[:password_reset_token] = params[:token]
       redirect_to url_for
     else
-      render template: 'passwords/edit'
+      render template: "passwords/edit"
     end
   end
 
-  def new
-    render template: 'passwords/new'
-  end
-
   def update
     @user = find_user_for_update
 
@@ -51,7 +37,7 @@ class Clearance::PasswordsController < Clearance::BaseController
       session[:password_reset_token] = nil
     else
       flash_failure_after_update
-      render template: 'passwords/edit'
+      render template: "passwords/edit"
     end
   end
 
@@ -59,21 +45,11 @@ class Clearance::PasswordsController < Clearance::BaseController
 
   def deliver_email(user)
     mail = ::ClearanceMailer.change_password(user)
-
-    if mail.respond_to?(:deliver_later)
-      mail.deliver_later
-    else
-      mail.deliver
-    end
+    mail.deliver_later
   end
 
   def password_reset_params
-    if params.has_key? :user
-      ActiveSupport::Deprecation.warn %{Since locales functionality was added, accessing params[:user] is no longer supported.}
-      params[:user][:password]
-    else
-      params[:password_reset][:password]
-    end
+    params[:password_reset][:password]
   end
 
   def find_user_by_id_and_confirmation_token
@@ -105,19 +81,15 @@ class Clearance::PasswordsController < Clearance::BaseController
   end
 
   def flash_failure_when_forbidden
-    flash.now[:notice] = translate(:forbidden,
+    flash.now[:alert] = translate(:forbidden,
       scope: [:clearance, :controllers, :passwords],
-      default: t('flashes.failure_when_forbidden'))
+      default: t("flashes.failure_when_forbidden"))
   end
 
   def flash_failure_after_update
-    flash.now[:notice] = translate(:blank_password,
+    flash.now[:alert] = translate(:blank_password,
       scope: [:clearance, :controllers, :passwords],
-      default: t('flashes.failure_after_update'))
-  end
-
-  def url_after_create
-    sign_in_url
+      default: t("flashes.failure_after_update"))
   end
 
   def url_after_update

data/app/controllers/clearance/sessions_controller.rb

@@ -1,21 +1,6 @@
 class Clearance::SessionsController < Clearance::BaseController
-  if respond_to?(:before_action)
-    before_action :redirect_signed_in_users, only: [:new]
-    skip_before_action :require_login,
-      only: [:create, :new, :destroy],
-      raise: false
-    skip_before_action :authorize,
-      only: [:create, :new, :destroy],
-      raise: false
-  else
-    before_filter :redirect_signed_in_users, only: [:new]
-    skip_before_filter :require_login,
-      only: [:create, :new, :destroy],
-      raise: false
-    skip_before_filter :authorize,
-      only: [:create, :new, :destroy],
-      raise: false
-  end
+  before_action :redirect_signed_in_users, only: [:new]
+  skip_before_action :require_login, only: [:create, :new, :destroy], raise: false
 
   def create
     @user = authenticate(params)
@@ -24,7 +9,7 @@ class Clearance::SessionsController < Clearance::BaseController
       if status.success?
         redirect_back_or url_after_create
       else
-        flash.now.notice = status.failure_message
+        flash.now.alert = status.failure_message
         render template: "sessions/new", status: :unauthorized
       end
     end

data/app/controllers/clearance/users_controller.rb

@@ -1,13 +1,6 @@
 class Clearance::UsersController < Clearance::BaseController
-  if respond_to?(:before_action)
-    before_action :redirect_signed_in_users, only: [:create, :new]
-    skip_before_action :require_login, only: [:create, :new], raise: false
-    skip_before_action :authorize, only: [:create, :new], raise: false
-  else
-    before_filter :redirect_signed_in_users, only: [:create, :new]
-    skip_before_filter :require_login, only: [:create, :new], raise: false
-    skip_before_filter :authorize, only: [:create, :new], raise: false
-  end
+  before_action :redirect_signed_in_users, only: [:create, :new]
+  skip_before_action :require_login, only: [:create, :new], raise: false
 
   def new
     @user = user_from_params
@@ -27,14 +20,6 @@ class Clearance::UsersController < Clearance::BaseController
 
   private
 
-  def avoid_sign_in
-    warn "[DEPRECATION] Clearance's `avoid_sign_in` before_filter is " +
-      "deprecated. Use `redirect_signed_in_users` instead. " +
-      "Be sure to update any instances of `skip_before_filter :avoid_sign_in`" +
-      " or `skip_before_action :avoid_sign_in` as well"
-    redirect_signed_in_users
-  end
-
   def redirect_signed_in_users
     if signed_in?
       redirect_to Clearance.configuration.redirect_url

data/clearance.gemspec

@@ -5,10 +5,10 @@ require 'date'
 Gem::Specification.new do |s|
   s.add_dependency 'bcrypt'
   s.add_dependency 'email_validator', '~> 1.4'
-  s.add_dependency 'railties', '>= 3.1'
-  s.add_dependency 'activemodel', '>= 3.1'
-  s.add_dependency 'activerecord', '>= 3.1'
-  s.add_dependency 'actionmailer', '>= 3.1'
+  s.add_dependency 'railties', '>= 4.2'
+  s.add_dependency 'activemodel', '>= 4.2'
+  s.add_dependency 'activerecord', '>= 4.2'
+  s.add_dependency 'actionmailer', '>= 4.2'
   s.authors = [
     'Dan Croak',
     'Eugene Bolshakov',
@@ -38,7 +38,7 @@ Gem::Specification.new do |s|
   s.name = %q{clearance}
   s.rdoc_options = ['--charset=UTF-8']
   s.require_paths = ['lib']
-  s.required_ruby_version = Gem::Requirement.new('>= 1.9.2')
+  s.required_ruby_version = Gem::Requirement.new('>= 2.3.0')
   s.summary = 'Rails authentication & authorization with email & password.'
   s.test_files = `git ls-files -- {spec}/*`.split("\n")
   s.version = Clearance::VERSION

data/gemfiles/rails_4.2.gemfile

@@ -3,18 +3,17 @@
 source "https://rubygems.org"
 
 gem "addressable", "~> 2.6.0"
-gem "appraisal"
 gem "ammeter"
-gem "bundler", "~> 1.3"
+gem "appraisal"
 gem "capybara", ">= 2.6.2"
 gem "database_cleaner", "~> 1.0"
 gem "factory_bot_rails", "~> 5.0"
 gem "nokogiri", "~> 1.10.0"
-gem "rspec-rails", "~> 3.1"
+gem "pry", require: false
+gem "rspec-rails", "~> 3.5"
 gem "shoulda-matchers", "~> 4.0"
 gem "sqlite3", "~> 1.3.13"
 gem "timecop", "~> 0.6"
-gem "pry", require: false
 gem "railties", "~> 4.2.0"
 
 gemspec path: "../"

data/gemfiles/rails_5.0.gemfile

@@ -3,18 +3,17 @@
 source "https://rubygems.org"
 
 gem "addressable", "~> 2.6.0"
-gem "appraisal"
 gem "ammeter"
-gem "bundler", "~> 1.3"
+gem "appraisal"
 gem "capybara", ">= 2.6.2"
 gem "database_cleaner", "~> 1.0"
 gem "factory_bot_rails", "~> 5.0"
 gem "nokogiri", "~> 1.10.0"
-gem "rspec-rails", "~> 3.1"
+gem "pry", require: false
+gem "rspec-rails", "~> 3.5"
 gem "shoulda-matchers", "~> 4.0"
 gem "sqlite3", "~> 1.3.13"
 gem "timecop", "~> 0.6"
-gem "pry", require: false
 gem "railties", "~> 5.0.0"
 gem "rails-controller-testing"
 

data/gemfiles/rails_5.1.gemfile

@@ -3,18 +3,17 @@
 source "https://rubygems.org"
 
 gem "addressable", "~> 2.6.0"
-gem "appraisal"
 gem "ammeter"
-gem "bundler", "~> 1.3"
+gem "appraisal"
 gem "capybara", ">= 2.6.2"
 gem "database_cleaner", "~> 1.0"
 gem "factory_bot_rails", "~> 5.0"
 gem "nokogiri", "~> 1.10.0"
-gem "rspec-rails", "~> 3.1"
+gem "pry", require: false
+gem "rspec-rails", "~> 3.5"
 gem "shoulda-matchers", "~> 4.0"
 gem "sqlite3", "~> 1.3.13"
 gem "timecop", "~> 0.6"
-gem "pry", require: false
 gem "railties", "~> 5.1.0"
 gem "rails-controller-testing"
 

data/gemfiles/rails_5.2.gemfile

@@ -3,18 +3,17 @@
 source "https://rubygems.org"
 
 gem "addressable", "~> 2.6.0"
-gem "appraisal"
 gem "ammeter"
-gem "bundler", "~> 1.3"
+gem "appraisal"
 gem "capybara", ">= 2.6.2"
 gem "database_cleaner", "~> 1.0"
 gem "factory_bot_rails", "~> 5.0"
 gem "nokogiri", "~> 1.10.0"
-gem "rspec-rails", "~> 3.1"
+gem "pry", require: false
+gem "rspec-rails", "~> 3.5"
 gem "shoulda-matchers", "~> 4.0"
 gem "sqlite3", "~> 1.3.13"
 gem "timecop", "~> 0.6"
-gem "pry", require: false
 gem "railties", "~> 5.2.0"
 gem "rails-controller-testing"
 

data/lib/clearance.rb

@@ -10,12 +10,4 @@ require 'clearance/password_strategies'
 require 'clearance/constraints'
 
 module Clearance
-  # @deprecated Use `Gem::Specification` API if you need to access Clearance's
-  #   Gem root.
-  def self.root
-    warn "#{Kernel.caller.first}: [DEPRECATION] `Clearance.root` is " +
-      "deprecated and will be removed in the next major release. If you need " +
-      "to find Clearance's root, you can use the `Gem::Specification` API."
-    File.expand_path('../..', __FILE__)
-  end
 end

data/lib/clearance/authentication.rb

@@ -10,7 +10,6 @@ module Clearance
       private(
         :authenticate,
         :current_user,
-        :current_user=,
         :handle_unverified_request,
         :sign_in,
         :sign_out,
@@ -40,13 +39,6 @@ module Clearance
       clearance_session.current_user
     end
 
-    # @deprecated Use the {#sign_in} method instead.
-    def current_user=(user)
-      warn "#{Kernel.caller.first}: [DEPRECATION] " +
-        'Assigning the current_user has been deprecated. Use the sign_in method instead.'
-      clearance_session.sign_in user
-    end
-
     # Sign in the provided user.
     # @param [User] user
     #

data/lib/clearance/authorization.rb

@@ -3,7 +3,7 @@ module Clearance
     extend ActiveSupport::Concern
 
     included do
-      private :authorize, :deny_access, :require_login
+      private :deny_access, :require_login
     end
 
     # Use as a `before_action` to require a user be signed in to proceed.
@@ -23,15 +23,6 @@ module Clearance
       end
     end
 
-    # @deprecated use {#require_login}
-    def authorize
-      warn "[DEPRECATION] Clearance's `authorize` before_action is " +
-        "deprecated. Use `require_login` instead. Be sure to update any " +
-        "instances of `skip_before_action :authorize` or " +
-        "`skip_before_action :authorize` as well"
-      require_login
-    end
-
     # Responds to unauthorized requests in a manner fitting the request format.
     # `js`, `json`, and `xml` requests will receive a 401 with no body. All
     # other formats will be redirected appropriately and can optionally have the
@@ -63,7 +54,7 @@ module Clearance
       store_location
 
       if flash_message
-        flash[:notice] = flash_message
+        flash[:alert] = flash_message
       end
 
       if signed_in?

data/lib/clearance/session.rb

@@ -112,15 +112,7 @@ module Clearance
 
     # @api private
     def remember_token_expires
-      if expires_configuration.arity == 1
-        expires_configuration.call(cookies)
-      else
-        warn "#{Kernel.caller.first}: [DEPRECATION] " +
-          'Clearance.configuration.cookie_expiration lambda with no parameters ' +
-          'has been deprecated and will be removed from a future release. The ' +
-          'lambda should accept the collection of previously set cookies.'
-        expires_configuration.call
-      end
+      expires_configuration.call(cookies)
     end
 
     # @api private

data/lib/clearance/testing/deny_access_matcher.rb

@@ -8,7 +8,7 @@ module Clearance
     module Matchers
       # The `deny_access` matcher is used to assert that a
       #   request is denied access by clearance.
-      # @option opts [String] :flash The expected flash notice message. Defaults
+      # @option opts [String] :flash The expected flash alert message. Defaults
       #   to nil, which means the flash will not be checked.
       # @option opts [String] :redirect The expected redirect url. Defaults to
       #   `'/'` if signed in or the `sign_in_url` if signed out.
@@ -78,16 +78,12 @@ module Clearance
           @controller.request.env[:clearance]
         end
 
-        def flash_notice
-          @controller.flash[:notice]
+        def flash_alert
+          @controller.flash[:alert]
         end
 
-        def flash_notice_value
-          if flash_notice.respond_to?(:values)
-            flash_notice.values.first
-          else
-            flash_notice
-          end
+        def flash_alert_value
+          flash_alert.values.first
         end
 
         def redirects_to_url?
@@ -107,16 +103,14 @@ module Clearance
         def sets_the_flash?
           if @flash.blank?
             true
+          elsif flash_alert_value == @flash
+            @failure_message_when_negated <<
+              "Didn't expect to set the flash to #{@flash}"
+            true
           else
-            if flash_notice_value == @flash
-              @failure_message_when_negated <<
-                "Didn't expect to set the flash to #{@flash}"
-              true
-            else
-              @failure_message << "Expected the flash to be set to #{@flash} "\
-                "but was #{flash_notice_value}"
-              false
-            end
+            @failure_message << "Expected the flash to be set to #{@flash} "\
+              "but was #{flash_alert_value}"
+            false
           end
         end
       end

data/lib/clearance/user.rb

@@ -47,9 +47,6 @@ module Clearance
   #   @return [String] The value used to identify this user in the password
   #     reset link.
   #
-  # @!attribute password_changing
-  #   @deprecated Dirty tracking is now handled automatically.
-  #
   # @!attribute [r] password
   #   @return [String] Transient (non-persisted) attribute that is set when
   #     updating a user's password. Only the {#encrypted_password} is persisted.
@@ -111,24 +108,6 @@ module Clearance
         encrypted_password_will_change!
         super
       end
-
-      def password_changing
-        warn "#{Kernel.caller.first}: [DEPRECATION] " \
-          "The `password_changing` attribute is deprecated. Clearance uses " \
-          "the dirty state of the `encrypted_password` field to track this " \
-          "automatically."
-
-        @password_changing
-      end
-
-      def password_changing=(value)
-        warn "#{Kernel.caller.first}: [DEPRECATION] " \
-          "The `password_changing` attribute is deprecated. Clearance uses " \
-          "the dirty state of the `encrypted_password` field to track this " \
-          "automatically."
-
-        @password_changing = value
-      end
     end
 
     # @api private