cloudfoundry-devise 1.5.2

data/lib/generators/templates/markerb/confirmation_instructions.markerb

@@ -0,0 +1,5 @@
+Welcome <%= @resource.email %>!
+
+You can confirm your account through the link below:
+
+<%= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token) %>

data/lib/generators/templates/markerb/reset_password_instructions.markerb

@@ -0,0 +1,8 @@
+Hello <%= @resource.email %>!
+
+Someone has requested a link to change your password, and you can do this through the link below.
+
+<%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token) %>
+
+If you didn't request this, please ignore this email.
+Your password won't change until you access the link above and create a new one.

data/lib/generators/templates/markerb/unlock_instructions.markerb

@@ -0,0 +1,7 @@
+Hello <%= @resource.email %>!
+
+Your account has been locked due to an excessive amount of unsuccessful sign in attempts.
+
+Click the link below to unlock your account:
+
+<%= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @resource.unlock_token) %>

data/lib/generators/templates/simple_form_for/confirmations/new.html.erb

@@ -0,0 +1,15 @@
+<h2>Resend confirmation instructions</h2>
+
+<%= simple_form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f| %>
+  <%= f.error_notification %>
+
+  <div class="inputs">
+    <%= f.input :email, :required => true %>
+  </div>
+
+  <div class="actions">
+    <%= f.button :submit, "Resend confirmation instructions" %>
+  </div>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>

data/lib/generators/templates/simple_form_for/passwords/edit.html.erb

@@ -0,0 +1,19 @@
+<h2>Change your password</h2>
+
+<%= simple_form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f| %>
+  <%= f.error_notification %>
+
+  <%= f.input :reset_password_token, :as => :hidden %>
+  <%= f.full_error :reset_password_token %>
+
+  <div class="inputs">
+    <%= f.input :password, :label => "New password", :required => true %>
+    <%= f.input :password_confirmation, :label => "Confirm your new password", :required => true %>
+  </div>
+
+  <div class="actions">
+    <%= f.button :submit, "Change my password" %>
+  </div>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>

data/lib/generators/templates/simple_form_for/passwords/new.html.erb

@@ -0,0 +1,15 @@
+<h2>Forgot your password?</h2>
+
+<%= simple_form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f| %>
+  <%= f.error_notification %>
+
+  <div class="inputs">
+    <%= f.input :email, :required => true %>
+  </div>
+
+  <div class="actions">
+    <%= f.button :submit, "Send me reset password instructions" %>
+  </div>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>

data/lib/generators/templates/simple_form_for/registrations/edit.html.erb

@@ -0,0 +1,22 @@
+<h2>Edit <%= resource_name.to_s.humanize %></h2>
+
+<%= simple_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f| %>
+  <%= f.error_notification %>
+
+  <div class="inputs">
+    <%= f.input :email, :required => true, :autofocus => true %>
+    <%= f.input :password, :hint => "leave it blank if you don't want to change it", :required => false %>
+    <%= f.input :password_confirmation, :required => false %>
+    <%= f.input :current_password, :hint => "we need your current password to confirm your changes", :required => true %>
+  </div>
+
+  <div class="actions">
+    <%= f.button :submit, "Update" %>
+  </div>
+<% end %>
+
+<h3>Cancel my account</h3>
+
+<p>Unhappy? <%= link_to "Cancel my account", registration_path(resource_name), :confirm => "Are you sure?", :method => :delete %>.</p>
+
+<%= link_to "Back", :back %>

data/lib/generators/templates/simple_form_for/registrations/new.html.erb

@@ -0,0 +1,17 @@
+<h2>Sign up</h2>
+
+<%= simple_form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f| %>
+  <%= f.error_notification %>
+
+  <div class="inputs">
+    <%= f.input :email, :required => true, :autofocus => true %>
+    <%= f.input :password, :required => true %>
+    <%= f.input :password_confirmation, :required => true %>
+  </div>
+
+  <div class="actions">
+    <%= f.button :submit, "Sign up" %>
+  </div>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>

data/lib/generators/templates/simple_form_for/sessions/new.html.erb

@@ -0,0 +1,15 @@
+<h2>Sign in</h2>
+
+<%= simple_form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>
+  <div class="inputs">
+    <%= f.input :email, :required => false, :autofocus => true %>
+    <%= f.input :password, :required => false %>
+    <%= f.input :remember_me, :as => :boolean if devise_mapping.rememberable? %>
+  </div>
+
+  <div class="actions">
+    <%= f.button :submit, "Sign in" %>
+  </div>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>

data/lib/generators/templates/simple_form_for/unlocks/new.html.erb

@@ -0,0 +1,15 @@
+<h2>Resend unlock instructions</h2>
+
+<%= simple_form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f| %>
+  <%= f.error_notification %>
+
+  <div class="inputs">
+    <%= f.input :email, :required => true %>
+  </div>
+
+  <div class="actions">
+    <%= f.button :submit, "Resend unlock instructions" %>
+  </div>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>

data/test/controllers/helpers_test.rb

@@ -0,0 +1,254 @@
+require 'test_helper'
+require 'ostruct'
+
+class ControllerAuthenticatableTest < ActionController::TestCase
+  tests ApplicationController
+
+  def setup
+    @mock_warden = OpenStruct.new
+    @controller.request.env['warden'] = @mock_warden
+  end
+
+  test 'provide access to warden instance' do
+    assert_equal @mock_warden, @controller.warden
+  end
+
+  test 'proxy signed_in?(scope) to authenticate?' do
+    @mock_warden.expects(:authenticate?).with(:scope => :my_scope)
+    @controller.signed_in?(:my_scope)
+  end
+
+  test 'proxy signed_in?(nil) to authenticate?' do
+    Devise.mappings.keys.each do |scope| # :user, :admin, :manager
+      @mock_warden.expects(:authenticate?).with(:scope => scope)
+    end
+    @controller.signed_in?
+  end
+
+  test 'proxy current_user to authenticate with user scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :user)
+    @controller.current_user
+  end
+
+  test 'proxy current_admin to authenticate with admin scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :admin)
+    @controller.current_admin
+  end
+
+  test 'proxy current_publisher_account to authenticate with namespaced publisher account scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :publisher_account)
+    @controller.current_publisher_account
+  end
+
+  test 'proxy authenticate_user! to authenticate with user scope' do
+    @mock_warden.expects(:authenticate!).with(:scope => :user)
+    @controller.authenticate_user!
+  end
+
+  test 'proxy authenticate_user! options to authenticate with user scope' do
+    @mock_warden.expects(:authenticate!).with(:scope => :user, :recall => "foo")
+    @controller.authenticate_user!(:recall => "foo")
+  end
+
+  test 'proxy authenticate_admin! to authenticate with admin scope' do
+    @mock_warden.expects(:authenticate!).with(:scope => :admin)
+    @controller.authenticate_admin!
+  end
+
+  test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
+    @mock_warden.expects(:authenticate!).with(:scope => :publisher_account)
+    @controller.authenticate_publisher_account!
+  end
+
+  test 'proxy user_signed_in? to authenticate with user scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :user).returns("user")
+    assert @controller.user_signed_in?
+  end
+
+  test 'proxy admin_signed_in? to authenticatewith admin scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :admin)
+    assert_not @controller.admin_signed_in?
+  end
+
+  test 'proxy publisher_account_signed_in? to authenticate with namespaced publisher account scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :publisher_account)
+    @controller.publisher_account_signed_in?
+  end
+
+  test 'proxy user_session to session scope in warden' do
+    @mock_warden.expects(:authenticate).with(:scope => :user).returns(true)
+    @mock_warden.expects(:session).with(:user).returns({})
+    @controller.user_session
+  end
+
+  test 'proxy admin_session to session scope in warden' do
+    @mock_warden.expects(:authenticate).with(:scope => :admin).returns(true)
+    @mock_warden.expects(:session).with(:admin).returns({})
+    @controller.admin_session
+  end
+
+  test 'proxy publisher_account_session from namespaced scope to session scope in warden' do
+    @mock_warden.expects(:authenticate).with(:scope => :publisher_account).returns(true)
+    @mock_warden.expects(:session).with(:publisher_account).returns({})
+    @controller.publisher_account_session
+  end
+
+  test 'sign in proxy to set_user on warden' do
+    user = User.new
+    @mock_warden.expects(:user).returns(nil)
+    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @controller.sign_in(:user, user)
+  end
+
+  test 'sign in accepts a resource as argument' do
+    user = User.new
+    @mock_warden.expects(:user).returns(nil)
+    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @controller.sign_in(user)
+  end
+
+  test 'does not sign in again if the user is already in' do
+    user = User.new
+    @mock_warden.expects(:user).returns(user)
+    @mock_warden.expects(:set_user).never
+    assert @controller.sign_in(user)
+  end
+
+  test 'sign in again when the user is already in only if force is given' do
+    user = User.new
+    @mock_warden.expects(:user).returns(user)
+    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @controller.sign_in(user, :force => true)
+  end
+
+  test 'sign in accepts bypass as option' do
+    user = User.new
+    @mock_warden.expects(:session_serializer).returns(serializer = mock())
+    serializer.expects(:store).with(user, :user)
+    @controller.sign_in(user, :bypass => true)
+  end
+
+  test 'sign out clears up any signed in user from all scopes' do
+    user = User.new
+    @mock_warden.expects(:user).times(Devise.mappings.size)
+    @mock_warden.expects(:logout).with().returns(true)
+    @controller.instance_variable_set(:@current_user, user)
+    @controller.instance_variable_set(:@current_admin, user)
+    @controller.sign_out
+    assert_equal nil, @controller.instance_variable_get(:@current_user)
+    assert_equal nil, @controller.instance_variable_get(:@current_admin)
+  end
+
+  test 'sign out clears up any signed in user by scope' do
+    user = User.new
+    @mock_warden.expects(:user).with(:user).returns(user)
+    @mock_warden.expects(:logout).with(:user).returns(true)
+    @controller.instance_variable_set(:@current_user, user)
+    @controller.sign_out(:user)
+    assert_equal nil, @controller.instance_variable_get(:@current_user)
+  end
+  
+  test 'sign out proxy to logout on warden' do
+    @mock_warden.expects(:user).with(:user).returns(true)
+    @mock_warden.expects(:logout).with(:user).returns(true)
+    @controller.sign_out(:user)
+  end
+
+  test 'sign out accepts a resource as argument' do
+    @mock_warden.expects(:user).with(:user).returns(true)
+    @mock_warden.expects(:logout).with(:user).returns(true)
+    @controller.sign_out(User.new)
+  end
+
+  test 'sign out without args proxy to sign out all scopes' do
+    @mock_warden.expects(:user).times(Devise.mappings.size)
+    @mock_warden.expects(:logout).with().returns(true)
+    @controller.sign_out
+  end
+
+  test 'sign out everybody proxy to logout on warden' do
+    @mock_warden.expects(:user).times(Devise.mappings.size)
+    @mock_warden.expects(:logout).with().returns(true)
+    @controller.sign_out_all_scopes
+  end
+
+  test 'stored location for returns the location for a given scope' do
+    assert_nil @controller.stored_location_for(:user)
+    @controller.session[:"user_return_to"] = "/foo.bar"
+    assert_equal "/foo.bar", @controller.stored_location_for(:user)
+  end
+
+  test 'stored location for accepts a resource as argument' do
+    assert_nil @controller.stored_location_for(:user)
+    @controller.session[:"user_return_to"] = "/foo.bar"
+    assert_equal "/foo.bar", @controller.stored_location_for(User.new)
+  end
+
+  test 'stored location cleans information after reading' do
+    @controller.session[:"user_return_to"] = "/foo.bar"
+    assert_equal "/foo.bar", @controller.stored_location_for(:user)
+    assert_nil @controller.session[:"user_return_to"]
+  end
+
+  test 'after sign in path defaults to root path if none by was specified for the given scope' do
+    assert_equal root_path, @controller.after_sign_in_path_for(:user)
+  end
+
+  test 'after sign in path defaults to the scoped root path' do
+    assert_equal admin_root_path, @controller.after_sign_in_path_for(:admin)
+  end
+
+  test 'after sign out path defaults to the root path' do
+    assert_equal root_path, @controller.after_sign_out_path_for(:admin)
+    assert_equal root_path, @controller.after_sign_out_path_for(:user)
+  end
+
+  test 'sign in and redirect uses the stored location' do
+    user = User.new
+    @controller.session[:"user_return_to"] = "/foo.bar"
+    @mock_warden.expects(:user).with(:user).returns(nil)
+    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @controller.expects(:redirect_to).with("/foo.bar")
+    @controller.sign_in_and_redirect(user)
+  end
+
+  test 'sign in and redirect uses the configured after sign in path' do
+    admin = Admin.new
+    @mock_warden.expects(:user).with(:admin).returns(nil)
+    @mock_warden.expects(:set_user).with(admin, :scope => :admin).returns(true)
+    @controller.expects(:redirect_to).with(admin_root_path)
+    @controller.sign_in_and_redirect(admin)
+  end
+
+  test 'sign in and redirect does not sign in again if user is already signed' do
+    admin = Admin.new
+    @mock_warden.expects(:user).with(:admin).returns(admin)
+    @mock_warden.expects(:set_user).never
+    @controller.expects(:redirect_to).with(admin_root_path)
+    @controller.sign_in_and_redirect(admin)
+  end
+
+  test 'sign out and redirect uses the configured after sign out path when signing out only the current scope' do
+    swap Devise, :sign_out_all_scopes => false do
+      @mock_warden.expects(:user).with(:admin).returns(true)
+      @mock_warden.expects(:logout).with(:admin).returns(true)
+      @controller.expects(:redirect_to).with(admin_root_path)
+      @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
+      @controller.sign_out_and_redirect(:admin)
+    end
+  end
+
+  test 'sign out and redirect uses the configured after sign out path when signing out all scopes' do
+    swap Devise, :sign_out_all_scopes => true do
+      @mock_warden.expects(:user).times(Devise.mappings.size)
+      @mock_warden.expects(:logout).with().returns(true)
+      @controller.expects(:redirect_to).with(admin_root_path)
+      @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
+      @controller.sign_out_and_redirect(:admin)
+    end
+  end
+
+  test 'is not a devise controller' do
+    assert_not @controller.devise_controller?
+  end
+end

data/test/controllers/internal_helpers_test.rb

@@ -0,0 +1,96 @@
+require 'test_helper'
+
+class MyController < ApplicationController
+  include Devise::Controllers::InternalHelpers
+end
+
+class HelpersTest < ActionController::TestCase
+  tests MyController
+
+  def setup
+    @mock_warden = OpenStruct.new
+    @controller.request.env['warden'] = @mock_warden
+    @controller.request.env['devise.mapping'] = Devise.mappings[:user]
+  end
+
+  test 'get resource name from env' do
+    assert_equal :user, @controller.resource_name
+  end
+
+  test 'get resource class from env' do
+    assert_equal User, @controller.resource_class
+  end
+
+  test 'get resource instance variable from env' do
+    @controller.instance_variable_set(:@user, user = User.new)
+    assert_equal user, @controller.resource
+  end
+
+  test 'set resource instance variable from env' do
+    user = @controller.send(:resource_class).new
+    @controller.send(:resource=, user)
+
+    assert_equal user, @controller.send(:resource)
+    assert_equal user, @controller.instance_variable_get(:@user)
+  end
+
+  test 'resources methods are not controller actions' do
+    assert @controller.class.action_methods.empty?
+  end
+
+  test 'require no authentication tests current mapping' do
+    @mock_warden.expects(:authenticate?).with(:rememberable, :token_authenticatable, :scope => :user).returns(true)
+    @mock_warden.expects(:user).with(:user).returns(User.new)
+    @controller.expects(:redirect_to).with(root_path)
+    @controller.send :require_no_authentication
+  end
+
+  test 'require no authentication only checks if already authenticated if no inputs strategies are available' do
+    Devise.mappings[:user].expects(:no_input_strategies).returns([])
+    @mock_warden.expects(:authenticate?).never
+    @mock_warden.expects(:authenticated?).with(:user).once.returns(true)
+    @mock_warden.expects(:user).with(:user).returns(User.new)
+    @controller.expects(:redirect_to).with(root_path)
+    @controller.send :require_no_authentication
+  end
+
+  test 'require no authentication sets a flash message' do
+    @mock_warden.expects(:authenticate?).with(:rememberable, :token_authenticatable, :scope => :user).returns(true)
+    @mock_warden.expects(:user).with(:user).returns(User.new)
+    @controller.expects(:redirect_to).with(root_path)
+    @controller.send :require_no_authentication
+    assert flash[:alert] == I18n.t("devise.failure.already_authenticated")
+  end
+
+  test 'signed in resource returns signed in resource for current scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :user).returns(User.new)
+    assert_kind_of User, @controller.signed_in_resource
+  end
+
+  test 'is a devise controller' do
+    assert @controller.devise_controller?
+  end
+
+  test 'does not issue blank flash messages' do
+    MyController.send(:public, :set_flash_message)
+    I18n.stubs(:t).returns('   ')
+    @controller.set_flash_message :notice, :send_instructions
+    assert flash[:notice].nil?
+    MyController.send(:protected, :set_flash_message)
+  end
+
+  test 'issues non-blank flash messages normally' do
+    MyController.send(:public, :set_flash_message)
+    I18n.stubs(:t).returns('non-blank')
+    @controller.set_flash_message :notice, :send_instructions
+    assert flash[:notice] == 'non-blank'
+    MyController.send(:protected, :set_flash_message)
+  end
+
+  test 'navigational_formats not returning a wild card' do
+    MyController.send(:public, :navigational_formats)
+    Devise.navigational_formats = [:"*/*", :html]
+    assert_not @controller.navigational_formats.include?(:"*/*")
+    MyController.send(:protected, :navigational_formats)
+  end
+end