devise 0.7.3 → 0.7.4

data/lib/devise/serializers/base.rb

@@ -7,24 +7,17 @@ module Devise
       attr_reader :scope
 
       def serialize(record)
-        record.class.send(:"serialize_into_#{serialization_type}", record)
+        record.class.send(:"serialize_into_#{klass_type}", record)
       end
 
       def deserialize(keys)
-        mapping.to.send(:"serialize_from_#{serialization_type}", keys)
+        mapping.to.send(:"serialize_from_#{klass_type}", keys)
       end
 
       def fetch(scope)
         @scope = scope
         super
       end
-
-      def serialization_type
-        @serialization_type ||= begin
-          warden = self.class.ancestors.find{ |k| k < Warden::Serializers::Base && k != self.class }
-          warden.name.split("::").last.underscore
-        end
-      end
     end
   end
 end

data/lib/devise/serializers/cookie.rb

@@ -0,0 +1,43 @@
+require 'devise/serializers/base'
+
+module Devise
+  module Serializers
+    # This is a cookie serializer which stores the information if a :remember_me
+    # is sent in the params and if the model responds to remember_me! as well.
+    # As in Session serializer, the invoked methods are:
+    #
+    #   User.serialize_into_cookie(@user)
+    #   User.serialize_from_cookie(*args)
+    #
+    # An implementation for such methods can be found at Devise::Models::Rememberable.
+    #
+    # Differently from session, this approach is based in a token which is stored in
+    # the database. So if you want to sign out all clients at once, you just need to
+    # clean up the token column.
+    #
+    class Cookie < Warden::Serializers::Cookie
+      include Devise::Serializers::Base
+
+      def store(record, scope)
+        remember_me = params[scope].try(:fetch, :remember_me, nil)
+        if Devise::TRUE_VALUES.include?(remember_me) && record.respond_to?(:remember_me!)
+          record.remember_me!
+          super
+        end
+      end
+
+      def default_options(record)
+        super.merge!(:expires => record.remember_expires_at)
+      end
+
+      def delete(scope, record=nil)
+        if record && record.respond_to?(:forget_me!)
+          record.forget_me! 
+          super
+        end
+      end
+    end
+  end
+end
+
+Warden::Serializers.add(:cookie, Devise::Serializers::Cookie)

data/lib/devise/serializers/session.rb

@@ -0,0 +1,22 @@
+require 'devise/serializers/base'
+
+module Devise
+  module Serializers
+    # This serializer stores sign in information in th client session. It just
+    # extends Warden own serializer to move all the serialization logic to a
+    # class. For example, if a @user resource is given, it will call the following
+    # two methods to serialize and deserialize a record:
+    #
+    #   User.serialize_into_session(@user)
+    #   User.serialize_from_session(*args)
+    #
+    # This can be used any strategy and the default implementation is available
+    # at Devise::Models::SessionSerializer.
+    #
+    class Session < Warden::Serializers::Session
+      include Devise::Serializers::Base
+    end
+  end
+end
+
+Warden::Serializers.add(:session, Devise::Serializers::Session)

data/lib/devise/version.rb

@@ -1,3 +1,3 @@
 module Devise
-  VERSION = "0.7.3".freeze
+  VERSION = "0.7.4".freeze
 end

data/test/integration/confirmable_test.rb

@@ -27,7 +27,7 @@ class ConfirmationTest < ActionController::IntegrationTest
     assert_response :success
     assert_template 'confirmations/new'
     assert_have_selector '#errorExplanation'
-    assert_contain 'Confirmation token is invalid'
+    assert_contain /Confirmation token(.*)invalid/
   end
 
   test 'user with valid confirmation token should be able to confirm an account' do
@@ -44,7 +44,8 @@ class ConfirmationTest < ActionController::IntegrationTest
 
   test 'user already confirmed user should not be able to confirm the account again' do
     user = create_user(:confirm => false)
-    user.update_attribute(:confirmed_at, Time.now)
+    user.confirmed_at = Time.now
+    user.save
     visit_user_confirmation_with_token(user.confirmation_token)
 
     assert_template 'confirmations/new'

data/test/integration/recoverable_test.rb

@@ -78,7 +78,7 @@ class PasswordTest < ActionController::IntegrationTest
     assert_response :success
     assert_template 'passwords/edit'
     assert_have_selector '#errorExplanation'
-    assert_contain 'Reset password token is invalid'
+    assert_contain /Reset password token(.*)invalid/
     assert_not user.reload.valid_password?('987654321')
   end
 

data/test/mapping_test.rb

@@ -14,8 +14,8 @@ class MappingTest < ActiveSupport::TestCase
     assert_equal :admin_area, Devise.mappings[:admin].as
   end
 
-  test 'allow custom singular to be given' do
-    assert_equal :organizers, Devise.mappings[:manager].as
+  test 'allow custom scope to be given' do
+    assert_equal :accounts, Devise.mappings[:manager].as
   end
 
   test 'allows a controller depending on the mapping' do
@@ -70,7 +70,7 @@ class MappingTest < ActiveSupport::TestCase
   end
 
   test 'allow custom path names to be given' do
-    mapping = Devise.mappings[:account]
+    mapping = Devise.mappings[:manager]
     assert_equal 'login', mapping.path_names[:sign_in]
     assert_equal 'logout', mapping.path_names[:sign_out]
     assert_equal 'secret', mapping.path_names[:password]
@@ -78,7 +78,7 @@ class MappingTest < ActiveSupport::TestCase
   end
 
   test 'has an empty path as default path prefix' do
-    mapping = Devise.mappings[:account]
+    mapping = Devise.mappings[:user]
     assert_equal '/', mapping.path_prefix
   end
 
@@ -88,20 +88,20 @@ class MappingTest < ActiveSupport::TestCase
   end
 
   test 'retrieve as from the proper position' do
-    assert_equal 1, Devise.mappings[:account].as_position
+    assert_equal 1, Devise.mappings[:user].as_position
     assert_equal 2, Devise.mappings[:manager].as_position
   end
 
   test 'raw path is returned' do
-    assert_equal '/account', Devise.mappings[:account].raw_path
-    assert_equal '/:locale/organizers', Devise.mappings[:manager].raw_path
+    assert_equal '/users', Devise.mappings[:user].raw_path
+    assert_equal '/:locale/accounts', Devise.mappings[:manager].raw_path
   end
 
   test 'parsed path is returned' do
     begin
       Devise.default_url_options {{ :locale => I18n.locale }}
-      assert_equal '/account', Devise.mappings[:account].parsed_path
-      assert_equal '/en/organizers', Devise.mappings[:manager].parsed_path
+      assert_equal '/users', Devise.mappings[:user].parsed_path
+      assert_equal '/en/accounts', Devise.mappings[:manager].parsed_path
     ensure
       Devise.default_url_options {{ }}
     end

data/test/models/authenticatable_test.rb

@@ -168,8 +168,8 @@ class AuthenticatableTest < ActiveSupport::TestCase
     user = create_user
     assert_not user.update_with_password(:old_password => 'other',
       :password => 'pass321', :password_confirmation => 'pass321')
-    assert_equal 'is invalid', user.errors[:old_password]
     assert user.reload.valid_password?('123456')
+    assert_match /invalid/, user.errors[:old_password]
   end
 
   test 'should not update password with invalid confirmation' do

data/test/models/confirmable_test.rb

@@ -57,7 +57,7 @@ class ConfirmableTest < ActiveSupport::TestCase
     assert_nil user.errors[:email]
 
     assert_not user.confirm!
-    assert_equal 'already confirmed', user.errors[:email]
+    assert_match /already confirmed/, user.errors[:email]
   end
 
   test 'should find and confirm an user automatically' do
@@ -70,18 +70,19 @@ class ConfirmableTest < ActiveSupport::TestCase
   test 'should return a new record with errors when a invalid token is given' do
     confirmed_user = User.confirm!(:confirmation_token => 'invalid_confirmation_token')
     assert confirmed_user.new_record?
-    assert_equal "is invalid", confirmed_user.errors[:confirmation_token]
+    assert_match /invalid/, confirmed_user.errors[:confirmation_token]
   end
 
   test 'should return a new record with errors when a blank token is given' do
     confirmed_user = User.confirm!(:confirmation_token => '')
     assert confirmed_user.new_record?
-    assert_equal "can't be blank", confirmed_user.errors[:confirmation_token]
+    assert_match /blank/, confirmed_user.errors[:confirmation_token]
   end
 
   test 'should generate errors for a user email if user is already confirmed' do
     user = create_user
-    user.update_attribute(:confirmed_at, Time.now)
+    user.confirmed_at = Time.now
+    user.save
     confirmed_user = User.confirm!(:confirmation_token => user.confirmation_token)
     assert confirmed_user.confirmed?
     assert confirmed_user.errors[:email]
@@ -220,7 +221,8 @@ class ConfirmableTest < ActiveSupport::TestCase
 
   test 'should not be active without confirmation' do
     user = create_user
-    user.update_attribute(:confirmation_sent_at, nil)
+    user.confirmation_sent_at = nil
+    user.save
     assert_not user.reload.active?
   end
 end

data/test/models/recoverable_test.rb

@@ -83,7 +83,7 @@ class RecoverableTest < ActiveSupport::TestCase
   test 'should return a new record with errors if user was not found by e-mail' do
     reset_password_user = User.send_reset_password_instructions(:email => "invalid@email.com")
     assert reset_password_user.new_record?
-    assert_equal 'not found', reset_password_user.errors[:email]
+    assert_match /not found/, reset_password_user.errors[:email]
   end
 
   test 'should reset reset_password_token before send the reset instructions email' do
@@ -111,13 +111,13 @@ class RecoverableTest < ActiveSupport::TestCase
   test 'should a new record with errors if no reset_password_token is found' do
     reset_password_user = User.reset_password!(:reset_password_token => 'invalid_token')
     assert reset_password_user.new_record?
-    assert_equal 'is invalid', reset_password_user.errors[:reset_password_token]
+    assert_match /invalid/, reset_password_user.errors[:reset_password_token]
   end
 
   test 'should a new record with errors if reset_password_token is blank' do
     reset_password_user = User.reset_password!(:reset_password_token => '')
     assert reset_password_user.new_record?
-    assert_equal "can't be blank", reset_password_user.errors[:reset_password_token]
+    assert_match /blank/, reset_password_user.errors[:reset_password_token]
   end
 
   test 'should reset successfully user password given the new password and confirmation' do

data/test/models/rememberable_test.rb

@@ -56,7 +56,8 @@ class RememberableTest < ActiveSupport::TestCase
   test 'valid remember token should also verify if remember is not expired' do
     user = create_user
     user.remember_me!
-    user.update_attribute(:remember_created_at, 3.days.ago)
+    user.remember_created_at = 3.days.ago
+    user.save
     assert_not user.valid_remember_token?(user.remember_token)
   end
 
@@ -72,8 +73,11 @@ class RememberableTest < ActiveSupport::TestCase
     assert_equal user, User.serialize_from_cookie("#{user.id}::#{user.remember_token}")
   end
 
-  test 'serialize should return nil if no user is found' do
-    assert_nil User.serialize_from_cookie('0::123')
+  # MongoMapper cries if an invalid ID is given, so this does not need to be tested
+  unless DEVISE_ORM == :mongo_mapper
+    test 'serialize should return nil if no user is found' do
+      assert_nil User.serialize_from_cookie('0::123')
+    end
   end
 
   test 'remember me return nil if is a valid user with invalid token' do
@@ -113,7 +117,8 @@ class RememberableTest < ActiveSupport::TestCase
     swap Devise, :remember_for => 1.day do
       user = create_user
       user.remember_me!
-      user.update_attribute(:remember_created_at, 2.days.ago)
+      user.remember_created_at = 2.days.ago
+      user.save
       assert user.remember_expired?
     end
   end
@@ -122,7 +127,8 @@ class RememberableTest < ActiveSupport::TestCase
     swap Devise, :remember_for => 30.days do
       user = create_user
       user.remember_me!
-      user.update_attribute(:remember_created_at, 30.days.ago + 2.minutes)
+      user.remember_created_at = (30.days.ago + 2.minutes)
+      user.save
       assert_not user.remember_expired?
     end
   end

data/test/models/validatable_test.rb

@@ -1,6 +1,7 @@
 require 'test/test_helper'
 
 class ValidatableTest < ActiveSupport::TestCase
+  extend Devise::TestSilencer if [:mongo_mapper, :data_mapper].include?(DEVISE_ORM)
 
   test 'should require email to be set' do
     user = new_user(:email => nil)

data/test/models_test.rb

@@ -24,7 +24,7 @@ class Timeoutable < User
   devise :authenticatable, :timeoutable
 end
 
-class Validatable < User
+class IsValidatable < User
   devise :authenticatable, :validatable
 end
 
@@ -37,11 +37,11 @@ class Exceptable < User
 end
 
 class Configurable < User
-  devise :all, :stretches => 15,
-               :pepper => 'abcdef',
-               :confirm_within => 5.days,
-               :remember_for => 7.days,
-               :timeout_in => 15.minutes
+  devise :all, :timeoutable, :stretches => 15,
+                             :pepper => 'abcdef',
+                             :confirm_within => 5.days,
+                             :remember_for => 7.days,
+                             :timeout_in => 15.minutes
 end
 
 class ActiveRecordTest < ActiveSupport::TestCase
@@ -60,7 +60,7 @@ class ActiveRecordTest < ActiveSupport::TestCase
     end
   end
 
-  test 'include by default authenticatable only' do
+  test 'add authenticatable module only' do
     assert_include_modules Authenticatable, :authenticatable
   end
 
@@ -85,16 +85,16 @@ class ActiveRecordTest < ActiveSupport::TestCase
   end
 
   test 'add validatable module only' do
-    assert_include_modules Validatable, :authenticatable, :validatable
+    assert_include_modules IsValidatable, :authenticatable, :validatable
   end
 
   test 'add all modules' do
     assert_include_modules Devisable,
-      :authenticatable, :confirmable, :recoverable, :rememberable, :trackable, :timeoutable, :validatable
+      :authenticatable, :confirmable, :recoverable, :rememberable, :trackable, :validatable
   end
 
   test 'configure modules with except option' do
-    assert_include_modules Exceptable, :authenticatable, :confirmable, :trackable, :timeoutable
+    assert_include_modules Exceptable, :authenticatable, :confirmable, :trackable
   end
 
   test 'set a default value for stretches' do

data/test/orm/active_record.rb

@@ -0,0 +1,29 @@
+require File.join(File.dirname(__FILE__), '..', 'rails_app', 'config', 'environment')
+require 'test_help'
+
+ActiveRecord::Migration.verbose = false
+ActiveRecord::Base.logger = Logger.new(nil)
+ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
+
+ActiveRecord::Schema.define(:version => 1) do
+  [:users, :admins, :accounts].each do |table|
+    create_table table do |t|
+      t.authenticatable :null => table == :admins
+
+      if table != :admin
+        t.string :username
+        t.confirmable
+        t.recoverable
+        t.rememberable
+        t.trackable
+      end
+
+      t.timestamps
+    end
+  end
+end
+
+class ActiveSupport::TestCase
+  self.use_transactional_fixtures = true
+  self.use_instantiated_fixtures  = false
+end

data/test/orm/mongo_mapper.rb

@@ -0,0 +1,21 @@
+require 'mongo_mapper'
+MongoMapper.database = "devise-test-suite"
+MongoMapper.connection = Mongo::Connection.new('127.0.0.1', 27017)
+
+require File.join(File.dirname(__FILE__), '..', 'rails_app', 'config', 'environment')
+require 'test_help'
+
+module MongoMapper::Document
+  # TODO This should not be required
+  def invalid?
+    !valid?
+  end
+end
+
+class ActiveSupport::TestCase
+  setup do
+    User.delete_all
+    Admin.delete_all
+    Account.delete_all
+  end
+end

data/test/rails_app/app/{models → active_record}/admin.rb

@@ -1,5 +1,5 @@
 class Admin < ActiveRecord::Base
-  devise :all, :except => [:recoverable, :confirmable, :rememberable, :validatable, :trackable]
+  devise :all, :timeoutable, :except => [:recoverable, :confirmable, :rememberable, :validatable, :trackable]
 
   def self.find_for_authentication(conditions)
     last(:conditions => conditions)

data/test/rails_app/app/{models → active_record}/user.rb

@@ -1,4 +1,4 @@
 class User < ActiveRecord::Base
-  devise :all
+  devise :all, :timeoutable
   attr_accessible :username, :email, :password, :password_confirmation
 end

data/test/rails_app/app/mongo_mapper/account.rb

@@ -0,0 +1,9 @@
+class Account
+  include MongoMapper::Document
+
+  devise :all
+
+  def self.find_for_authentication(conditions)
+    nil
+  end
+end