RubyGems - devise - Versions diffs - 0.8.2 → 0.9.0 - Mend

devise 0.8.2 → 0.9.0

Potentially problematic release.

This version of devise might be problematic. Click here for more details.

Files changed (80) hide show

data/CHANGELOG.rdoc +21 -2
data/README.rdoc +40 -54
data/Rakefile +1 -1
data/TODO +1 -3
data/app/controllers/confirmations_controller.rb +9 -20
data/app/controllers/passwords_controller.rb +9 -20
data/app/controllers/sessions_controller.rb +9 -9
data/app/controllers/unlocks_controller.rb +22 -0
data/app/models/devise_mailer.rb +6 -1
data/app/views/confirmations/new.html.erb +1 -5
data/app/views/devise_mailer/unlock_instructions.html.erb +7 -0
data/app/views/passwords/edit.html.erb +1 -5
data/app/views/passwords/new.html.erb +1 -5
data/app/views/sessions/new.html.erb +1 -7
data/app/views/shared/_devise_links.erb +15 -0
data/app/views/unlocks/new.html.erb +12 -0
data/generators/devise/templates/migration.rb +2 -0
data/generators/devise/templates/model.rb +4 -1
data/generators/devise_install/templates/devise.rb +20 -10
data/lib/devise.rb +62 -18
data/lib/devise/controllers/common.rb +24 -0
data/lib/devise/controllers/helpers.rb +160 -80
data/lib/devise/controllers/internal_helpers.rb +120 -0
data/lib/devise/controllers/url_helpers.rb +2 -10
data/lib/devise/encryptors/bcrypt.rb +2 -2
data/lib/devise/hooks/activatable.rb +1 -4
data/lib/devise/hooks/rememberable.rb +30 -0
data/lib/devise/hooks/timeoutable.rb +4 -2
data/lib/devise/locales/en.yml +9 -2
data/lib/devise/mapping.rb +15 -11
data/lib/devise/models.rb +16 -35
data/lib/devise/models/activatable.rb +1 -1
data/lib/devise/models/authenticatable.rb +1 -9
data/lib/devise/models/confirmable.rb +6 -2
data/lib/devise/models/lockable.rb +142 -0
data/lib/devise/models/rememberable.rb +19 -2
data/lib/devise/models/timeoutable.rb +1 -2
data/lib/devise/orm/active_record.rb +2 -0
data/lib/devise/orm/data_mapper.rb +1 -1
data/lib/devise/orm/mongo_mapper.rb +12 -1
data/lib/devise/rails/routes.rb +5 -1
data/lib/devise/rails/warden_compat.rb +13 -13
data/lib/devise/schema.rb +7 -0
data/lib/devise/strategies/authenticatable.rb +1 -3
data/lib/devise/strategies/base.rb +1 -1
data/lib/devise/strategies/rememberable.rb +37 -0
data/lib/devise/test_helpers.rb +1 -1
data/lib/devise/version.rb +1 -1
data/test/controllers/helpers_test.rb +155 -33
data/test/controllers/internal_helpers_test.rb +55 -0
data/test/devise_test.rb +24 -3
data/test/encryptors_test.rb +3 -1
data/test/integration/lockable_test.rb +83 -0
data/test/integration/rememberable_test.rb +1 -1
data/test/mailers/unlock_instructions_test.rb +62 -0
data/test/models/authenticatable_test.rb +0 -23
data/test/models/lockable_test.rb +202 -0
data/test/models/timeoutable_test.rb +7 -7
data/test/models/validatable_test.rb +2 -2
data/test/models_test.rb +9 -76
data/test/orm/active_record.rb +1 -0
data/test/orm/mongo_mapper.rb +0 -1
data/test/rails_app/app/active_record/admin.rb +1 -1
data/test/rails_app/app/active_record/user.rb +2 -1
data/test/rails_app/app/mongo_mapper/admin.rb +1 -1
data/test/rails_app/app/mongo_mapper/user.rb +2 -1
data/test/rails_app/config/initializers/devise.rb +13 -10
data/test/rails_app/config/routes.rb +5 -3
data/test/routes_test.rb +5 -0
data/test/support/integration_tests_helper.rb +1 -0
metadata +16 -12
data/lib/devise/controllers/filters.rb +0 -186
data/lib/devise/models/cookie_serializer.rb +0 -21
data/lib/devise/models/session_serializer.rb +0 -19
data/lib/devise/serializers/base.rb +0 -23
data/lib/devise/serializers/cookie.rb +0 -43
data/lib/devise/serializers/session.rb +0 -22
data/test/controllers/filters_test.rb +0 -177
data/test/rails_app/app/active_record/account.rb +0 -7
data/test/rails_app/app/mongo_mapper/account.rb +0 -9

data/lib/devise/models/cookie_serializer.rb DELETED

@@ -1,21 +0,0 @@
-require 'devise/serializers/cookie'
-module Devise
-  module Models
-    module CookieSerializer
-      # Create the cookie key using the record id and remember_token
-      def serialize_into_cookie(record)
-        "#{record.id}::#{record.remember_token}"
-      end
-      # Recreate the user based on the stored cookie
-      def serialize_from_cookie(cookie)
-        record_id, record_token = cookie.split('::')
-        record = find(:first, :conditions => { :id => record_id }) if record_id
-        record if record.try(:valid_remember_token?, record_token)
-      end
-      Devise::Models.config(self, :remember_for)
-    end
-  end
-end

data/lib/devise/models/session_serializer.rb DELETED

@@ -1,19 +0,0 @@
-require 'devise/serializers/session'
-module Devise
-  module Models
-    module SessionSerializer
-      # Hook to serialize user into session. Overwrite if you want.
-      def serialize_into_session(record)
-        [record.class, record.id]
-      end
-      # Hook to serialize user from session. Overwrite if you want.
-      def serialize_from_session(keys)
-        klass, id = keys
-        raise "#{self} cannot serialize from #{klass} session since it's not one of its ancestors" unless klass <= self
-        klass.find(:first, :conditions => { :id => id })
-      end
-    end
-  end
-end

data/lib/devise/serializers/base.rb DELETED

@@ -1,23 +0,0 @@
-require 'devise/strategies/base'
-module Devise
-  module Serializers
-    module Base
-      include Devise::Strategies::Base
-      attr_reader :scope
-      def serialize(record)
-        record.class.send(:"serialize_into_#{klass_type}", record)
-      end
-      def deserialize(keys)
-        mapping.to.send(:"serialize_from_#{klass_type}", keys)
-      end
-      def fetch(scope)
-        @scope = scope
-        super
-      end
-    end
-  end
-end

data/lib/devise/serializers/cookie.rb DELETED

@@ -1,43 +0,0 @@
-require 'devise/serializers/base'
-module Devise
-  module Serializers
-    # This is a cookie serializer which stores the information if a :remember_me
-    # is sent in the params and if the model responds to remember_me! as well.
-    # As in Session serializer, the invoked methods are:
-    #
-    #   User.serialize_into_cookie(@user)
-    #   User.serialize_from_cookie(*args)
-    #
-    # An implementation for such methods can be found at Devise::Models::Rememberable.
-    #
-    # Differently from session, this approach is based in a token which is stored in
-    # the database. So if you want to sign out all clients at once, you just need to
-    # clean up the token column.
-    #
-    class Cookie < Warden::Serializers::Cookie
-      include Devise::Serializers::Base
-      def store(record, scope)
-        remember_me = params[scope].try(:fetch, :remember_me, nil)
-        if Devise::TRUE_VALUES.include?(remember_me) && record.respond_to?(:remember_me!)
-          record.remember_me!
-          super
-        end
-      end
-      def default_options(record)
-        super.merge!(:expires => record.remember_expires_at)
-      end
-      def delete(scope, record=nil)
-        if record && record.respond_to?(:forget_me!)
-          record.forget_me!
-          super
-        end
-      end
-    end
-  end
-end
-Warden::Serializers.add(:cookie, Devise::Serializers::Cookie)

data/lib/devise/serializers/session.rb DELETED

@@ -1,22 +0,0 @@
-require 'devise/serializers/base'
-module Devise
-  module Serializers
-    # This serializer stores sign in information in th client session. It just
-    # extends Warden own serializer to move all the serialization logic to a
-    # class. For example, if a @user resource is given, it will call the following
-    # two methods to serialize and deserialize a record:
-    #
-    #   User.serialize_into_session(@user)
-    #   User.serialize_from_session(*args)
-    #
-    # This can be used any strategy and the default implementation is available
-    # at Devise::Models::SessionSerializer.
-    #
-    class Session < Warden::Serializers::Session
-      include Devise::Serializers::Base
-    end
-  end
-end
-Warden::Serializers.add(:session, Devise::Serializers::Session)

data/test/controllers/filters_test.rb DELETED

@@ -1,177 +0,0 @@
-require 'test/test_helper'
-require 'ostruct'
-class MockController < ApplicationController
-  attr_accessor :env
-  def request
-    self
-  end
-  def path
-    ''
-  end
-end
-class ControllerAuthenticableTest < ActionController::TestCase
-  tests MockController
-  def setup
-    @controller = MockController.new
-    @mock_warden = OpenStruct.new
-    @controller.env = { 'warden' => @mock_warden }
-    @controller.session = {}
-  end
-  test 'setup warden' do
-    assert_not_nil @controller.warden
-  end
-  test 'provide access to warden instance' do
-    assert_equal @controller.warden, @controller.env['warden']
-  end
-  test 'run authenticate? with scope on warden' do
-    @mock_warden.expects(:authenticated?).with(:my_scope)
-    @controller.signed_in?(:my_scope)
-  end
-  test 'proxy signed_in? to authenticated' do
-    @mock_warden.expects(:authenticated?).with(:my_scope)
-    @controller.signed_in?(:my_scope)
-  end
-  test 'run user with scope on warden' do
-    @mock_warden.expects(:user).with(:admin).returns(true)
-    @controller.current_admin
-    @mock_warden.expects(:user).with(:user).returns(true)
-    @controller.current_user
-  end
-  test 'proxy user_authenticate! to authenticate with user scope' do
-    @mock_warden.expects(:authenticate!).with(:scope => :user)
-    @controller.authenticate_user!
-  end
-  test 'proxy admin_authenticate! to authenticate with admin scope' do
-    @mock_warden.expects(:authenticate!).with(:scope => :admin)
-    @controller.authenticate_admin!
-  end
-  test 'proxy user_authenticated? to authenticate with user scope' do
-    @mock_warden.expects(:authenticated?).with(:user)
-    @controller.user_signed_in?
-  end
-  test 'proxy admin_authenticated? to authenticate with admin scope' do
-    @mock_warden.expects(:authenticated?).with(:admin)
-    @controller.admin_signed_in?
-  end
-  test 'proxy user_session to session scope in warden' do
-    @mock_warden.expects(:session).with(:user).returns({})
-    @controller.user_session
-  end
-  test 'proxy admin_session to session scope in warden' do
-    @mock_warden.expects(:session).with(:admin).returns({})
-    @controller.admin_session
-  end
-  test 'sign in proxy to set_user on warden' do
-    user = User.new
-    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
-    @controller.sign_in(:user, user)
-  end
-  test 'sign in accepts a resource as argument' do
-    user = User.new
-    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
-    @controller.sign_in(user)
-  end
-  test 'sign out proxy to logout on warden' do
-    @mock_warden.expects(:user).with(:user).returns(true)
-    @mock_warden.expects(:logout).with(:user).returns(true)
-    @controller.sign_out(:user)
-  end
-  test 'sign out accepts a resource as argument' do
-    @mock_warden.expects(:user).with(:user).returns(true)
-    @mock_warden.expects(:logout).with(:user).returns(true)
-    @controller.sign_out(User.new)
-  end
-  test 'stored location for returns the location for a given scope' do
-    assert_nil @controller.stored_location_for(:user)
-    @controller.session[:"user.return_to"] = "/foo.bar"
-    assert_equal "/foo.bar", @controller.stored_location_for(:user)
-  end
-  test 'stored location for accepts a resource as argument' do
-    assert_nil @controller.stored_location_for(:user)
-    @controller.session[:"user.return_to"] = "/foo.bar"
-    assert_equal "/foo.bar", @controller.stored_location_for(User.new)
-  end
-  test 'stored location cleans information after reading' do
-    @controller.session[:"user.return_to"] = "/foo.bar"
-    assert_equal "/foo.bar", @controller.stored_location_for(:user)
-    assert_nil @controller.session[:"user.return_to"]
-  end
-  test 'after sign in path defaults to root path if none by was specified for the given scope' do
-    assert_equal root_path, @controller.after_sign_in_path_for(:user)
-  end
-  test 'after sign in path defaults to the scoped root path' do
-    assert_equal admin_root_path, @controller.after_sign_in_path_for(:admin)
-  end
-  test 'after sign out path defaults to the root path' do
-    assert_equal root_path, @controller.after_sign_out_path_for(:admin)
-    assert_equal root_path, @controller.after_sign_out_path_for(:user)
-  end
-  test 'sign in and redirect uses the stored location' do
-    user = User.new
-    @controller.session[:"user.return_to"] = "/foo.bar"
-    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
-    @controller.expects(:redirect_to).with("/foo.bar")
-    @controller.sign_in_and_redirect(user)
-  end
-  test 'sign in and redirect uses the configured after sign in path' do
-    admin = Admin.new
-    @mock_warden.expects(:set_user).with(admin, :scope => :admin).returns(true)
-    @controller.expects(:redirect_to).with(admin_root_path)
-    @controller.sign_in_and_redirect(admin)
-  end
-  test 'only redirect if just a symbol is given' do
-    @controller.expects(:redirect_to).with(admin_root_path)
-    @controller.sign_in_and_redirect(:admin)
-  end
-  test 'sign out and redirect uses the configured after sign out path' do
-    @mock_warden.expects(:user).with(:admin).returns(true)
-    @mock_warden.expects(:logout).with(:admin).returns(true)
-    @controller.expects(:redirect_to).with(admin_root_path)
-    @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
-    @controller.sign_out_and_redirect(:admin)
-  end
-  test 'is not a devise controller' do
-    assert_not @controller.devise_controller?
-  end
-  test 'default url options are retrieved from devise' do
-    begin
-      Devise.default_url_options {{ :locale => I18n.locale }}
-      assert_equal({ :locale => :en }, @controller.send(:default_url_options))
-    ensure
-      Devise.default_url_options {{ }}
-    end
-  end
-end

data/test/rails_app/app/active_record/account.rb DELETED

@@ -1,7 +0,0 @@
-class Account < ActiveRecord::Base
-  devise :all
-  def self.find_for_authentication(conditions)
-    nil
-  end
-end

data/test/rails_app/app/mongo_mapper/account.rb DELETED

@@ -1,9 +0,0 @@
-class Account
-  include MongoMapper::Document
-  devise :all
-  def self.find_for_authentication(conditions)
-    nil
-  end
-end