devise 1.0.11 → 1.1.pre
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/CHANGELOG.rdoc +6 -72
- data/Gemfile +18 -0
- data/README.rdoc +51 -46
- data/Rakefile +5 -4
- data/app/controllers/{confirmations_controller.rb → devise/confirmations_controller.rb} +2 -2
- data/app/controllers/{passwords_controller.rb → devise/passwords_controller.rb} +4 -3
- data/app/controllers/{registrations_controller.rb → devise/registrations_controller.rb} +11 -7
- data/app/controllers/{sessions_controller.rb → devise/sessions_controller.rb} +11 -8
- data/app/controllers/{unlocks_controller.rb → devise/unlocks_controller.rb} +2 -10
- data/app/models/devise/mailer.rb +55 -0
- data/app/views/{confirmations → devise/confirmations}/new.html.erb +1 -1
- data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/{passwords → devise/passwords}/edit.html.erb +1 -1
- data/app/views/{passwords → devise/passwords}/new.html.erb +1 -1
- data/app/views/{registrations → devise/registrations}/edit.html.erb +1 -1
- data/app/views/{registrations → devise/registrations}/new.html.erb +1 -1
- data/app/views/{sessions → devise/sessions}/new.html.erb +1 -1
- data/app/views/{shared/_devise_links.erb → devise/shared/_links.erb} +0 -0
- data/app/views/{unlocks → devise/unlocks}/new.html.erb +1 -1
- data/{lib/devise → config}/locales/en.yml +7 -1
- data/lib/devise.rb +6 -29
- data/lib/devise/controllers/helpers.rb +16 -43
- data/lib/devise/controllers/internal_helpers.rb +10 -36
- data/lib/devise/controllers/scoped_views.rb +35 -0
- data/lib/devise/failure_app.rb +7 -14
- data/lib/devise/hooks/rememberable.rb +3 -6
- data/lib/devise/hooks/trackable.rb +1 -1
- data/lib/devise/mapping.rb +17 -18
- data/lib/devise/models.rb +4 -20
- data/lib/devise/models/{database_authenticatable.rb → authenticatable.rb} +16 -28
- data/lib/devise/models/confirmable.rb +25 -23
- data/lib/devise/models/http_authenticatable.rb +3 -7
- data/lib/devise/models/lockable.rb +40 -35
- data/lib/devise/models/recoverable.rb +4 -8
- data/lib/devise/models/rememberable.rb +6 -9
- data/lib/devise/models/timeoutable.rb +1 -3
- data/lib/devise/models/token_authenticatable.rb +4 -5
- data/lib/devise/models/validatable.rb +10 -1
- data/lib/devise/orm/mongo_mapper.rb +10 -23
- data/lib/devise/rails.rb +11 -9
- data/lib/devise/rails/routes.rb +113 -107
- data/lib/devise/rails/warden_compat.rb +3 -41
- data/lib/devise/schema.rb +13 -21
- data/lib/devise/strategies/{database_authenticatable.rb → authenticatable.rb} +3 -3
- data/lib/devise/strategies/http_authenticatable.rb +4 -22
- data/lib/devise/test_helpers.rb +1 -8
- data/lib/devise/version.rb +1 -1
- data/lib/generators/devise/devise_generator.rb +57 -0
- data/{generators → lib/generators}/devise/templates/migration.rb +1 -1
- data/lib/generators/devise_install/devise_install_generator.rb +25 -0
- data/{generators → lib/generators}/devise_install/templates/README +4 -8
- data/{generators → lib/generators}/devise_install/templates/devise.rb +0 -3
- data/lib/generators/devise_views/devise_views_generator.rb +11 -0
- data/test/controllers/helpers_test.rb +15 -9
- data/test/devise_test.rb +1 -6
- data/test/encryptors_test.rb +0 -3
- data/test/failure_app_test.rb +6 -1
- data/test/integration/authenticatable_test.rb +25 -85
- data/test/integration/http_authenticatable_test.rb +2 -10
- data/test/integration/lockable_test.rb +3 -22
- data/test/integration/recoverable_test.rb +1 -1
- data/test/integration/registerable_test.rb +31 -36
- data/test/integration/rememberable_test.rb +6 -24
- data/test/integration/token_authenticatable_test.rb +2 -4
- data/test/integration/trackable_test.rb +1 -1
- data/test/mailers/confirmation_instructions_test.rb +4 -10
- data/test/mailers/unlock_instructions_test.rb +1 -1
- data/test/mapping_test.rb +12 -24
- data/test/models/authenticatable_test.rb +3 -3
- data/test/models/confirmable_test.rb +29 -29
- data/test/models/http_authenticatable_test.rb +19 -0
- data/test/models/lockable_test.rb +45 -44
- data/test/models/recoverable_test.rb +7 -7
- data/test/models/rememberable_test.rb +7 -10
- data/test/models/validatable_test.rb +19 -24
- data/test/models_test.rb +2 -16
- data/test/orm/active_record.rb +3 -4
- data/test/orm/mongo_mapper.rb +2 -10
- data/test/rails_app/app/active_record/admin.rb +1 -1
- data/test/rails_app/app/active_record/user.rb +3 -3
- data/test/rails_app/app/controllers/application_controller.rb +1 -7
- data/test/rails_app/app/controllers/sessions_controller.rb +6 -0
- data/test/rails_app/app/controllers/users_controller.rb +0 -4
- data/test/rails_app/app/mongo_mapper/admin.rb +4 -7
- data/test/rails_app/app/mongo_mapper/user.rb +5 -8
- data/test/rails_app/config/application.rb +32 -0
- data/test/rails_app/config/boot.rb +7 -108
- data/test/rails_app/config/environment.rb +4 -41
- data/test/rails_app/config/environments/development.rb +15 -13
- data/test/rails_app/config/environments/production.rb +25 -20
- data/test/rails_app/config/environments/test.rb +23 -22
- data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
- data/test/rails_app/config/initializers/cookie_verification_secret.rb +7 -0
- data/test/rails_app/config/initializers/devise.rb +0 -3
- data/test/rails_app/config/initializers/session_store.rb +2 -2
- data/test/rails_app/config/routes.rb +17 -21
- data/test/routes_test.rb +30 -47
- data/test/support/{assertions_helper.rb → assertions.rb} +0 -15
- data/test/support/{tests_helper.rb → helpers.rb} +16 -3
- data/test/support/{integration_tests_helper.rb → integration.rb} +8 -4
- data/test/support/webrat/integrations/rails.rb +31 -0
- data/test/test_helper.rb +8 -7
- data/test/test_helpers_test.rb +9 -9
- metadata +53 -128
- data/app/models/devise_mailer.rb +0 -68
- data/app/views/devise_mailer/confirmation_instructions.html.erb +0 -5
- data/app/views/devise_mailer/reset_password_instructions.html.erb +0 -8
- data/app/views/devise_mailer/unlock_instructions.html.erb +0 -7
- data/generators/devise/USAGE +0 -5
- data/generators/devise/devise_generator.rb +0 -15
- data/generators/devise/lib/route_devise.rb +0 -32
- data/generators/devise/templates/model.rb +0 -9
- data/generators/devise_install/USAGE +0 -3
- data/generators/devise_install/devise_install_generator.rb +0 -15
- data/generators/devise_views/USAGE +0 -3
- data/generators/devise_views/devise_views_generator.rb +0 -21
- data/rails/init.rb +0 -2
- data/test/integration/rack_middleware_test.rb +0 -47
- data/test/rails_app/config/initializers/new_rails_defaults.rb +0 -24
@@ -16,8 +16,7 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
|
|
16
16
|
test 'signing in with valid authentication token - but improper authentication token key - return to sign in form with error message' do
|
17
17
|
swap Devise, :token_authentication_key => :donald_duck_token do
|
18
18
|
sign_in_as_new_user_with_token(:auth_token_key => :secret_token)
|
19
|
-
|
20
|
-
follow_redirect!
|
19
|
+
assert_current_path new_user_session_path(:unauthenticated => true)
|
21
20
|
|
22
21
|
assert_contain 'You need to sign in or sign up before continuing'
|
23
22
|
assert_contain 'Sign in'
|
@@ -28,8 +27,7 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
|
|
28
27
|
test 'signing in with invalid authentication token should return to sign in form with error message' do
|
29
28
|
store_translations :en, :devise => {:sessions => {:invalid_token => 'LOL, that was not a single character correct.'}} do
|
30
29
|
sign_in_as_new_user_with_token(:auth_token => '*** INVALID TOKEN ***')
|
31
|
-
|
32
|
-
follow_redirect!
|
30
|
+
assert_current_path new_user_session_path(:invalid_token => true)
|
33
31
|
|
34
32
|
assert_response :success
|
35
33
|
assert_contain 'LOL, that was not a single character correct.'
|
@@ -59,22 +59,16 @@ class ConfirmationInstructionsTest < ActionMailer::TestCase
|
|
59
59
|
|
60
60
|
test 'renders a scoped if scoped_views is set to true' do
|
61
61
|
swap Devise, :scoped_views => true do
|
62
|
-
assert_equal user.email, mail.body
|
63
|
-
end
|
64
|
-
end
|
65
|
-
|
66
|
-
test 'content type should be set to plain when manually configured' do
|
67
|
-
swap Devise, :mailer_content_type => "text/plain" do
|
68
|
-
assert_equal "text/plain", mail.content_type
|
62
|
+
assert_equal user.email, mail.body.decoded
|
69
63
|
end
|
70
64
|
end
|
71
65
|
|
72
66
|
test 'renders a scoped if scoped_views is set in the mailer class' do
|
73
67
|
begin
|
74
|
-
|
75
|
-
assert_equal user.email, mail.body
|
68
|
+
Devise::Mailer.scoped_views = true
|
69
|
+
assert_equal user.email, mail.body.decoded
|
76
70
|
ensure
|
77
|
-
|
71
|
+
Devise::Mailer.send :remove_instance_variable, :@scoped_views
|
78
72
|
end
|
79
73
|
end
|
80
74
|
|
data/test/mapping_test.rb
CHANGED
@@ -39,17 +39,22 @@ class MappingTest < ActiveSupport::TestCase
|
|
39
39
|
assert_equal Devise.mappings[:admin], Devise::Mapping.find_by_path("/admin_area/session")
|
40
40
|
end
|
41
41
|
|
42
|
+
test 'find mapping by class' do
|
43
|
+
assert_nil Devise::Mapping.find_by_class(String)
|
44
|
+
assert_equal Devise.mappings[:user], Devise::Mapping.find_by_class(User)
|
45
|
+
end
|
46
|
+
|
47
|
+
test 'find mapping by class works with single table inheritance' do
|
48
|
+
klass = Class.new(User)
|
49
|
+
assert_equal Devise.mappings[:user], Devise::Mapping.find_by_class(klass)
|
50
|
+
end
|
51
|
+
|
42
52
|
test 'find scope for a given object' do
|
43
53
|
assert_equal :user, Devise::Mapping.find_scope!(User)
|
44
54
|
assert_equal :user, Devise::Mapping.find_scope!(:user)
|
45
55
|
assert_equal :user, Devise::Mapping.find_scope!(User.new)
|
46
56
|
end
|
47
57
|
|
48
|
-
test 'find scope works with single table inheritance' do
|
49
|
-
assert_equal :user, Devise::Mapping.find_scope!(Class.new(User))
|
50
|
-
assert_equal :user, Devise::Mapping.find_scope!(Class.new(User).new)
|
51
|
-
end
|
52
|
-
|
53
58
|
test 'find scope raises an error if cannot be found' do
|
54
59
|
assert_raise RuntimeError do
|
55
60
|
Devise::Mapping.find_scope!(String)
|
@@ -62,7 +67,7 @@ class MappingTest < ActiveSupport::TestCase
|
|
62
67
|
assert_equal 'sign_out', mapping.path_names[:sign_out]
|
63
68
|
assert_equal 'password', mapping.path_names[:password]
|
64
69
|
assert_equal 'confirmation', mapping.path_names[:confirmation]
|
65
|
-
assert_equal 'sign_up',
|
70
|
+
assert_equal 'sign_up', mapping.path_names[:sign_up]
|
66
71
|
assert_equal 'unlock', mapping.path_names[:unlock]
|
67
72
|
end
|
68
73
|
|
@@ -124,30 +129,13 @@ class MappingTest < ActiveSupport::TestCase
|
|
124
129
|
end
|
125
130
|
end
|
126
131
|
|
127
|
-
test 'should have default route options' do
|
128
|
-
assert_equal({}, Devise.mappings[:user].route_options)
|
129
|
-
end
|
130
|
-
|
131
|
-
test 'should allow passing route options to devise routes' do
|
132
|
-
assert_equal({ :requirements => { :extra => 'value' } }, Devise.mappings[:manager].route_options)
|
133
|
-
end
|
134
|
-
|
135
|
-
test 'sign_out_via defaults to :get' do
|
136
|
-
assert_equal :get, Devise.mappings[:user].sign_out_via
|
137
|
-
end
|
138
|
-
|
139
|
-
test 'allows custom sign_out_via to be given' do
|
140
|
-
assert_equal :delete, Devise.mappings[:sign_out_via_delete].sign_out_via
|
141
|
-
assert_equal :post, Devise.mappings[:sign_out_via_post].sign_out_via
|
142
|
-
assert_equal :any, Devise.mappings[:sign_out_via_anymethod].sign_out_via
|
143
|
-
end
|
144
|
-
|
145
132
|
test 'magic predicates' do
|
146
133
|
mapping = Devise.mappings[:user]
|
147
134
|
assert mapping.authenticatable?
|
148
135
|
assert mapping.confirmable?
|
149
136
|
assert mapping.recoverable?
|
150
137
|
assert mapping.rememberable?
|
138
|
+
assert mapping.registerable?
|
151
139
|
|
152
140
|
mapping = Devise.mappings[:admin]
|
153
141
|
assert mapping.authenticatable?
|
@@ -100,7 +100,7 @@ class AuthenticatableTest < ActiveSupport::TestCase
|
|
100
100
|
|
101
101
|
test 'should authenticate a valid user with email and password and return it' do
|
102
102
|
user = create_user
|
103
|
-
|
103
|
+
user.confirm!
|
104
104
|
authenticated_user = User.authenticate(:email => user.email, :password => user.password)
|
105
105
|
assert_equal authenticated_user, user
|
106
106
|
end
|
@@ -146,7 +146,7 @@ class AuthenticatableTest < ActiveSupport::TestCase
|
|
146
146
|
assert_not user.update_with_password(:current_password => 'other',
|
147
147
|
:password => 'pass321', :password_confirmation => 'pass321')
|
148
148
|
assert user.reload.valid_password?('123456')
|
149
|
-
assert_match
|
149
|
+
assert_match "is invalid", user.errors[:current_password].join
|
150
150
|
end
|
151
151
|
|
152
152
|
test 'should add an error to current password when it is blank' do
|
@@ -154,7 +154,7 @@ class AuthenticatableTest < ActiveSupport::TestCase
|
|
154
154
|
assert_not user.update_with_password(:password => 'pass321',
|
155
155
|
:password_confirmation => 'pass321')
|
156
156
|
assert user.reload.valid_password?('123456')
|
157
|
-
assert_match
|
157
|
+
assert_match "can't be blank", user.errors[:current_password].join
|
158
158
|
end
|
159
159
|
|
160
160
|
test 'should ignore password and its confirmation if they are blank' do
|
@@ -11,6 +11,15 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
11
11
|
assert_not_nil create_user.confirmation_token
|
12
12
|
end
|
13
13
|
|
14
|
+
test 'should regenerate confirmation token each time' do
|
15
|
+
user = create_user
|
16
|
+
3.times do
|
17
|
+
token = user.confirmation_token
|
18
|
+
user.resend_confirmation!
|
19
|
+
assert_not_equal token, user.confirmation_token
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
14
23
|
test 'should never generate the same confirmation token for different users' do
|
15
24
|
confirmation_tokens = []
|
16
25
|
3.times do
|
@@ -45,38 +54,38 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
45
54
|
test 'should not confirm a user already confirmed' do
|
46
55
|
user = create_user
|
47
56
|
assert user.confirm!
|
48
|
-
|
57
|
+
assert_blank user.errors[:email]
|
49
58
|
|
50
59
|
assert_not user.confirm!
|
51
|
-
|
60
|
+
assert_equal "was already confirmed", user.errors[:email].join
|
52
61
|
end
|
53
62
|
|
54
63
|
test 'should find and confirm an user automatically' do
|
55
64
|
user = create_user
|
56
|
-
confirmed_user = User.
|
65
|
+
confirmed_user = User.confirm!(:confirmation_token => user.confirmation_token)
|
57
66
|
assert_equal confirmed_user, user
|
58
67
|
assert user.reload.confirmed?
|
59
68
|
end
|
60
69
|
|
61
70
|
test 'should return a new record with errors when a invalid token is given' do
|
62
|
-
confirmed_user = User.
|
71
|
+
confirmed_user = User.confirm!(:confirmation_token => 'invalid_confirmation_token')
|
63
72
|
assert confirmed_user.new_record?
|
64
|
-
|
73
|
+
assert_equal "is invalid", confirmed_user.errors[:confirmation_token].join
|
65
74
|
end
|
66
75
|
|
67
76
|
test 'should return a new record with errors when a blank token is given' do
|
68
|
-
confirmed_user = User.
|
77
|
+
confirmed_user = User.confirm!(:confirmation_token => '')
|
69
78
|
assert confirmed_user.new_record?
|
70
|
-
|
79
|
+
assert_equal "can't be blank", confirmed_user.errors[:confirmation_token].join
|
71
80
|
end
|
72
81
|
|
73
82
|
test 'should generate errors for a user email if user is already confirmed' do
|
74
83
|
user = create_user
|
75
84
|
user.confirmed_at = Time.now
|
76
85
|
user.save
|
77
|
-
confirmed_user = User.
|
86
|
+
confirmed_user = User.confirm!(:confirmation_token => user.confirmation_token)
|
78
87
|
assert confirmed_user.confirmed?
|
79
|
-
|
88
|
+
assert_equal "was already confirmed", confirmed_user.errors[:email].join
|
80
89
|
end
|
81
90
|
|
82
91
|
test 'should authenticate a confirmed user' do
|
@@ -125,7 +134,14 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
125
134
|
test 'should add error to new user email if no email was found' do
|
126
135
|
confirmation_user = User.send_confirmation_instructions(:email => "invalid@email.com")
|
127
136
|
assert confirmation_user.errors[:email]
|
128
|
-
assert_equal
|
137
|
+
assert_equal "not found", confirmation_user.errors[:email].join
|
138
|
+
end
|
139
|
+
|
140
|
+
test 'should generate a confirmation token before send the confirmation instructions email' do
|
141
|
+
user = create_user
|
142
|
+
token = user.confirmation_token
|
143
|
+
confirmation_user = User.send_confirmation_instructions(:email => user.email)
|
144
|
+
assert_not_equal token, user.reload.confirmation_token
|
129
145
|
end
|
130
146
|
|
131
147
|
test 'should send email instructions for the user confirm it\'s email' do
|
@@ -134,14 +150,6 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
134
150
|
User.send_confirmation_instructions(:email => user.email)
|
135
151
|
end
|
136
152
|
end
|
137
|
-
|
138
|
-
test 'should always have confirmation token when email is sent' do
|
139
|
-
user = new_user
|
140
|
-
user.instance_eval { def confirmation_required?; false end }
|
141
|
-
user.save
|
142
|
-
user.send_confirmation_instructions
|
143
|
-
assert_not_nil user.reload.confirmation_token
|
144
|
-
end
|
145
153
|
|
146
154
|
test 'should not resend email instructions if the user change his email' do
|
147
155
|
user = create_user
|
@@ -165,9 +173,9 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
165
173
|
test 'should not be able to send instructions if the user is already confirmed' do
|
166
174
|
user = create_user
|
167
175
|
user.confirm!
|
168
|
-
assert_not user.
|
176
|
+
assert_not user.resend_confirmation!
|
169
177
|
assert user.confirmed?
|
170
|
-
assert_equal 'already confirmed', user.errors[:email]
|
178
|
+
assert_equal 'was already confirmed', user.errors[:email].join
|
171
179
|
end
|
172
180
|
|
173
181
|
test 'confirm time should fallback to devise confirm in default configuration' do
|
@@ -208,7 +216,7 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
208
216
|
Devise.confirm_within = 0.days
|
209
217
|
user = create_user
|
210
218
|
user.confirmation_sent_at = Date.today
|
211
|
-
assert_not user.
|
219
|
+
assert_not user.active?
|
212
220
|
end
|
213
221
|
|
214
222
|
test 'should not be active without confirmation' do
|
@@ -217,12 +225,4 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
217
225
|
user.save
|
218
226
|
assert_not user.reload.active?
|
219
227
|
end
|
220
|
-
|
221
|
-
test 'should be active without confirmation when confirmation is not required' do
|
222
|
-
user = create_user
|
223
|
-
user.instance_eval { def confirmation_required?; false end }
|
224
|
-
user.confirmation_sent_at = nil
|
225
|
-
user.save
|
226
|
-
assert user.reload.active?
|
227
|
-
end
|
228
228
|
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
|
3
|
+
class HttpAuthenticatableTest < ActiveSupport::TestCase
|
4
|
+
test 'should authenticate a valid user with email and password and return it' do
|
5
|
+
user = create_user
|
6
|
+
user.confirm!
|
7
|
+
|
8
|
+
authenticated_user = User.authenticate_with_http(user.email, user.password)
|
9
|
+
assert_equal authenticated_user, user
|
10
|
+
end
|
11
|
+
|
12
|
+
test 'should return nil when authenticating an invalid user by email' do
|
13
|
+
user = create_user
|
14
|
+
user.confirm!
|
15
|
+
|
16
|
+
authenticated_user = User.authenticate_with_http('another.email@email.com', user.password)
|
17
|
+
assert_nil authenticated_user
|
18
|
+
end
|
19
|
+
end
|
@@ -9,6 +9,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
9
9
|
test "should increment failed attempts on unsuccessful authentication" do
|
10
10
|
user = create_user
|
11
11
|
assert_equal 0, user.failed_attempts
|
12
|
+
|
12
13
|
authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword")
|
13
14
|
assert_equal 1, user.reload.failed_attempts
|
14
15
|
end
|
@@ -17,14 +18,14 @@ class LockableTest < ActiveSupport::TestCase
|
|
17
18
|
user = create_user
|
18
19
|
attempts = Devise.maximum_attempts + 1
|
19
20
|
attempts.times { authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword") }
|
20
|
-
assert user.reload.
|
21
|
+
assert user.reload.locked?
|
21
22
|
end
|
22
23
|
|
23
24
|
test "should respect maximum attempts configuration" do
|
24
25
|
user = create_user
|
25
26
|
swap Devise, :maximum_attempts => 2 do
|
26
27
|
3.times { authenticated_user = User.authenticate(:email => user.email, :password => "anotherpassword") }
|
27
|
-
assert user.reload.
|
28
|
+
assert user.reload.locked?
|
28
29
|
end
|
29
30
|
end
|
30
31
|
|
@@ -36,50 +37,41 @@ class LockableTest < ActiveSupport::TestCase
|
|
36
37
|
assert_equal 0, user.reload.failed_attempts
|
37
38
|
end
|
38
39
|
|
39
|
-
test "should verify
|
40
|
+
test "should verify wheter a user is locked or not" do
|
40
41
|
user = create_user
|
41
|
-
assert_not user.
|
42
|
-
user.
|
43
|
-
assert user.
|
42
|
+
assert_not user.locked?
|
43
|
+
user.lock!
|
44
|
+
assert user.locked?
|
44
45
|
end
|
45
46
|
|
46
47
|
test "active? should be the opposite of locked?" do
|
47
48
|
user = create_user
|
48
49
|
user.confirm!
|
49
50
|
assert user.active?
|
50
|
-
user.
|
51
|
+
user.lock!
|
51
52
|
assert_not user.active?
|
52
53
|
end
|
53
54
|
|
54
55
|
test "should unlock an user by cleaning locked_at, falied_attempts and unlock_token" do
|
55
56
|
user = create_user
|
56
|
-
user.
|
57
|
+
user.lock!
|
57
58
|
assert_not_nil user.reload.locked_at
|
58
59
|
assert_not_nil user.reload.unlock_token
|
59
60
|
|
60
|
-
user.
|
61
|
+
user.unlock!
|
61
62
|
assert_nil user.reload.locked_at
|
62
63
|
assert_nil user.reload.unlock_token
|
63
64
|
assert 0, user.reload.failed_attempts
|
64
65
|
end
|
65
66
|
|
66
|
-
test "should not lock a locked account" do
|
67
|
-
user = create_user
|
68
|
-
user.lock_access!
|
69
|
-
assert_no_difference "ActionMailer::Base.deliveries.size" do
|
70
|
-
user.lock_access!
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
67
|
test 'should not unlock an unlocked user' do
|
75
68
|
user = create_user
|
76
|
-
|
77
|
-
|
78
|
-
assert_match /not locked/, user.errors[:email]
|
69
|
+
assert_not user.unlock!
|
70
|
+
assert_match "was not locked", user.errors[:email].join
|
79
71
|
end
|
80
72
|
|
81
73
|
test "new user should not be locked and should have zero failed_attempts" do
|
82
|
-
assert_not new_user.
|
74
|
+
assert_not new_user.locked?
|
83
75
|
assert_equal 0, create_user.failed_attempts
|
84
76
|
end
|
85
77
|
|
@@ -87,10 +79,10 @@ class LockableTest < ActiveSupport::TestCase
|
|
87
79
|
swap Devise, :unlock_in => 3.hours do
|
88
80
|
user = new_user
|
89
81
|
user.locked_at = 2.hours.ago
|
90
|
-
assert user.
|
82
|
+
assert user.locked?
|
91
83
|
|
92
84
|
Devise.unlock_in = 1.hour
|
93
|
-
assert_not user.
|
85
|
+
assert_not user.locked?
|
94
86
|
end
|
95
87
|
end
|
96
88
|
|
@@ -98,22 +90,32 @@ class LockableTest < ActiveSupport::TestCase
|
|
98
90
|
swap Devise, :unlock_strategy => :email do
|
99
91
|
user = new_user
|
100
92
|
user.locked_at = 2.hours.ago
|
101
|
-
assert user.
|
93
|
+
assert user.locked?
|
102
94
|
end
|
103
95
|
end
|
104
96
|
|
105
97
|
test "should set unlock_token when locking" do
|
106
98
|
user = create_user
|
107
99
|
assert_nil user.unlock_token
|
108
|
-
user.
|
100
|
+
user.lock!
|
109
101
|
assert_not_nil user.unlock_token
|
110
102
|
end
|
111
103
|
|
104
|
+
test 'should not regenerate unlock token if it already exists' do
|
105
|
+
user = create_user
|
106
|
+
user.lock!
|
107
|
+
3.times do
|
108
|
+
token = user.unlock_token
|
109
|
+
user.resend_unlock!
|
110
|
+
assert_equal token, user.unlock_token
|
111
|
+
end
|
112
|
+
end
|
113
|
+
|
112
114
|
test "should never generate the same unlock token for different users" do
|
113
115
|
unlock_tokens = []
|
114
116
|
3.times do
|
115
117
|
user = create_user
|
116
|
-
user.
|
118
|
+
user.lock!
|
117
119
|
token = user.unlock_token
|
118
120
|
assert !unlock_tokens.include?(token)
|
119
121
|
unlock_tokens << token
|
@@ -123,7 +125,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
123
125
|
test "should not generate unlock_token when :email is not an unlock strategy" do
|
124
126
|
swap Devise, :unlock_strategy => :time do
|
125
127
|
user = create_user
|
126
|
-
user.
|
128
|
+
user.lock!
|
127
129
|
assert_nil user.unlock_token
|
128
130
|
end
|
129
131
|
end
|
@@ -132,7 +134,7 @@ class LockableTest < ActiveSupport::TestCase
|
|
132
134
|
swap Devise, :unlock_strategy => :email do
|
133
135
|
user = create_user
|
134
136
|
assert_email_sent do
|
135
|
-
user.
|
137
|
+
user.lock!
|
136
138
|
end
|
137
139
|
end
|
138
140
|
end
|
@@ -141,42 +143,42 @@ class LockableTest < ActiveSupport::TestCase
|
|
141
143
|
swap Devise, :unlock_strategy => :time do
|
142
144
|
user = create_user
|
143
145
|
assert_email_not_sent do
|
144
|
-
user.
|
146
|
+
user.lock!
|
145
147
|
end
|
146
148
|
end
|
147
149
|
end
|
148
150
|
|
149
151
|
test 'should find and unlock an user automatically' do
|
150
152
|
user = create_user
|
151
|
-
user.
|
152
|
-
locked_user = User.
|
153
|
+
user.lock!
|
154
|
+
locked_user = User.unlock!(:unlock_token => user.unlock_token)
|
153
155
|
assert_equal locked_user, user
|
154
|
-
assert_not user.reload.
|
156
|
+
assert_not user.reload.locked?
|
155
157
|
end
|
156
158
|
|
157
159
|
test 'should return a new record with errors when a invalid token is given' do
|
158
|
-
locked_user = User.
|
160
|
+
locked_user = User.unlock!(:unlock_token => 'invalid_token')
|
159
161
|
assert locked_user.new_record?
|
160
|
-
|
162
|
+
assert_equal "is invalid", locked_user.errors[:unlock_token].join
|
161
163
|
end
|
162
164
|
|
163
165
|
test 'should return a new record with errors when a blank token is given' do
|
164
|
-
locked_user = User.
|
166
|
+
locked_user = User.unlock!(:unlock_token => '')
|
165
167
|
assert locked_user.new_record?
|
166
|
-
|
168
|
+
assert_equal "can't be blank", locked_user.errors[:unlock_token].join
|
167
169
|
end
|
168
170
|
|
169
171
|
test 'should authenticate a unlocked user' do
|
170
172
|
user = create_user
|
171
|
-
user.
|
172
|
-
user.
|
173
|
+
user.lock!
|
174
|
+
user.unlock!
|
173
175
|
authenticated_user = User.authenticate(:email => user.email, :password => user.password)
|
174
176
|
assert_equal authenticated_user, user
|
175
177
|
end
|
176
178
|
|
177
179
|
test 'should find a user to send unlock instructions' do
|
178
180
|
user = create_user
|
179
|
-
user.
|
181
|
+
user.lock!
|
180
182
|
unlock_user = User.send_unlock_instructions(:email => user.email)
|
181
183
|
assert_equal unlock_user, user
|
182
184
|
end
|
@@ -188,15 +190,14 @@ class LockableTest < ActiveSupport::TestCase
|
|
188
190
|
|
189
191
|
test 'should add error to new user email if no email was found' do
|
190
192
|
unlock_user = User.send_unlock_instructions(:email => "invalid@email.com")
|
191
|
-
|
192
|
-
assert_equal 'not found', unlock_user.errors[:email]
|
193
|
+
assert_equal 'not found', unlock_user.errors[:email].join
|
193
194
|
end
|
194
195
|
|
195
196
|
test 'should not be able to send instructions if the user is not locked' do
|
196
197
|
user = create_user
|
197
|
-
assert_not user.
|
198
|
-
assert_not user.
|
199
|
-
assert_equal 'not locked', user.errors[:email]
|
198
|
+
assert_not user.resend_unlock!
|
199
|
+
assert_not user.locked?
|
200
|
+
assert_equal 'was not locked', user.errors[:email].join
|
200
201
|
end
|
201
202
|
|
202
203
|
end
|