devise 1.1.pre4 → 1.1.rc0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/CHANGELOG.rdoc +31 -2
- data/Gemfile +15 -6
- data/README.rdoc +12 -16
- data/Rakefile +2 -2
- data/TODO +2 -1
- data/app/controllers/devise/confirmations_controller.rb +1 -1
- data/app/controllers/devise/passwords_controller.rb +2 -3
- data/app/controllers/devise/registrations_controller.rb +5 -5
- data/app/controllers/devise/sessions_controller.rb +5 -27
- data/app/controllers/devise/unlocks_controller.rb +9 -1
- data/app/models/devise/mailer.rb +17 -11
- data/app/views/devise/confirmations/new.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +1 -1
- data/app/views/devise/passwords/new.html.erb +1 -1
- data/app/views/devise/registrations/edit.html.erb +2 -2
- data/app/views/devise/registrations/new.html.erb +2 -2
- data/app/views/devise/sessions/new.html.erb +2 -2
- data/app/views/devise/shared/_links.erb +5 -5
- data/app/views/devise/unlocks/new.html.erb +1 -1
- data/config/locales/en.yml +4 -9
- data/lib/devise.rb +83 -42
- data/lib/devise/controllers/helpers.rb +6 -18
- data/lib/devise/controllers/internal_helpers.rb +11 -12
- data/lib/devise/controllers/scoped_views.rb +2 -2
- data/lib/devise/controllers/url_helpers.rb +1 -1
- data/lib/devise/failure_app.rb +56 -16
- data/lib/devise/hooks/activatable.rb +18 -6
- data/lib/devise/hooks/rememberable.rb +36 -27
- data/lib/devise/hooks/timeoutable.rb +1 -1
- data/lib/devise/hooks/trackable.rb +4 -2
- data/lib/devise/mapping.rb +19 -14
- data/lib/devise/models.rb +12 -3
- data/lib/devise/models/authenticatable.rb +19 -95
- data/lib/devise/models/confirmable.rb +14 -20
- data/lib/devise/models/database_authenticatable.rb +99 -0
- data/lib/devise/models/lockable.rb +53 -39
- data/lib/devise/models/recoverable.rb +3 -3
- data/lib/devise/models/rememberable.rb +5 -10
- data/lib/devise/models/token_authenticatable.rb +18 -25
- data/lib/devise/models/validatable.rb +14 -9
- data/lib/devise/modules.rb +7 -8
- data/lib/devise/orm/active_record.rb +1 -1
- data/lib/devise/orm/data_mapper.rb +20 -7
- data/lib/devise/orm/mongoid.rb +40 -0
- data/lib/devise/rails.rb +26 -3
- data/lib/devise/rails/routes.rb +18 -16
- data/lib/devise/rails/warden_compat.rb +2 -2
- data/lib/devise/schema.rb +45 -18
- data/lib/devise/strategies/authenticatable.rb +92 -21
- data/lib/devise/strategies/base.rb +6 -3
- data/lib/devise/strategies/database_authenticatable.rb +20 -0
- data/lib/devise/strategies/rememberable.rb +10 -6
- data/lib/devise/strategies/token_authenticatable.rb +28 -19
- data/lib/devise/test_helpers.rb +5 -1
- data/lib/devise/version.rb +1 -1
- data/lib/generators/devise/devise_generator.rb +15 -5
- data/lib/generators/devise/templates/migration.rb +2 -2
- data/lib/generators/devise_install/templates/devise.rb +37 -16
- data/lib/generators/devise_views/devise_views_generator.rb +51 -4
- data/test/controllers/helpers_test.rb +16 -8
- data/test/controllers/internal_helpers_test.rb +6 -1
- data/test/controllers/url_helpers_test.rb +10 -10
- data/test/devise_test.rb +13 -17
- data/test/encryptors_test.rb +2 -0
- data/test/failure_app_test.rb +72 -23
- data/test/integration/confirmable_test.rb +4 -4
- data/test/integration/{authenticatable_test.rb → database_authenticatable_test.rb} +35 -17
- data/test/integration/http_authenticatable_test.rb +3 -3
- data/test/integration/lockable_test.rb +28 -8
- data/test/integration/recoverable_test.rb +3 -3
- data/test/integration/registerable_test.rb +6 -4
- data/test/integration/rememberable_test.rb +11 -4
- data/test/integration/timeoutable_test.rb +4 -4
- data/test/integration/token_authenticatable_test.rb +46 -10
- data/test/integration/trackable_test.rb +2 -2
- data/test/mailers/confirmation_instructions_test.rb +5 -5
- data/test/mailers/reset_password_instructions_test.rb +5 -5
- data/test/mailers/unlock_instructions_test.rb +5 -5
- data/test/mapping_test.rb +15 -14
- data/test/models/confirmable_test.rb +9 -32
- data/test/models/{authenticatable_test.rb → database_authenticatable_test.rb} +2 -34
- data/test/models/lockable_test.rb +48 -66
- data/test/models/recoverable_test.rb +8 -8
- data/test/models/rememberable_test.rb +6 -28
- data/test/models/timeoutable_test.rb +1 -1
- data/test/models/token_authenticatable_test.rb +1 -8
- data/test/models/trackable_test.rb +1 -1
- data/test/models/validatable_test.rb +2 -2
- data/test/models_test.rb +16 -2
- data/test/orm/active_record.rb +1 -22
- data/test/orm/data_mapper.rb +1 -0
- data/test/orm/mongoid.rb +10 -0
- data/test/rails_app/app/active_record/admin.rb +1 -5
- data/test/rails_app/app/controllers/application_controller.rb +2 -0
- data/test/rails_app/app/controllers/sessions_controller.rb +1 -1
- data/test/rails_app/app/data_mapper/admin.rb +13 -0
- data/test/rails_app/app/data_mapper/user.rb +24 -0
- data/test/rails_app/app/mongoid/admin.rb +15 -0
- data/test/rails_app/app/mongoid/user.rb +21 -0
- data/test/rails_app/config/application.rb +10 -5
- data/test/rails_app/config/boot.rb +5 -1
- data/test/rails_app/config/initializers/devise.rb +1 -1
- data/test/rails_app/config/routes.rb +4 -1
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +27 -0
- data/test/rails_app/db/schema.rb +86 -0
- data/test/routes_test.rb +3 -3
- data/test/support/assertions.rb +2 -0
- data/test/support/helpers.rb +2 -0
- data/test/support/integration.rb +4 -7
- data/test/support/webrat/integrations/rails.rb +2 -1
- data/test/test_helper.rb +5 -2
- data/test/test_helpers_test.rb +4 -4
- metadata +36 -21
- data/lib/devise/models/http_authenticatable.rb +0 -19
- data/lib/devise/orm/mongo_mapper.rb +0 -49
- data/lib/devise/strategies/http_authenticatable.rb +0 -47
- data/test/models/http_authenticatable_test.rb +0 -19
- data/test/orm/mongo_mapper.rb +0 -12
- data/test/rails_app/app/mongo_mapper/admin.rb +0 -10
- data/test/rails_app/app/mongo_mapper/user.rb +0 -11
- data/test/rails_app/config/initializers/cookie_verification_secret.rb +0 -7
- data/test/rails_app/config/initializers/session_store.rb +0 -15
@@ -4,31 +4,35 @@ module Devise
|
|
4
4
|
module Strategies
|
5
5
|
# Remember the user through the remember token. This strategy is responsible
|
6
6
|
# to verify whether there is a cookie with the remember token, and to
|
7
|
-
# recreate the user from this cookie if it exists.
|
7
|
+
# recreate the user from this cookie if it exists. Must be called *before*
|
8
8
|
# authenticatable.
|
9
9
|
class Rememberable < Devise::Strategies::Base
|
10
|
-
|
11
10
|
# A valid strategy for rememberable needs a remember token in the cookies.
|
12
11
|
def valid?
|
13
|
-
|
12
|
+
remember_cookie.present?
|
14
13
|
end
|
15
14
|
|
16
15
|
# To authenticate a user we deserialize the cookie and attempt finding
|
17
16
|
# the record in the database. If the attempt fails, we pass to another
|
18
17
|
# strategy handle the authentication.
|
19
18
|
def authenticate!
|
20
|
-
if resource = mapping.to.serialize_from_cookie(
|
19
|
+
if resource = mapping.to.serialize_from_cookie(*remember_cookie)
|
21
20
|
success!(resource)
|
22
21
|
else
|
22
|
+
cookies.delete(remember_key)
|
23
23
|
pass
|
24
24
|
end
|
25
25
|
end
|
26
26
|
|
27
27
|
private
|
28
28
|
|
29
|
+
def remember_key
|
30
|
+
"remember_#{scope}_token"
|
31
|
+
end
|
32
|
+
|
29
33
|
# Accessor for remember cookie
|
30
|
-
def
|
31
|
-
@
|
34
|
+
def remember_cookie
|
35
|
+
@remember_cookie ||= cookies.signed[remember_key]
|
32
36
|
end
|
33
37
|
end
|
34
38
|
end
|
@@ -2,33 +2,42 @@ require 'devise/strategies/base'
|
|
2
2
|
|
3
3
|
module Devise
|
4
4
|
module Strategies
|
5
|
-
# Strategy for signing in a user, based on a authenticatable token.
|
6
|
-
#
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
# success and the authenticated user if everything is okay. Otherwise redirect
|
14
|
-
# to sign in page.
|
5
|
+
# Strategy for signing in a user, based on a authenticatable token. This works for both params
|
6
|
+
# and http. For the former, all you need to do is to pass the params in the URL:
|
7
|
+
#
|
8
|
+
# http://myapp.example.com/?user_token=SECRET
|
9
|
+
#
|
10
|
+
# For HTTP, you can pass the token as username. Since some clients may require a password,
|
11
|
+
# you can pass anything and it will simply be ignored.
|
12
|
+
class TokenAuthenticatable < Authenticatable
|
15
13
|
def authenticate!
|
16
|
-
if resource = mapping.to.authenticate_with_token(
|
14
|
+
if resource = mapping.to.authenticate_with_token(authentication_hash)
|
17
15
|
success!(resource)
|
18
16
|
else
|
19
|
-
fail
|
17
|
+
fail(:invalid_token)
|
20
18
|
end
|
21
19
|
end
|
22
20
|
|
23
21
|
private
|
24
22
|
|
25
|
-
#
|
26
|
-
def
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
23
|
+
# TokenAuthenticatable request is valid for any controller and any verb.
|
24
|
+
def valid_request?
|
25
|
+
true
|
26
|
+
end
|
27
|
+
|
28
|
+
# Do not use remember_me behavir with token.
|
29
|
+
def remember_me?
|
30
|
+
false
|
31
|
+
end
|
32
|
+
|
33
|
+
# Try both scoped and non scoped keys.
|
34
|
+
def params_auth_hash
|
35
|
+
params[scope] || params
|
36
|
+
end
|
37
|
+
|
38
|
+
# Overwrite authentication keys to use token_authentication_key.
|
39
|
+
def authentication_keys
|
40
|
+
@authentication_keys ||= [mapping.to.token_authentication_key]
|
32
41
|
end
|
33
42
|
end
|
34
43
|
end
|
data/lib/devise/test_helpers.rb
CHANGED
@@ -15,7 +15,7 @@ module Devise
|
|
15
15
|
def initialize(controller)
|
16
16
|
@controller = controller
|
17
17
|
manager = Warden::Manager.new(nil) do |config|
|
18
|
-
Devise.
|
18
|
+
config.merge! Devise.warden_config
|
19
19
|
end
|
20
20
|
super(controller.request.env, manager)
|
21
21
|
end
|
@@ -24,6 +24,10 @@ module Devise
|
|
24
24
|
catch_with_redirect { super }
|
25
25
|
end
|
26
26
|
|
27
|
+
def user(*args)
|
28
|
+
catch_with_redirect { super }
|
29
|
+
end
|
30
|
+
|
27
31
|
def catch_with_redirect(&block)
|
28
32
|
result = catch(:warden, &block)
|
29
33
|
|
data/lib/devise/version.rb
CHANGED
@@ -18,22 +18,28 @@ class DeviseGenerator < Rails::Generators::NamedBase
|
|
18
18
|
Time.now.utc.strftime("%Y%m%d%H%M%S")
|
19
19
|
end
|
20
20
|
|
21
|
+
class_option :orm
|
21
22
|
class_option :migration, :type => :boolean, :default => orm_has_migration?
|
22
23
|
|
23
24
|
def invoke_orm_model
|
24
|
-
if
|
25
|
+
if model_exists?
|
25
26
|
say "* Model already exists. Adding Devise behavior."
|
26
27
|
else
|
27
|
-
invoke "model", [name], :migration => false
|
28
|
+
invoke "model", [name], :migration => false, :orm => options[:orm]
|
29
|
+
|
30
|
+
unless model_exists?
|
31
|
+
abort "Tried to invoke the model generator for '#{options[:orm]}' but could not find it.\n" <<
|
32
|
+
"Please create your model by hand before calling `rails g devise #{name}`."
|
33
|
+
end
|
28
34
|
end
|
29
35
|
end
|
30
36
|
|
31
37
|
def inject_devise_config_into_model
|
32
38
|
inject_into_class model_path, class_name, <<-CONTENT
|
33
39
|
# Include default devise modules. Others available are:
|
34
|
-
# :
|
35
|
-
devise :
|
36
|
-
:rememberable, :trackable, :validatable
|
40
|
+
# :token_authenticatable, :lockable, :timeoutable and :activatable
|
41
|
+
devise :database_authenticatable, :registerable, :confirmable,
|
42
|
+
:recoverable, :rememberable, :trackable, :validatable
|
37
43
|
|
38
44
|
# Setup accessible (or protected) attributes for your model
|
39
45
|
attr_accessible :email, :password, :password_confirmation
|
@@ -51,6 +57,10 @@ CONTENT
|
|
51
57
|
|
52
58
|
protected
|
53
59
|
|
60
|
+
def model_exists?
|
61
|
+
File.exists?(File.join(destination_root, model_path))
|
62
|
+
end
|
63
|
+
|
54
64
|
def model_path
|
55
65
|
@model_path ||= File.join("app", "models", "#{file_path}.rb")
|
56
66
|
end
|
@@ -1,12 +1,12 @@
|
|
1
1
|
class DeviseCreate<%= table_name.camelize %> < ActiveRecord::Migration
|
2
2
|
def self.up
|
3
3
|
create_table(:<%= table_name %>) do |t|
|
4
|
-
t.
|
4
|
+
t.database_authenticatable :null => false
|
5
5
|
t.confirmable
|
6
6
|
t.recoverable
|
7
7
|
t.rememberable
|
8
8
|
t.trackable
|
9
|
-
# t.lockable
|
9
|
+
# t.lockable :lock_strategy => :<%= Devise.lock_strategy %>, :unlock_strategy => :<%= Devise.unlock_strategy %>
|
10
10
|
|
11
11
|
t.timestamps
|
12
12
|
end
|
@@ -4,7 +4,24 @@ Devise.setup do |config|
|
|
4
4
|
# Configure the e-mail address which will be shown in DeviseMailer.
|
5
5
|
config.mailer_sender = "please-change-me@config-initializers-devise.com"
|
6
6
|
|
7
|
-
# ==> Configuration for
|
7
|
+
# ==> Configuration for any authentication mechanism
|
8
|
+
# Configure which keys are used when authenticating an user. By default is
|
9
|
+
# just :email. You can configure it to use [:username, :subdomain], so for
|
10
|
+
# authenticating an user, both parameters are required. Remember that those
|
11
|
+
# parameters are used only when authenticating and not when retrieving from
|
12
|
+
# session. If you need permissions, you should implement that in a before filter.
|
13
|
+
# config.authentication_keys = [ :email ]
|
14
|
+
|
15
|
+
# Tell if authentication through request.params is enabled. True by default.
|
16
|
+
# config.params_authenticatable = true
|
17
|
+
|
18
|
+
# Tell if authentication through HTTP Basic Auth is enabled. True by default.
|
19
|
+
# config.http_authenticatable = true
|
20
|
+
|
21
|
+
# The realm used in Http Basic Authentication
|
22
|
+
# config.http_authentication_realm = "Application"
|
23
|
+
|
24
|
+
# ==> Configuration for :database_authenticatable
|
8
25
|
# Invoke `rake secret` and use the printed value to setup a pepper to generate
|
9
26
|
# the encrypted password. By default no pepper is used.
|
10
27
|
# config.pepper = "rake secret output"
|
@@ -19,16 +36,6 @@ Devise.setup do |config|
|
|
19
36
|
# (then you should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)
|
20
37
|
# config.encryptor = :sha1
|
21
38
|
|
22
|
-
# Configure which keys are used when authenticating an user. By default is
|
23
|
-
# just :email. You can configure it to use [:username, :subdomain], so for
|
24
|
-
# authenticating an user, both parameters are required. Remember that those
|
25
|
-
# parameters are used only when authenticating and not when retrieving from
|
26
|
-
# session. If you need permissions, you should implement that in a before filter.
|
27
|
-
# config.authentication_keys = [ :email ]
|
28
|
-
|
29
|
-
# The realm used in Http Basic Authentication
|
30
|
-
# config.http_authentication_realm = "Application"
|
31
|
-
|
32
39
|
# ==> Configuration for :confirmable
|
33
40
|
# The time you want give to your user to confirm his account. During this time
|
34
41
|
# he will be able to access your application without confirming. Default is nil.
|
@@ -38,21 +45,35 @@ Devise.setup do |config|
|
|
38
45
|
# The time the user will be remembered without asking for credentials again.
|
39
46
|
# config.remember_for = 2.weeks
|
40
47
|
|
48
|
+
# ==> Configuration for :validatable
|
49
|
+
# Range for password length
|
50
|
+
# config.password_length = 6..20
|
51
|
+
|
52
|
+
# Regex to use to validate the email address
|
53
|
+
# config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
|
54
|
+
|
41
55
|
# ==> Configuration for :timeoutable
|
42
56
|
# The time you want to timeout the user session without activity. After this
|
43
57
|
# time the user will be asked for credentials again.
|
44
58
|
# config.timeout_in = 10.minutes
|
45
59
|
|
46
60
|
# ==> Configuration for :lockable
|
47
|
-
#
|
48
|
-
#
|
61
|
+
# Defines which strategy will be used to lock an account.
|
62
|
+
# :failed_attempts = Locks an account after a number of failed attempts to sign in.
|
63
|
+
# :none = No lock strategy. You should handle locking by yourself.
|
64
|
+
# config.lock_strategy = :failed_attempts
|
49
65
|
|
50
66
|
# Defines which strategy will be used to unlock an account.
|
51
67
|
# :email = Sends an unlock link to the user email
|
52
68
|
# :time = Reanables login after a certain ammount of time (see :unlock_in below)
|
53
|
-
# :both =
|
69
|
+
# :both = Enables both strategies
|
70
|
+
# :none = No unlock strategy. You should handle unlocking by yourself.
|
54
71
|
# config.unlock_strategy = :both
|
55
72
|
|
73
|
+
# Number of authentication tries before locking an account if lock_strategy
|
74
|
+
# is failed attempts.
|
75
|
+
# config.maximum_attempts = 20
|
76
|
+
|
56
77
|
# Time interval to unlock the account if :time is enabled as unlock_strategy.
|
57
78
|
# config.unlock_in = 1.hour
|
58
79
|
|
@@ -61,7 +82,7 @@ Devise.setup do |config|
|
|
61
82
|
# config.token_authentication_key = :auth_token
|
62
83
|
|
63
84
|
# ==> General configuration
|
64
|
-
# Load and configure the ORM. Supports :active_record (default), :
|
85
|
+
# Load and configure the ORM. Supports :active_record (default), :mongoid
|
65
86
|
# (requires mongo_ext installed) and :data_mapper (experimental).
|
66
87
|
require 'devise/orm/active_record'
|
67
88
|
|
@@ -90,6 +111,6 @@ Devise.setup do |config|
|
|
90
111
|
# twitter.consumer_key = <YOUR CONSUMER KEY>
|
91
112
|
# twitter.options :site => 'http://twitter.com'
|
92
113
|
# end
|
93
|
-
# manager.default_strategies.unshift :twitter_oauth
|
114
|
+
# manager.default_strategies(:scope => :user).unshift :twitter_oauth
|
94
115
|
# end
|
95
116
|
end
|
@@ -1,15 +1,62 @@
|
|
1
1
|
class DeviseViewsGenerator < Rails::Generators::Base
|
2
2
|
desc "Copies all Devise views to your application."
|
3
|
-
|
3
|
+
|
4
|
+
argument :scope, :required => false, :default => nil,
|
5
|
+
:desc => "The scope to copy views to"
|
6
|
+
|
7
|
+
class_option :template_engine, :type => :string, :aliases => "-t", :default => "erb",
|
8
|
+
:desc => "Template engine for the views. Available options are 'erb' and 'haml'."
|
9
|
+
|
4
10
|
def self.source_root
|
5
11
|
@_devise_source_root ||= File.expand_path("../../../../app/views", __FILE__)
|
6
12
|
end
|
7
13
|
|
8
14
|
def copy_views
|
9
|
-
|
15
|
+
case options[:template_engine]
|
16
|
+
when "haml"
|
17
|
+
verify_haml_existence
|
18
|
+
verify_haml_version
|
19
|
+
create_and_copy_haml_views
|
20
|
+
else
|
21
|
+
directory "devise", "app/views/devise/#{scope}"
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
protected
|
26
|
+
|
27
|
+
def verify_haml_existence
|
28
|
+
begin
|
29
|
+
require 'haml'
|
30
|
+
rescue LoadError
|
31
|
+
say "HAML is not installed, or it is not specified in your Gemfile."
|
32
|
+
exit
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
def verify_haml_version
|
37
|
+
unless Haml.version[:major] == 2 and Haml.version[:minor] >= 3 or Haml.version[:major] >= 3
|
38
|
+
say "To generate HAML templates, you need to install HAML 2.3 or above."
|
39
|
+
exit
|
40
|
+
end
|
10
41
|
end
|
42
|
+
|
43
|
+
def create_and_copy_haml_views
|
44
|
+
require 'tmpdir'
|
45
|
+
html_root = "#{self.class.source_root}/devise"
|
46
|
+
|
47
|
+
Dir.mktmpdir("devise-haml.") do |haml_root|
|
48
|
+
Dir["#{html_root}/**/*"].each do |path|
|
49
|
+
relative_path = path.sub(html_root, "")
|
50
|
+
source_path = (haml_root + relative_path).sub(/erb$/, "haml")
|
51
|
+
|
52
|
+
if File.directory?(path)
|
53
|
+
FileUtils.mkdir_p(source_path)
|
54
|
+
else
|
55
|
+
`html2haml -r #{path} #{source_path}`
|
56
|
+
end
|
57
|
+
end
|
11
58
|
|
12
|
-
|
13
|
-
|
59
|
+
directory haml_root, "app/views/devise/#{scope}"
|
60
|
+
end
|
14
61
|
end
|
15
62
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require '
|
1
|
+
require 'test_helper'
|
2
2
|
require 'ostruct'
|
3
3
|
|
4
4
|
class MockController < ApplicationController
|
@@ -23,6 +23,10 @@ class MockController < ApplicationController
|
|
23
23
|
"http"
|
24
24
|
end
|
25
25
|
|
26
|
+
def script_name
|
27
|
+
""
|
28
|
+
end
|
29
|
+
|
26
30
|
def symbolized_path_parameters
|
27
31
|
{}
|
28
32
|
end
|
@@ -117,20 +121,20 @@ class ControllerAuthenticableTest < ActionController::TestCase
|
|
117
121
|
|
118
122
|
test 'stored location for returns the location for a given scope' do
|
119
123
|
assert_nil @controller.stored_location_for(:user)
|
120
|
-
@controller.session[:"
|
124
|
+
@controller.session[:"user_return_to"] = "/foo.bar"
|
121
125
|
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
122
126
|
end
|
123
127
|
|
124
128
|
test 'stored location for accepts a resource as argument' do
|
125
129
|
assert_nil @controller.stored_location_for(:user)
|
126
|
-
@controller.session[:"
|
130
|
+
@controller.session[:"user_return_to"] = "/foo.bar"
|
127
131
|
assert_equal "/foo.bar", @controller.stored_location_for(User.new)
|
128
132
|
end
|
129
133
|
|
130
134
|
test 'stored location cleans information after reading' do
|
131
|
-
@controller.session[:"
|
135
|
+
@controller.session[:"user_return_to"] = "/foo.bar"
|
132
136
|
assert_equal "/foo.bar", @controller.stored_location_for(:user)
|
133
|
-
assert_nil @controller.session[:"
|
137
|
+
assert_nil @controller.session[:"user_return_to"]
|
134
138
|
end
|
135
139
|
|
136
140
|
test 'after sign in path defaults to root path if none by was specified for the given scope' do
|
@@ -148,7 +152,8 @@ class ControllerAuthenticableTest < ActionController::TestCase
|
|
148
152
|
|
149
153
|
test 'sign in and redirect uses the stored location' do
|
150
154
|
user = User.new
|
151
|
-
@controller.session[:"
|
155
|
+
@controller.session[:"user_return_to"] = "/foo.bar"
|
156
|
+
@mock_warden.expects(:user).with(:user).returns(nil)
|
152
157
|
@mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
|
153
158
|
@controller.expects(:redirect_to).with("/foo.bar")
|
154
159
|
@controller.sign_in_and_redirect(user)
|
@@ -156,15 +161,18 @@ class ControllerAuthenticableTest < ActionController::TestCase
|
|
156
161
|
|
157
162
|
test 'sign in and redirect uses the configured after sign in path' do
|
158
163
|
admin = Admin.new
|
164
|
+
@mock_warden.expects(:user).with(:admin).returns(nil)
|
159
165
|
@mock_warden.expects(:set_user).with(admin, :scope => :admin).returns(true)
|
160
166
|
@controller.expects(:redirect_to).with(admin_root_path)
|
161
167
|
@controller.sign_in_and_redirect(admin)
|
162
168
|
end
|
163
169
|
|
164
|
-
test '
|
170
|
+
test 'sign in and redirect does not sign in again if user is already signed' do
|
165
171
|
admin = Admin.new
|
172
|
+
@mock_warden.expects(:user).with(:admin).returns(admin)
|
173
|
+
@mock_warden.expects(:set_user).never
|
166
174
|
@controller.expects(:redirect_to).with(admin_root_path)
|
167
|
-
@controller.sign_in_and_redirect(
|
175
|
+
@controller.sign_in_and_redirect(admin)
|
168
176
|
end
|
169
177
|
|
170
178
|
test 'sign out and redirect uses the configured after sign out path' do
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require '
|
1
|
+
require 'test_helper'
|
2
2
|
|
3
3
|
class MyController < ApplicationController
|
4
4
|
include Devise::Controllers::InternalHelpers
|
@@ -7,6 +7,11 @@ end
|
|
7
7
|
class HelpersTest < ActionController::TestCase
|
8
8
|
tests MyController
|
9
9
|
|
10
|
+
def setup
|
11
|
+
@mock_warden = OpenStruct.new
|
12
|
+
@controller.request.env['warden'] = @mock_warden
|
13
|
+
end
|
14
|
+
|
10
15
|
test 'get resource name from request path' do
|
11
16
|
@request.path = '/users/session'
|
12
17
|
assert_equal :user, @controller.resource_name
|
@@ -1,9 +1,9 @@
|
|
1
|
-
require '
|
1
|
+
require 'test_helper'
|
2
2
|
|
3
3
|
class RoutesTest < ActionController::TestCase
|
4
4
|
tests ApplicationController
|
5
5
|
|
6
|
-
def
|
6
|
+
def assert_path_and_url(name, prepend_path=nil)
|
7
7
|
@request.path = '/users/session'
|
8
8
|
prepend_path = "#{prepend_path}_" if prepend_path
|
9
9
|
|
@@ -29,19 +29,19 @@ class RoutesTest < ActionController::TestCase
|
|
29
29
|
|
30
30
|
|
31
31
|
test 'should alias session to mapped user session' do
|
32
|
-
|
33
|
-
|
34
|
-
|
32
|
+
assert_path_and_url :session
|
33
|
+
assert_path_and_url :session, :new
|
34
|
+
assert_path_and_url :session, :destroy
|
35
35
|
end
|
36
36
|
|
37
37
|
test 'should alias password to mapped user password' do
|
38
|
-
|
39
|
-
|
40
|
-
|
38
|
+
assert_path_and_url :password
|
39
|
+
assert_path_and_url :password, :new
|
40
|
+
assert_path_and_url :password, :edit
|
41
41
|
end
|
42
42
|
|
43
43
|
test 'should alias confirmation to mapped user confirmation' do
|
44
|
-
|
45
|
-
|
44
|
+
assert_path_and_url :confirmation
|
45
|
+
assert_path_and_url :confirmation, :new
|
46
46
|
end
|
47
47
|
end
|