devise 1.4.2 → 1.4.3

data/lib/generators/templates/simple_form_for/registrations/edit.html.erb

@@ -4,7 +4,7 @@
   <%= f.error_notification %>
 
   <div class="inputs">
-    <%= f.input :email, :autofocus => true %>
+    <%= f.input :email, :required => true, :autofocus => true %>
     <%= f.input :password, :hint => "leave it blank if you don't want to change it", :required => false %>
     <%= f.input :password_confirmation, :required => false %>
     <%= f.input :current_password, :hint => "we need your current password to confirm your changes", :required => true %>

data/lib/generators/templates/simple_form_for/registrations/new.html.erb

@@ -4,9 +4,9 @@
   <%= f.error_notification %>
 
   <div class="inputs">
-    <%= f.input :email, :autofocus => true %>
-    <%= f.input :password %>
-    <%= f.input :password_confirmation %>
+    <%= f.input :email, :required => true, :autofocus => true %>
+    <%= f.input :password, :required => true %>
+    <%= f.input :password_confirmation, :required => true %>
   </div>
 
   <div class="actions">

data/test/controllers/helpers_test.rb

@@ -106,7 +106,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
     user = User.new
     @mock_warden.expects(:user).returns(user)
     @mock_warden.expects(:set_user).never
-    @controller.sign_in(user)
+    assert @controller.sign_in(user)
   end
 
   test 'sign in again when the user is already in only if force is given' do

data/test/generators/active_record_generator_test.rb

@@ -13,9 +13,22 @@ if DEVISE_ORM == :active_record
       assert_file "app/models/monster.rb", /devise/, /attr_accessible (:[a-z_]+(, )?)+/
       assert_migration "db/migrate/devise_create_monsters.rb"
     end
+    
+    test "update model migration when model exists" do
+      run_generator %w(monster)
+      assert_file "app/models/monster.rb"
+      run_generator %w(monster)
+      assert_migration "db/migrate/add_devise_to_monsters.rb"
+    end
   
     test "all files are properly deleted" do
       run_generator %w(monster)
+      run_generator %w(monster)
+      assert_migration "db/migrate/devise_create_monsters.rb"
+      assert_migration "db/migrate/add_devise_to_monsters.rb"
+      run_generator %w(monster), :behavior => :revoke
+      assert_no_migration "db/migrate/add_devise_to_monsters.rb"
+      assert_migration "db/migrate/devise_create_monsters.rb"
       run_generator %w(monster), :behavior => :revoke
       assert_no_file "app/models/monster.rb"
       assert_no_migration "db/migrate/devise_create_monsters.rb"

data/test/generators/mongoid_generator_test.rb

@@ -1,7 +1,7 @@
 require "test_helper"
 
-if DEVISE_ORM == :mongo_id
-  require "generators/mongo_id/devise_generator"
+if DEVISE_ORM == :mongoid
+  require "generators/mongoid/devise_generator"
 
   class MongoidGeneratorTest < Rails::Generators::TestCase
     tests Mongoid::Generators::DeviseGenerator
@@ -19,4 +19,5 @@ if DEVISE_ORM == :mongo_id
       assert_no_file "app/models/monster.rb"
     end
   end
-end
+end
+

data/test/helpers/devise_helper_test.rb

@@ -2,13 +2,16 @@ require 'test_helper'
 
 class DeviseHelperTest < ActionController::IntegrationTest
   setup do
+    model_labels = { :models => { :user => "utilisateur" } }
+
     I18n.backend.store_translations :fr,
     {
       :errors => { :messages => { :not_saved => {
         :one => "Erreur lors de l'enregistrement de '%{resource}': 1 erreur.",
         :other => "Erreur lors de l'enregistrement de '%{resource}': %{count} erreurs."
       } } },
-      :activerecord => { :models => { :user => "utilisateur" } }
+      :activerecord => model_labels,
+      :mongoid => model_labels
     }
 
     I18n.locale = 'fr'
@@ -30,6 +33,10 @@ class DeviseHelperTest < ActionController::IntegrationTest
   end
 
   test 'test errors.messages.not_saved with multiple errors from i18n' do
+    # Dirty tracking behavior prevents email validations from being applied:
+    #    https://github.com/mongoid/mongoid/issues/756
+    (pending "Fails on Mongoid < 2.1"; break) if defined?(Mongoid) && Mongoid::VERSION.to_f < 2.1
+
     get new_user_registration_path
 
     fill_in 'email', :with => 'invalid_email'
@@ -40,4 +47,5 @@ class DeviseHelperTest < ActionController::IntegrationTest
     assert_have_selector '#error_explanation'
     assert_contain "Erreur lors de l'enregistrement de 'utilisateur': 2 erreurs"
   end
-end
+end
+

data/test/integration/authenticatable_test.rb

@@ -454,6 +454,23 @@ class AuthenticationOthersTest < ActionController::IntegrationTest
   end
 end
 
+class AuthenticationKeysTest < ActionController::IntegrationTest
+  test 'missing authentication keys cause authentication to abort' do
+    swap Devise, :authentication_keys => [:subdomain] do
+      sign_in_as_user
+      assert_contain "Invalid email or password."
+      assert_not warden.authenticated?(:user)
+    end
+  end
+
+  test 'missing authentication keys cause authentication to abort unless marked as not required' do
+    swap Devise, :authentication_keys => { :email => true, :subdomain => false } do
+      sign_in_as_user
+      assert warden.authenticated?(:user)
+    end
+  end
+end
+
 class AuthenticationRequestKeysTest < ActionController::IntegrationTest
   test 'request keys are used on authentication' do
     host! 'foo.bar.baz'

data/test/integration/confirmable_test.rb

@@ -37,6 +37,15 @@ class ConfirmationTest < ActionController::IntegrationTest
     assert user.reload.confirmed?
   end
 
+  test 'user should be redirected to a custom path after confirmation' do
+    Devise::ConfirmationsController.any_instance.stubs(:after_confirmation_path_for).returns("/?custom=1")
+
+    user = create_user(:confirm => false)
+    visit_user_confirmation_with_token(user.confirmation_token)
+
+    assert_current_url "/?custom=1"
+  end
+
   test 'already confirmed user should not be able to confirm the account again' do
     user = create_user(:confirm => false)
     user.confirmed_at = Time.now
@@ -60,7 +69,7 @@ class ConfirmationTest < ActionController::IntegrationTest
     assert_contain 'already confirmed'
   end
 
-  test 'sign in user automatically after confirming it\'s email' do
+  test 'sign in user automatically after confirming its email' do
     user = create_user(:confirm => false)
     visit_user_confirmation_with_token(user.confirmation_token)
 

data/test/integration/lockable_test.rb

@@ -73,7 +73,7 @@ class LockTest < ActionController::IntegrationTest
     assert_not user.reload.access_locked?
   end
 
-  test "sign in user automatically after unlocking it's account" do
+  test "sign in user automatically after unlocking its account" do
     user = create_user(:locked => true)
     visit_user_unlock_with_token(user.unlock_token)
     assert warden.authenticated?(:user)

data/test/integration/recoverable_test.rb

@@ -166,7 +166,7 @@ class PasswordTest < ActionController::IntegrationTest
     assert user.reload.valid_password?('987654321')
   end
 
-  test 'sign in user automatically after changing it\'s password' do
+  test 'sign in user automatically after changing its password' do
     user = create_user
     request_forgot_password
     reset_password :reset_password_token => user.reload.reset_password_token
@@ -174,8 +174,8 @@ class PasswordTest < ActionController::IntegrationTest
     assert warden.authenticated?(:user)
   end
 
-  test 'does not sign in user automatically after changing it\'s password if it\'s not active' do
-    user = create_user(:confirm => false)
+  test 'does not sign in user automatically after changing its password if it\'s locked' do
+    user = create_user(:locked => true)
     request_forgot_password
     reset_password :reset_password_token => user.reload.reset_password_token
 
@@ -183,6 +183,15 @@ class PasswordTest < ActionController::IntegrationTest
     assert !warden.authenticated?(:user)
   end
 
+  test 'sign in user automatically and confirm after changing its password if it\'s not confirmed' do
+    user = create_user(:confirm => false)
+    request_forgot_password
+    reset_password :reset_password_token => user.reload.reset_password_token
+
+    assert warden.authenticated?(:user)
+    assert user.reload.confirmed?
+  end
+
   test 'reset password request with valid E-Mail in XML format should return valid response' do
     create_user
     post user_password_path(:format => 'xml'), :user => {:email => "user@test.com"}

data/test/integration/registerable_test.rb

@@ -69,6 +69,10 @@ class RegistrationTest < ActionController::IntegrationTest
   end
 
   test 'a guest user cannot sign up with invalid information' do
+    # Dirty tracking behavior prevents email validations from being applied:
+    #    https://github.com/mongoid/mongoid/issues/756
+    (pending "Fails on Mongoid < 2.1"; break) if defined?(Mongoid) && Mongoid::VERSION.to_f < 2.1
+
     get new_user_registration_path
 
     fill_in 'email', :with => 'invalid_email'
@@ -87,6 +91,10 @@ class RegistrationTest < ActionController::IntegrationTest
   end
 
   test 'a guest should not sign up with email/password that already exists' do
+    # Dirty tracking behavior prevents email validations from being applied:
+    #    https://github.com/mongoid/mongoid/issues/756
+    (pending "Fails on Mongoid < 2.1"; break) if defined?(Mongoid) && Mongoid::VERSION.to_f < 2.1
+
     user = create_user
     get new_user_registration_path
 
@@ -211,14 +219,14 @@ class RegistrationTest < ActionController::IntegrationTest
     get new_user_registration_path(:format => 'xml')
     assert_response :success
     assert_match %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>), response.body
-    assert_no_match(/<confirmation-token/, response.body) if DEVISE_ORM == :active_record
+    assert_no_match(/<confirmation-token/, response.body)
   end
 
   test 'a user with JSON sign up stub' do
     get new_user_registration_path(:format => 'json')
     assert_response :success
     assert_match %({"user":), response.body
-    assert_no_match(/"confirmation_token"/, response.body) if DEVISE_ORM == :active_record
+    assert_no_match(/"confirmation_token"/, response.body)
   end
 
   test 'an admin sign up with valid information in XML format should return valid response' do

data/test/integration/token_authenticatable_test.rb

@@ -13,6 +13,17 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
     end
   end
 
+  test 'authenticate with valid authentication token key and value through params, when params with the same key as scope exist' do
+    swap Devise, :token_authentication_key => :secret_token do
+      user = create_user_with_authentication_token
+      post exhibit_user_path(user), Devise.token_authentication_key => user.authentication_token, :user => { :some => "data" }
+
+      assert_response :success
+      assert_contain 'User is authenticated'
+      assert warden.authenticated?(:user)
+    end
+  end
+
   test 'authenticate with valid authentication token key but does not store if stateless' do
     swap Devise, :token_authentication_key => :secret_token, :stateless_token => true do
       sign_in_as_new_user_with_token

data/test/mailers/confirmation_instructions_test.rb

@@ -4,6 +4,7 @@ class ConfirmationInstructionsTest < ActionMailer::TestCase
 
   def setup
     setup_mailer
+    Devise.mailer = 'Devise::Mailer'
     Devise.mailer_sender = 'test@example.com'
   end
 
@@ -35,6 +36,11 @@ class ConfirmationInstructionsTest < ActionMailer::TestCase
     assert_equal ['test@example.com'], mail.from
   end
 
+  test 'setup sender from custom mailer defaults' do
+    Devise.mailer = 'Users::Mailer'
+    assert_equal ['custom@example.com'], mail.from
+  end
+
   test 'setup reply to as copy from sender' do
     assert_equal ['test@example.com'], mail.reply_to
   end

data/test/mailers/reset_password_instructions_test.rb

@@ -4,6 +4,7 @@ class ResetPasswordInstructionsTest < ActionMailer::TestCase
 
   def setup
     setup_mailer
+    Devise.mailer = 'Devise::Mailer'
     Devise.mailer_sender = 'test@example.com'
   end
 
@@ -38,6 +39,11 @@ class ResetPasswordInstructionsTest < ActionMailer::TestCase
     assert_equal ['test@example.com'], mail.from
   end
 
+  test 'setup sender from custom mailer defaults' do
+    Devise.mailer = 'Users::Mailer'
+    assert_equal ['custom@example.com'], mail.from
+  end
+
   test 'setup reply to as copy from sender' do
     assert_equal ['test@example.com'], mail.reply_to
   end

data/test/mailers/unlock_instructions_test.rb

@@ -4,6 +4,7 @@ class UnlockInstructionsTest < ActionMailer::TestCase
 
   def setup
     setup_mailer
+    Devise.mailer = 'Devise::Mailer'
     Devise.mailer_sender = 'test@example.com'
   end
 
@@ -38,6 +39,11 @@ class UnlockInstructionsTest < ActionMailer::TestCase
     assert_equal ['test@example.com'], mail.from
   end
 
+  test 'setup sender from custom mailer defaults' do
+    Devise.mailer = 'Users::Mailer'
+    assert_equal ['custom@example.com'], mail.from
+  end
+
   test 'setup reply to as copy from sender' do
     assert_equal ['test@example.com'], mail.reply_to
   end

data/test/models/confirmable_test.rb

@@ -121,7 +121,7 @@ class ConfirmableTest < ActiveSupport::TestCase
     assert_equal "not found", confirmation_user.errors[:email].join
   end
 
-  test 'should send email instructions for the user confirm it\'s email' do
+  test 'should send email instructions for the user confirm its email' do
     user = create_user
     assert_email_sent do
       User.send_confirmation_instructions(:email => user.email)
@@ -219,7 +219,7 @@ class ConfirmableTest < ActiveSupport::TestCase
     assert user.reload.active_for_authentication?
   end
 
-  test 'should find a user to send email instructions for the user confirm it\'s email by authentication_keys' do
+  test 'should find a user to send email instructions for the user confirm its email by authentication_keys' do
     swap Devise, :authentication_keys => [:username, :email] do
       user = create_user
       confirm_user = User.send_confirmation_instructions(:email => user.email, :username => user.username)

data/test/models/encryptable_test.rb

@@ -31,8 +31,10 @@ class EncryptableTest < ActiveSupport::TestCase
 
   test 'should generate a base64 hash using SecureRandom for password salt' do
     swap_with_encryptor Admin, :sha1 do
-      SecureRandom.expects(:base64).with(15).returns('friendly_token')
-      assert_equal 'friendly_token', create_admin.password_salt
+      SecureRandom.expects(:base64).with(15).returns('01lI')
+      salt = create_admin.password_salt
+      assert_not_equal '01lI', salt
+      assert_equal 4, salt.size
     end
   end
 

data/test/models/validatable_test.rb

@@ -1,3 +1,4 @@
+# encoding: UTF-8
 require 'test_helper'
 
 class ValidatableTest < ActiveSupport::TestCase
@@ -28,7 +29,7 @@ class ValidatableTest < ActiveSupport::TestCase
     assert user.invalid?
     assert_not_equal 'is invalid', user.errors[:email].join
 
-    %w(invalid_email_format 123 $$$ \(\) ).each do |email|
+    %w{invalid_email_format 123 $$$ () ☃ bla@bla.}.each do |email|
       user.email = email
       assert user.invalid?, 'should be invalid with email ' << email
       assert_equal 'is invalid', user.errors[:email].join
@@ -39,7 +40,7 @@ class ValidatableTest < ActiveSupport::TestCase
   end
 
   test 'should accept valid emails' do
-    %w(a.b.c@example.com test_mail@gmail.com any@any.net email@test.br 123@mail.test).each do |email|
+    %w(a.b.c@example.com test_mail@gmail.com any@any.net email@test.br 123@mail.test 1☃3@mail.test).each do |email|
       user = new_user(:email => email)
       assert user.valid?, 'should be valid with email ' << email
       assert_blank user.errors[:email]

data/test/models_test.rb

@@ -42,18 +42,16 @@ class ActiveRecordTest < ActiveSupport::TestCase
     assert_include_modules Admin, :database_authenticatable, :registerable, :timeoutable, :recoverable, :lockable, :rememberable, :encryptable
   end
 
-  if DEVISE_ORM == :active_record
-    test 'validations options are not applied to late' do
-      validators = WithValidation.validators_on :password
-      length = validators.find { |v| v.kind == :length }
-      assert_equal 2, length.options[:minimum]
-      assert_equal 6, length.options[:maximum]
-    end
+  test 'validations options are not applied too late' do
+    validators = WithValidation.validators_on :password
+    length = validators.find { |v| v.kind == :length }
+    assert_equal 2, length.options[:minimum]
+    assert_equal 6, length.options[:maximum]
+  end
 
-    test 'validations are applied just once' do
-      validators = Several.validators_on :password
-      assert_equal 1, validators.select{ |v| v.kind == :length }.length
-    end
+  test 'validations are applied just once' do
+    validators = Several.validators_on :password
+    assert_equal 1, validators.select{ |v| v.kind == :length }.length
   end
 
   test 'chosen modules are inheritable' do

data/test/orm/mongoid.rb

@@ -1,6 +1,9 @@
+require 'mongoid/version'
+
 Mongoid.configure do |config|
   config.master  = Mongo::Connection.new('127.0.0.1', 27017).db("devise-test-suite")
   config.use_utc = true
+  config.include_root_in_json = true
 end
 
 class ActiveSupport::TestCase

data/test/rails_app/app/active_record/user.rb

@@ -3,6 +3,4 @@ require 'shared_user'
 class User < ActiveRecord::Base
   include Shim
   include SharedUser
-
-  attr_accessible :username, :email, :password, :password_confirmation, :remember_me
 end

data/test/rails_app/app/mailers/users/mailer.rb

@@ -0,0 +1,3 @@
+class Users::Mailer < Devise::Mailer
+  default :from => 'custom@example.com'
+end

data/test/rails_app/app/mongoid/shim.rb

@@ -21,9 +21,4 @@ module Shim
   def ==(other)
     other.is_a?(self.class) && _id == other._id
   end
-
-  # Mongoid does not have this method in the current beta version (2.0.0.beta.20)
-  def update_attribute(attribute, value)
-    update_attributes(attribute => value)
-  end
 end

data/test/rails_app/config/application.rb

@@ -29,6 +29,7 @@ module RailsApp
 
     # Configure sensitive parameters which will be filtered from the log file.
     config.filter_parameters << :password
+    config.assets.enabled = false
 
     config.action_mailer.default_url_options = { :host => "localhost:3000" }