devise 1.4.9 → 1.5.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/.travis.yml +1 -1
- data/CHANGELOG.rdoc +21 -0
- data/Gemfile +5 -3
- data/README.rdoc +25 -13
- data/app/controllers/devise/confirmations_controller.rb +2 -3
- data/app/controllers/devise/passwords_controller.rb +2 -3
- data/app/controllers/devise/registrations_controller.rb +2 -13
- data/app/controllers/devise/sessions_controller.rb +2 -2
- data/app/controllers/devise/unlocks_controller.rb +2 -3
- data/config/locales/en.yml +1 -1
- data/devise.gemspec +1 -1
- data/lib/devise.rb +6 -4
- data/lib/devise/controllers/helpers.rb +43 -27
- data/lib/devise/controllers/internal_helpers.rb +14 -8
- data/lib/devise/delegator.rb +16 -0
- data/lib/devise/encryptors/authlogic_sha512.rb +1 -1
- data/lib/devise/encryptors/clearance_sha1.rb +1 -1
- data/lib/devise/encryptors/restful_authentication_sha1.rb +1 -1
- data/lib/devise/encryptors/sha1.rb +1 -1
- data/lib/devise/encryptors/sha512.rb +1 -1
- data/lib/devise/failure_app.rb +2 -1
- data/lib/devise/hooks/timeoutable.rb +3 -1
- data/lib/devise/mailers/helpers.rb +0 -5
- data/lib/devise/mapping.rb +70 -44
- data/lib/devise/models/authenticatable.rb +14 -24
- data/lib/devise/models/confirmable.rb +3 -3
- data/lib/devise/models/database_authenticatable.rb +11 -1
- data/lib/devise/models/lockable.rb +7 -11
- data/lib/devise/models/recoverable.rb +3 -3
- data/lib/devise/models/trackable.rb +2 -2
- data/lib/devise/omniauth.rb +5 -4
- data/lib/devise/omniauth/config.rb +27 -5
- data/lib/devise/param_filter.rb +41 -0
- data/lib/devise/rails.rb +0 -11
- data/lib/devise/rails/routes.rb +10 -7
- data/lib/devise/strategies/authenticatable.rb +1 -11
- data/lib/devise/version.rb +1 -1
- data/lib/generators/active_record/templates/migration.rb +7 -1
- data/lib/generators/active_record/templates/migration_existing.rb +3 -3
- data/lib/generators/devise/views_generator.rb +30 -4
- data/lib/generators/templates/devise.rb +0 -1
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
- data/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
- data/test/controllers/helpers_test.rb +20 -11
- data/test/devise_test.rb +1 -1
- data/test/generators/active_record_generator_test.rb +16 -6
- data/test/generators/views_generator_test.rb +11 -4
- data/test/integration/authenticatable_test.rb +25 -3
- data/test/integration/confirmable_test.rb +27 -3
- data/test/integration/lockable_test.rb +17 -6
- data/test/integration/omniauthable_test.rb +6 -9
- data/test/integration/recoverable_test.rb +21 -2
- data/test/integration/registerable_test.rb +18 -1
- data/test/integration/timeoutable_test.rb +9 -0
- data/test/integration/trackable_test.rb +11 -0
- data/test/mailers/confirmation_instructions_test.rb +5 -0
- data/test/mailers/reset_password_instructions_test.rb +5 -0
- data/test/mailers/unlock_instructions_test.rb +5 -0
- data/test/models/database_authenticatable_test.rb +2 -19
- data/test/omniauth/config_test.rb +56 -0
- data/test/omniauth/my_other_strategy.rb +5 -0
- data/test/omniauth/omniauth-my_strategy.rb +5 -0
- data/test/omniauth/url_helpers_test.rb +4 -4
- data/test/rails_app/config/environments/development.rb +0 -1
- data/test/rails_app/config/initializers/devise.rb +2 -2
- data/test/rails_app/config/routes.rb +4 -4
- data/test/rails_app/lib/shared_admin.rb +1 -0
- data/test/support/helpers.rb +27 -0
- metadata +54 -77
@@ -7,20 +7,30 @@ if DEVISE_ORM == :active_record
|
|
7
7
|
tests ActiveRecord::Generators::DeviseGenerator
|
8
8
|
destination File.expand_path("../../tmp", __FILE__)
|
9
9
|
setup :prepare_destination
|
10
|
-
|
10
|
+
|
11
11
|
test "all files are properly created" do
|
12
|
-
|
13
|
-
|
14
|
-
|
12
|
+
with_rails_version :MAJOR => 3, :MINOR => 0 do
|
13
|
+
run_generator %w(monster)
|
14
|
+
assert_file "app/models/monster.rb", /devise/, /attr_accessible (:[a-z_]+(, )?)+/
|
15
|
+
assert_migration "db/migrate/devise_create_monsters.rb", /def self\.up/
|
16
|
+
end
|
15
17
|
end
|
16
|
-
|
18
|
+
|
19
|
+
test "all files are properly created with rails31 migration syntax" do
|
20
|
+
with_rails_version :MAJOR => 3, :MINOR => 1 do
|
21
|
+
run_generator %w(monster)
|
22
|
+
assert_file "app/models/monster.rb", /devise/, /attr_accessible (:[a-z_]+(, )?)+/
|
23
|
+
assert_migration "db/migrate/devise_create_monsters.rb", /def change/
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
17
27
|
test "update model migration when model exists" do
|
18
28
|
run_generator %w(monster)
|
19
29
|
assert_file "app/models/monster.rb"
|
20
30
|
run_generator %w(monster)
|
21
31
|
assert_migration "db/migrate/add_devise_to_monsters.rb"
|
22
32
|
end
|
23
|
-
|
33
|
+
|
24
34
|
test "all files are properly deleted" do
|
25
35
|
run_generator %w(monster)
|
26
36
|
run_generator %w(monster)
|
@@ -28,12 +28,19 @@ class ViewsGeneratorTest < Rails::Generators::TestCase
|
|
28
28
|
assert_file "app/views/users/confirmations/new.html.erb", /simple_form_for/
|
29
29
|
end
|
30
30
|
|
31
|
-
|
31
|
+
test "Assert views with markerb" do
|
32
|
+
run_generator %w(--markerb)
|
33
|
+
assert_files nil, :mail_template_engine => "markerb"
|
34
|
+
end
|
35
|
+
|
36
|
+
def assert_files(scope = nil, options={})
|
32
37
|
scope = "devise" if scope.nil?
|
38
|
+
mail_template_engine = options[:mail_template_engine] || "html.erb"
|
39
|
+
|
33
40
|
assert_file "app/views/#{scope}/confirmations/new.html.erb"
|
34
|
-
assert_file "app/views/#{scope}/mailer/confirmation_instructions
|
35
|
-
assert_file "app/views/#{scope}/mailer/reset_password_instructions
|
36
|
-
assert_file "app/views/#{scope}/mailer/unlock_instructions
|
41
|
+
assert_file "app/views/#{scope}/mailer/confirmation_instructions.#{mail_template_engine}"
|
42
|
+
assert_file "app/views/#{scope}/mailer/reset_password_instructions.#{mail_template_engine}"
|
43
|
+
assert_file "app/views/#{scope}/mailer/unlock_instructions.#{mail_template_engine}"
|
37
44
|
assert_file "app/views/#{scope}/passwords/edit.html.erb"
|
38
45
|
assert_file "app/views/#{scope}/passwords/new.html.erb"
|
39
46
|
assert_file "app/views/#{scope}/registrations/new.html.erb"
|
@@ -131,7 +131,7 @@ class AuthenticationSanityTest < ActionController::IntegrationTest
|
|
131
131
|
end
|
132
132
|
end
|
133
133
|
|
134
|
-
test 'signed in user should not see
|
134
|
+
test 'signed in user should not see unauthenticated page' do
|
135
135
|
sign_in_as_user
|
136
136
|
assert warden.authenticated?(:user)
|
137
137
|
assert_not warden.authenticated?(:admin)
|
@@ -141,7 +141,7 @@ class AuthenticationSanityTest < ActionController::IntegrationTest
|
|
141
141
|
end
|
142
142
|
end
|
143
143
|
|
144
|
-
test 'not signed in should see
|
144
|
+
test 'not signed in users should see unautheticated page' do
|
145
145
|
get join_path
|
146
146
|
|
147
147
|
assert_response :success
|
@@ -200,6 +200,12 @@ class AuthenticationSanityTest < ActionController::IntegrationTest
|
|
200
200
|
get root_path
|
201
201
|
assert_not_contain 'Signed out successfully'
|
202
202
|
end
|
203
|
+
|
204
|
+
test 'scope uses custom failure app' do
|
205
|
+
put "/en/accounts/management"
|
206
|
+
assert_equal "Oops, not found", response.body
|
207
|
+
assert_equal 404, response.status
|
208
|
+
end
|
203
209
|
end
|
204
210
|
|
205
211
|
class AuthenticationRedirectTest < ActionController::IntegrationTest
|
@@ -312,7 +318,7 @@ class AuthenticationSessionTest < ActionController::IntegrationTest
|
|
312
318
|
end
|
313
319
|
end
|
314
320
|
|
315
|
-
class
|
321
|
+
class AuthenticationWithScopedViewsTest < ActionController::IntegrationTest
|
316
322
|
test 'renders the scoped view if turned on and view is available' do
|
317
323
|
swap Devise, :scoped_views => true do
|
318
324
|
assert_raise Webrat::NotFoundError do
|
@@ -439,6 +445,22 @@ class AuthenticationOthersTest < ActionController::IntegrationTest
|
|
439
445
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
|
440
446
|
end
|
441
447
|
|
448
|
+
test 'sign in with xml format is idempotent' do
|
449
|
+
get new_user_session_path(:format => 'xml')
|
450
|
+
assert_response :success
|
451
|
+
|
452
|
+
create_user
|
453
|
+
post user_session_path(:format => 'xml'), :user => {:email => "user@test.com", :password => '123456'}
|
454
|
+
assert_response :success
|
455
|
+
|
456
|
+
get new_user_session_path(:format => 'xml')
|
457
|
+
assert_response :success
|
458
|
+
|
459
|
+
post user_session_path(:format => 'xml'), :user => {:email => "user@test.com", :password => '123456'}
|
460
|
+
assert_response :success
|
461
|
+
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
|
462
|
+
end
|
463
|
+
|
442
464
|
test 'sign out with xml format returns ok response' do
|
443
465
|
sign_in_as_user
|
444
466
|
get destroy_user_session_path(:format => 'xml')
|
@@ -6,7 +6,7 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|
6
6
|
visit user_confirmation_path(:confirmation_token => confirmation_token)
|
7
7
|
end
|
8
8
|
|
9
|
-
|
9
|
+
def resend_confirmation
|
10
10
|
user = create_user(:confirm => false)
|
11
11
|
ActionMailer::Base.deliveries.clear
|
12
12
|
|
@@ -15,10 +15,23 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|
15
15
|
|
16
16
|
fill_in 'email', :with => user.email
|
17
17
|
click_button 'Resend confirmation instructions'
|
18
|
+
end
|
19
|
+
|
20
|
+
test 'user should be able to request a new confirmation' do
|
21
|
+
resend_confirmation
|
18
22
|
|
19
23
|
assert_current_url '/users/sign_in'
|
20
24
|
assert_contain 'You will receive an email with instructions about how to confirm your account in a few minutes'
|
21
25
|
assert_equal 1, ActionMailer::Base.deliveries.size
|
26
|
+
assert_equal ['please-change-me@config-initializers-devise.com'], ActionMailer::Base.deliveries.first.from
|
27
|
+
end
|
28
|
+
|
29
|
+
test 'user should receive a confirmation from a custom mailer' do
|
30
|
+
User.any_instance.stubs(:devise_mailer).returns(Users::Mailer)
|
31
|
+
|
32
|
+
resend_confirmation
|
33
|
+
|
34
|
+
assert_equal ['custom@example.com'], ActionMailer::Base.deliveries.first.from
|
22
35
|
end
|
23
36
|
|
24
37
|
test 'user with invalid confirmation token should not be able to confirm an account' do
|
@@ -93,6 +106,17 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|
93
106
|
end
|
94
107
|
end
|
95
108
|
|
109
|
+
test 'not confirmed user should not see confirmation message if invalid credentials are given' do
|
110
|
+
swap Devise, :confirm_within => 0.days do
|
111
|
+
sign_in_as_user(:confirm => false) do
|
112
|
+
fill_in 'password', :with => 'invalid'
|
113
|
+
end
|
114
|
+
|
115
|
+
assert_contain 'Invalid email or password'
|
116
|
+
assert_not warden.authenticated?(:user)
|
117
|
+
end
|
118
|
+
end
|
119
|
+
|
96
120
|
test 'not confirmed user but configured with some days to confirm should be able to sign in' do
|
97
121
|
swap Devise, :confirm_within => 1.day do
|
98
122
|
sign_in_as_user(:confirm => false)
|
@@ -157,7 +181,7 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|
157
181
|
click_button 'Resend confirmation instructions'
|
158
182
|
|
159
183
|
assert_contain "If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes."
|
160
|
-
assert_current_url "/users/
|
184
|
+
assert_current_url "/users/sign_in"
|
161
185
|
end
|
162
186
|
end
|
163
187
|
|
@@ -173,7 +197,7 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|
173
197
|
assert_not_contain "Email not found"
|
174
198
|
|
175
199
|
assert_contain "If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes."
|
176
|
-
assert_current_url "/users/
|
200
|
+
assert_current_url "/users/sign_in"
|
177
201
|
end
|
178
202
|
end
|
179
203
|
end
|
@@ -6,7 +6,7 @@ class LockTest < ActionController::IntegrationTest
|
|
6
6
|
visit user_unlock_path(:unlock_token => unlock_token)
|
7
7
|
end
|
8
8
|
|
9
|
-
|
9
|
+
def send_unlock_request
|
10
10
|
user = create_user(:locked => true)
|
11
11
|
ActionMailer::Base.deliveries.clear
|
12
12
|
|
@@ -15,10 +15,23 @@ class LockTest < ActionController::IntegrationTest
|
|
15
15
|
|
16
16
|
fill_in 'email', :with => user.email
|
17
17
|
click_button 'Resend unlock instructions'
|
18
|
+
end
|
19
|
+
|
20
|
+
test 'user should be able to request a new unlock token' do
|
21
|
+
send_unlock_request
|
18
22
|
|
19
23
|
assert_template 'sessions/new'
|
20
24
|
assert_contain 'You will receive an email with instructions about how to unlock your account in a few minutes'
|
21
25
|
assert_equal 1, ActionMailer::Base.deliveries.size
|
26
|
+
assert_equal ['please-change-me@config-initializers-devise.com'], ActionMailer::Base.deliveries.first.from
|
27
|
+
end
|
28
|
+
|
29
|
+
test 'user should receive the instructions from a custom mailer' do
|
30
|
+
User.any_instance.stubs(:devise_mailer).returns(Users::Mailer)
|
31
|
+
|
32
|
+
send_unlock_request
|
33
|
+
|
34
|
+
assert_equal ['custom@example.com'], ActionMailer::Base.deliveries.first.from
|
22
35
|
end
|
23
36
|
|
24
37
|
test 'unlocked user should not be able to request a unlock token' do
|
@@ -159,8 +172,7 @@ class LockTest < ActionController::IntegrationTest
|
|
159
172
|
fill_in 'email', :with => user.email
|
160
173
|
click_button 'Resend unlock instructions'
|
161
174
|
|
162
|
-
assert_current_url "/users/
|
163
|
-
|
175
|
+
assert_current_url "/users/sign_in"
|
164
176
|
assert_contain "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
|
165
177
|
end
|
166
178
|
end
|
@@ -175,8 +187,7 @@ class LockTest < ActionController::IntegrationTest
|
|
175
187
|
fill_in 'email', :with => user.email
|
176
188
|
click_button 'Resend unlock instructions'
|
177
189
|
|
178
|
-
assert_current_url "/users/
|
179
|
-
|
190
|
+
assert_current_url "/users/sign_in"
|
180
191
|
assert_contain "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
|
181
192
|
end
|
182
193
|
end
|
@@ -191,7 +202,7 @@ class LockTest < ActionController::IntegrationTest
|
|
191
202
|
|
192
203
|
assert_not_contain "1 error prohibited this user from being saved:"
|
193
204
|
assert_not_contain "Email not found"
|
194
|
-
assert_current_url "/users/
|
205
|
+
assert_current_url "/users/sign_in"
|
195
206
|
|
196
207
|
assert_contain "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
|
197
208
|
|
@@ -1,5 +1,6 @@
|
|
1
1
|
require 'test_helper'
|
2
2
|
|
3
|
+
|
3
4
|
class OmniauthableIntegrationTest < ActionController::IntegrationTest
|
4
5
|
FACEBOOK_INFO = {
|
5
6
|
"id" => '12345',
|
@@ -12,14 +13,6 @@ class OmniauthableIntegrationTest < ActionController::IntegrationTest
|
|
12
13
|
|
13
14
|
setup do
|
14
15
|
OmniAuth.config.test_mode = true
|
15
|
-
stub_facebook!
|
16
|
-
end
|
17
|
-
|
18
|
-
teardown do
|
19
|
-
OmniAuth.config.test_mode = false
|
20
|
-
end
|
21
|
-
|
22
|
-
def stub_facebook!
|
23
16
|
OmniAuth.config.mock_auth[:facebook] = {
|
24
17
|
"uid" => '12345',
|
25
18
|
"provider" => 'facebook',
|
@@ -29,6 +22,10 @@ class OmniauthableIntegrationTest < ActionController::IntegrationTest
|
|
29
22
|
}
|
30
23
|
end
|
31
24
|
|
25
|
+
teardown do
|
26
|
+
OmniAuth.config.test_mode = false
|
27
|
+
end
|
28
|
+
|
32
29
|
def stub_action!(name)
|
33
30
|
Users::OmniauthCallbacksController.class_eval do
|
34
31
|
alias_method :__old_facebook, :facebook
|
@@ -128,7 +125,7 @@ class OmniauthableIntegrationTest < ActionController::IntegrationTest
|
|
128
125
|
OmniAuth.config.mock_auth[:facebook] = :invalid_credentials
|
129
126
|
|
130
127
|
visit "/users/sign_in"
|
131
|
-
click_link "Sign in with
|
128
|
+
click_link "Sign in with Facebook"
|
132
129
|
|
133
130
|
assert_current_url "/users/sign_in"
|
134
131
|
assert_contain 'Could not authorize you from Facebook because "Invalid credentials".'
|
@@ -38,6 +38,16 @@ class PasswordTest < ActionController::IntegrationTest
|
|
38
38
|
assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
|
39
39
|
end
|
40
40
|
|
41
|
+
test 'reset password with email should send an email from a custom mailer' do
|
42
|
+
create_user(:email => 'Foo@Bar.com')
|
43
|
+
|
44
|
+
User.any_instance.stubs(:devise_mailer).returns(Users::Mailer)
|
45
|
+
request_forgot_password do
|
46
|
+
fill_in 'email', :with => 'foo@bar.com'
|
47
|
+
end
|
48
|
+
assert_equal ['custom@example.com'], ActionMailer::Base.deliveries.last.from
|
49
|
+
end
|
50
|
+
|
41
51
|
test 'reset password with email of different case should fail when email is NOT the list of case insensitive keys' do
|
42
52
|
swap Devise, :case_insensitive_keys => [] do
|
43
53
|
create_user(:email => 'Foo@Bar.com')
|
@@ -208,6 +218,15 @@ class PasswordTest < ActionController::IntegrationTest
|
|
208
218
|
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
|
209
219
|
end
|
210
220
|
|
221
|
+
test 'reset password request with invalid E-Mail in XML format should return empty and valid response' do
|
222
|
+
swap Devise, :paranoid => true do
|
223
|
+
create_user
|
224
|
+
post user_password_path(:format => 'xml'), :user => {:email => "invalid@test.com"}
|
225
|
+
assert_response :success
|
226
|
+
assert_equal response.body, { }.to_xml
|
227
|
+
end
|
228
|
+
end
|
229
|
+
|
211
230
|
test 'change password with valid parameters in XML format should return valid response' do
|
212
231
|
user = create_user
|
213
232
|
request_forgot_password
|
@@ -250,7 +269,7 @@ class PasswordTest < ActionController::IntegrationTest
|
|
250
269
|
assert_not_contain "1 error prohibited this user from being saved:"
|
251
270
|
assert_not_contain "Email not found"
|
252
271
|
assert_contain "If your e-mail exists on our database, you will receive a password recovery link on your e-mail"
|
253
|
-
assert_current_url "/users/
|
272
|
+
assert_current_url "/users/sign_in"
|
254
273
|
end
|
255
274
|
end
|
256
275
|
|
@@ -262,7 +281,7 @@ class PasswordTest < ActionController::IntegrationTest
|
|
262
281
|
click_button 'Send me reset password instructions'
|
263
282
|
|
264
283
|
assert_contain "If your e-mail exists on our database, you will receive a password recovery link on your e-mail"
|
265
|
-
assert_current_url "/users/
|
284
|
+
assert_current_url "/users/sign_in"
|
266
285
|
end
|
267
286
|
end
|
268
287
|
end
|
@@ -36,13 +36,19 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
36
36
|
assert_current_url "/?custom=1"
|
37
37
|
end
|
38
38
|
|
39
|
-
|
39
|
+
def user_sign_up
|
40
|
+
ActionMailer::Base.deliveries.clear
|
41
|
+
|
40
42
|
get new_user_registration_path
|
41
43
|
|
42
44
|
fill_in 'email', :with => 'new_user@test.com'
|
43
45
|
fill_in 'password', :with => 'new_user123'
|
44
46
|
fill_in 'password confirmation', :with => 'new_user123'
|
45
47
|
click_button 'Sign up'
|
48
|
+
end
|
49
|
+
|
50
|
+
test 'a guest user should be able to sign up successfully and be blocked by confirmation' do
|
51
|
+
user_sign_up
|
46
52
|
|
47
53
|
assert_contain 'You have signed up successfully. However, we could not sign you in because your account is unconfirmed.'
|
48
54
|
assert_not_contain 'You have to confirm your account before continuing'
|
@@ -55,6 +61,17 @@ class RegistrationTest < ActionController::IntegrationTest
|
|
55
61
|
assert_not user.confirmed?
|
56
62
|
end
|
57
63
|
|
64
|
+
test 'a guest user should receive the confirmation instructions from the default mailer' do
|
65
|
+
user_sign_up
|
66
|
+
assert_equal ['please-change-me@config-initializers-devise.com'], ActionMailer::Base.deliveries.first.from
|
67
|
+
end
|
68
|
+
|
69
|
+
test 'a guest user should receive the confirmation instructions from a custom mailer' do
|
70
|
+
User.any_instance.stubs(:devise_mailer).returns(Users::Mailer)
|
71
|
+
user_sign_up
|
72
|
+
assert_equal ['custom@example.com'], ActionMailer::Base.deliveries.first.from
|
73
|
+
end
|
74
|
+
|
58
75
|
test 'a guest user should be blocked by confirmation and redirected to a custom path' do
|
59
76
|
Devise::RegistrationsController.any_instance.stubs(:after_inactive_sign_up_path_for).returns("/?custom=1")
|
60
77
|
get new_user_registration_path
|
@@ -16,6 +16,15 @@ class SessionTimeoutTest < ActionController::IntegrationTest
|
|
16
16
|
assert_not_equal old_last_request, last_request_at
|
17
17
|
end
|
18
18
|
|
19
|
+
test 'set last request at in user session after each request is skipped if tracking is disabled' do
|
20
|
+
sign_in_as_user
|
21
|
+
old_last_request = last_request_at
|
22
|
+
assert_not_nil last_request_at
|
23
|
+
|
24
|
+
get users_path, {}, 'devise.skip_trackable' => true
|
25
|
+
assert_equal old_last_request, last_request_at
|
26
|
+
end
|
27
|
+
|
19
28
|
test 'not time out user session before default limit time' do
|
20
29
|
sign_in_as_user
|
21
30
|
assert_response :success
|
@@ -36,6 +36,17 @@ class TrackableHooksTest < ActionController::IntegrationTest
|
|
36
36
|
assert_equal "127.0.0.1", user.current_sign_in_ip
|
37
37
|
assert_equal "127.0.0.1", user.last_sign_in_ip
|
38
38
|
end
|
39
|
+
|
40
|
+
test "current remote ip returns original ip behind a non transparent proxy" do
|
41
|
+
user = create_user
|
42
|
+
|
43
|
+
arbitrary_ip = '192.168.1.69'
|
44
|
+
sign_in_as_user do
|
45
|
+
header 'HTTP_X_FORWARDED_FOR', arbitrary_ip
|
46
|
+
end
|
47
|
+
user.reload
|
48
|
+
assert_equal arbitrary_ip, user.current_sign_in_ip
|
49
|
+
end
|
39
50
|
|
40
51
|
test "increase sign in count" do
|
41
52
|
user = create_user
|
@@ -8,6 +8,11 @@ class ConfirmationInstructionsTest < ActionMailer::TestCase
|
|
8
8
|
Devise.mailer_sender = 'test@example.com'
|
9
9
|
end
|
10
10
|
|
11
|
+
def teardown
|
12
|
+
Devise.mailer = 'Devise::Mailer'
|
13
|
+
Devise.mailer_sender = 'please-change-me@config-initializers-devise.com'
|
14
|
+
end
|
15
|
+
|
11
16
|
def user
|
12
17
|
@user ||= create_user
|
13
18
|
end
|
@@ -8,6 +8,11 @@ class ResetPasswordInstructionsTest < ActionMailer::TestCase
|
|
8
8
|
Devise.mailer_sender = 'test@example.com'
|
9
9
|
end
|
10
10
|
|
11
|
+
def teardown
|
12
|
+
Devise.mailer = 'Devise::Mailer'
|
13
|
+
Devise.mailer_sender = 'please-change-me@config-initializers-devise.com'
|
14
|
+
end
|
15
|
+
|
11
16
|
def user
|
12
17
|
@user ||= begin
|
13
18
|
user = create_user
|
@@ -8,6 +8,11 @@ class UnlockInstructionsTest < ActionMailer::TestCase
|
|
8
8
|
Devise.mailer_sender = 'test@example.com'
|
9
9
|
end
|
10
10
|
|
11
|
+
def teardown
|
12
|
+
Devise.mailer = 'Devise::Mailer'
|
13
|
+
Devise.mailer_sender = 'please-change-me@config-initializers-devise.com'
|
14
|
+
end
|
15
|
+
|
11
16
|
def user
|
12
17
|
@user ||= begin
|
13
18
|
user = create_user
|