devise 2.0.4 → 2.0.5

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of devise might be problematic. Click here for more details.

@@ -1,6 +1,9 @@
1
- == 2.0.4
1
+ == 2.0.5
2
+
3
+ * bug fix
4
+ * Require string conversion for all values
2
5
 
3
- Notes: https://github.com/plataformatec/devise/wiki/How-To:-Upgrade-to-Devise-2.0
6
+ == 2.0.4
4
7
 
5
8
  * bug fix
6
9
  * Fix a regression that caused Warden to be initialized too late
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- devise (2.0.2)
4
+ devise (2.0.4)
5
5
  bcrypt-ruby (~> 3.0)
6
6
  orm_adapter (~> 0.0.3)
7
7
  railties (~> 3.1)
@@ -87,7 +87,7 @@ GEM
87
87
  omniauth-openid (1.0.1)
88
88
  omniauth (~> 1.0)
89
89
  rack-openid (~> 1.3.1)
90
- orm_adapter (0.0.6)
90
+ orm_adapter (0.0.7)
91
91
  polyglot (0.3.3)
92
92
  rack (1.4.1)
93
93
  rack-cache (1.1)
@@ -154,17 +154,20 @@ module Devise
154
154
  # namedscope to filter records while authenticating.
155
155
  # Example:
156
156
  #
157
- # def self.find_for_authentication(conditions={})
158
- # conditions[:active] = true
159
- # super
157
+ # def self.find_for_authentication(tainted_conditions)
158
+ # find_first_by_auth_conditions(tainted_conditions, active: true)
160
159
  # end
161
160
  #
162
- def find_for_authentication(conditions)
163
- find_first_by_auth_conditions(conditions)
161
+ # Finally, notice that Devise also queries for users in other scenarios
162
+ # besides authentication, for example when retrieving an user to send
163
+ # an e-mail for password reset. In such cases, find_for_authentication
164
+ # is not called.
165
+ def find_for_authentication(tainted_conditions)
166
+ find_first_by_auth_conditions(tainted_conditions)
164
167
  end
165
168
 
166
- def find_first_by_auth_conditions(conditions)
167
- to_adapter.find_first devise_param_filter.filter(conditions)
169
+ def find_first_by_auth_conditions(tainted_conditions, opts={})
170
+ to_adapter.find_first(devise_param_filter.filter(tainted_conditions).merge(opts))
168
171
  end
169
172
 
170
173
  # Find an initialize a record setting an error if it can't be found.
@@ -210,4 +213,4 @@ module Devise
210
213
  end
211
214
  end
212
215
  end
213
- end
216
+ end
@@ -33,9 +33,8 @@ module Devise
33
33
 
34
34
  private
35
35
 
36
- # Determine which values should be transformed to string or passed as-is to the query builder underneath
37
36
  def param_requires_string_conversion?(value)
38
- [Fixnum, TrueClass, FalseClass, Regexp].none? {|clz| value.is_a? clz }
37
+ true
39
38
  end
40
39
  end
41
40
  end
@@ -1,3 +1,3 @@
1
1
  module Devise
2
- VERSION = "2.0.4".freeze
2
+ VERSION = "2.0.5".freeze
3
3
  end
@@ -0,0 +1,9 @@
1
+ require 'test_helper'
2
+
3
+ class AuthenticatableTest < ActiveSupport::TestCase
4
+ test 'find_first_by_auth_conditions allows custom filtering parameters' do
5
+ user = User.create!(email: "example@example.com", password: "123456")
6
+ assert_equal User.find_first_by_auth_conditions({ email: "example@example.com" }), user
7
+ assert_equal User.find_first_by_auth_conditions({ email: "example@example.com" }, id: user.id + 1), nil
8
+ end
9
+ end
@@ -23,15 +23,9 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
23
23
  end
24
24
 
25
25
  test "param filter should not convert booleans and integer to strings" do
26
- conditions = { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => (1..10) }
26
+ conditions = { "login" => "foo@bar.com", "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => (1..10) }
27
27
  conditions = Devise::ParamFilter.new([], []).filter(conditions)
28
- assert_equal( { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => "1..10" }, conditions)
29
- end
30
-
31
- test "param filter should not convert regular expressions to strings" do
32
- conditions = { "regexp" => /expression/ }
33
- conditions = Devise::ParamFilter.new([], []).filter(conditions)
34
- assert_equal( { "regexp" => /expression/ }, conditions)
28
+ assert_equal( { "login" => "foo@bar.com", "bool1" => "true", "bool2" => "false", "fixnum" => "123", "will_be_converted" => "1..10" }, conditions)
35
29
  end
36
30
 
37
31
  test 'should respond to password and password confirmation' do
metadata CHANGED
@@ -1,8 +1,8 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.4
5
4
  prerelease:
5
+ version: 2.0.5
6
6
  platform: ruby
7
7
  authors:
8
8
  - José Valim
@@ -10,52 +10,72 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2012-02-17 00:00:00.000000000 Z
13
+ date: 2013-01-26 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
- name: warden
17
- requirement: &2156392360 !ruby/object:Gem::Requirement
18
- none: false
16
+ version_requirements: !ruby/object:Gem::Requirement
19
17
  requirements:
20
18
  - - ~>
21
19
  - !ruby/object:Gem::Version
22
20
  version: 1.1.1
21
+ none: false
22
+ name: warden
23
23
  type: :runtime
24
24
  prerelease: false
25
- version_requirements: *2156392360
26
- - !ruby/object:Gem::Dependency
27
- name: orm_adapter
28
- requirement: &2156391100 !ruby/object:Gem::Requirement
25
+ requirement: !ruby/object:Gem::Requirement
26
+ requirements:
27
+ - - ~>
28
+ - !ruby/object:Gem::Version
29
+ version: 1.1.1
29
30
  none: false
31
+ - !ruby/object:Gem::Dependency
32
+ version_requirements: !ruby/object:Gem::Requirement
30
33
  requirements:
31
34
  - - ~>
32
35
  - !ruby/object:Gem::Version
33
36
  version: 0.0.3
37
+ none: false
38
+ name: orm_adapter
34
39
  type: :runtime
35
40
  prerelease: false
36
- version_requirements: *2156391100
37
- - !ruby/object:Gem::Dependency
38
- name: bcrypt-ruby
39
- requirement: &2156389800 !ruby/object:Gem::Requirement
41
+ requirement: !ruby/object:Gem::Requirement
42
+ requirements:
43
+ - - ~>
44
+ - !ruby/object:Gem::Version
45
+ version: 0.0.3
40
46
  none: false
47
+ - !ruby/object:Gem::Dependency
48
+ version_requirements: !ruby/object:Gem::Requirement
41
49
  requirements:
42
50
  - - ~>
43
51
  - !ruby/object:Gem::Version
44
52
  version: '3.0'
53
+ none: false
54
+ name: bcrypt-ruby
45
55
  type: :runtime
46
56
  prerelease: false
47
- version_requirements: *2156389800
48
- - !ruby/object:Gem::Dependency
49
- name: railties
50
- requirement: &2156387120 !ruby/object:Gem::Requirement
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ~>
60
+ - !ruby/object:Gem::Version
61
+ version: '3.0'
51
62
  none: false
63
+ - !ruby/object:Gem::Dependency
64
+ version_requirements: !ruby/object:Gem::Requirement
52
65
  requirements:
53
66
  - - ~>
54
67
  - !ruby/object:Gem::Version
55
68
  version: '3.1'
69
+ none: false
70
+ name: railties
56
71
  type: :runtime
57
72
  prerelease: false
58
- version_requirements: *2156387120
73
+ requirement: !ruby/object:Gem::Requirement
74
+ requirements:
75
+ - - ~>
76
+ - !ruby/object:Gem::Version
77
+ version: '3.1'
78
+ none: false
59
79
  description: Flexible authentication solution for Rails with Warden
60
80
  email: contact@plataformatec.com.br
61
81
  executables: []
@@ -198,6 +218,7 @@ files:
198
218
  - test/mailers/reset_password_instructions_test.rb
199
219
  - test/mailers/unlock_instructions_test.rb
200
220
  - test/mapping_test.rb
221
+ - test/models/authenticatable_test.rb
201
222
  - test/models/confirmable_test.rb
202
223
  - test/models/database_authenticatable_test.rb
203
224
  - test/models/encryptable_test.rb
@@ -279,20 +300,20 @@ rdoc_options: []
279
300
  require_paths:
280
301
  - lib
281
302
  required_ruby_version: !ruby/object:Gem::Requirement
282
- none: false
283
303
  requirements:
284
304
  - - ! '>='
285
305
  - !ruby/object:Gem::Version
286
306
  version: '0'
287
- required_rubygems_version: !ruby/object:Gem::Requirement
288
307
  none: false
308
+ required_rubygems_version: !ruby/object:Gem::Requirement
289
309
  requirements:
290
310
  - - ! '>='
291
311
  - !ruby/object:Gem::Version
292
312
  version: '0'
313
+ none: false
293
314
  requirements: []
294
315
  rubyforge_project: devise
295
- rubygems_version: 1.8.15
316
+ rubygems_version: 1.8.23
296
317
  signing_key:
297
318
  specification_version: 3
298
319
  summary: Flexible authentication solution for Rails with Warden
@@ -328,6 +349,7 @@ test_files:
328
349
  - test/mailers/reset_password_instructions_test.rb
329
350
  - test/mailers/unlock_instructions_test.rb
330
351
  - test/mapping_test.rb
352
+ - test/models/authenticatable_test.rb
331
353
  - test/models/confirmable_test.rb
332
354
  - test/models/database_authenticatable_test.rb
333
355
  - test/models/encryptable_test.rb