devise 2.1.0 → 2.1.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/CHANGELOG.rdoc +34 -17
- data/Gemfile +1 -1
- data/Gemfile.lock +45 -45
- data/README.md +23 -18
- data/Rakefile +1 -1
- data/app/controllers/devise/omniauth_callbacks_controller.rb +6 -0
- data/app/controllers/devise/passwords_controller.rb +9 -0
- data/app/controllers/devise/sessions_controller.rb +1 -0
- data/app/controllers/devise_controller.rb +16 -5
- data/app/views/devise/confirmations/new.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +1 -1
- data/app/views/devise/passwords/new.html.erb +1 -1
- data/app/views/devise/registrations/edit.html.erb +1 -1
- data/app/views/devise/registrations/new.html.erb +1 -1
- data/app/views/devise/sessions/new.html.erb +1 -1
- data/app/views/devise/unlocks/new.html.erb +1 -1
- data/config/locales/en.yml +1 -0
- data/devise.gemspec +2 -2
- data/lib/devise.rb +5 -1
- data/lib/devise/controllers/helpers.rb +11 -8
- data/lib/devise/hooks/timeoutable.rb +6 -3
- data/lib/devise/models.rb +5 -4
- data/lib/devise/models/authenticatable.rb +49 -12
- data/lib/devise/models/confirmable.rb +2 -2
- data/lib/devise/models/database_authenticatable.rb +1 -1
- data/lib/devise/models/lockable.rb +8 -4
- data/lib/devise/models/recoverable.rb +1 -1
- data/lib/devise/omniauth.rb +1 -1
- data/lib/devise/omniauth/url_helpers.rb +0 -15
- data/lib/devise/rails/routes.rb +59 -25
- data/lib/devise/strategies/authenticatable.rb +16 -5
- data/lib/devise/strategies/base.rb +5 -0
- data/lib/devise/strategies/database_authenticatable.rb +1 -2
- data/lib/devise/strategies/rememberable.rb +5 -3
- data/lib/devise/strategies/token_authenticatable.rb +1 -2
- data/lib/devise/version.rb +1 -1
- data/lib/generators/devise/views_generator.rb +6 -0
- data/lib/generators/mongoid/devise_generator.rb +5 -2
- data/lib/generators/templates/devise.rb +20 -4
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +3 -3
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +3 -3
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +3 -3
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +3 -3
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +3 -3
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +3 -3
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +3 -3
- data/test/controllers/helpers_test.rb +6 -7
- data/test/controllers/sessions_controller_test.rb +22 -15
- data/test/integration/authenticatable_test.rb +109 -63
- data/test/integration/recoverable_test.rb +6 -0
- data/test/integration/timeoutable_test.rb +28 -2
- data/test/models/recoverable_test.rb +3 -3
- data/test/models_test.rb +3 -3
- data/test/omniauth/url_helpers_test.rb +1 -8
- data/test/rails_app/app/controllers/admins_controller.rb +5 -0
- data/test/rails_app/config/routes.rb +11 -1
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +3 -0
- data/test/support/assertions.rb +6 -8
- data/test/support/integration.rb +2 -1
- metadata +14 -19
@@ -126,6 +126,12 @@ class PasswordTest < ActionController::IntegrationTest
|
|
126
126
|
assert warden.authenticated?(:user)
|
127
127
|
end
|
128
128
|
|
129
|
+
test 'not authenticated user without a reset password token should not be able to visit the page' do
|
130
|
+
get edit_user_password_path
|
131
|
+
assert_response :redirect
|
132
|
+
assert_redirected_to "/users/sign_in"
|
133
|
+
end
|
134
|
+
|
129
135
|
test 'not authenticated user with invalid reset password token should not be able to change his password' do
|
130
136
|
user = create_user
|
131
137
|
reset_password :reset_password_token => 'invalid_reset_password'
|
@@ -25,7 +25,7 @@ class SessionTimeoutTest < ActionController::IntegrationTest
|
|
25
25
|
assert_equal old_last_request, last_request_at
|
26
26
|
end
|
27
27
|
|
28
|
-
test 'not time out user session before default limit time' do
|
28
|
+
test 'does not time out user session before default limit time' do
|
29
29
|
sign_in_as_user
|
30
30
|
assert_response :success
|
31
31
|
assert warden.authenticated?(:user)
|
@@ -53,10 +53,36 @@ class SessionTimeoutTest < ActionController::IntegrationTest
|
|
53
53
|
|
54
54
|
assert_response :redirect
|
55
55
|
assert_redirected_to root_path
|
56
|
+
follow_redirect!
|
57
|
+
assert_contain 'Signed out successfully'
|
58
|
+
end
|
59
|
+
|
60
|
+
test 'time out is not triggered on sign in' do
|
61
|
+
user = sign_in_as_user
|
62
|
+
get expire_user_path(user)
|
63
|
+
|
64
|
+
post "/users/sign_in", :email => user.email, :password => "123456"
|
56
65
|
|
66
|
+
assert_response :redirect
|
57
67
|
follow_redirect!
|
68
|
+
assert_contain 'You are signed in'
|
69
|
+
end
|
58
70
|
|
59
|
-
|
71
|
+
test 'admin does not explode on time out' do
|
72
|
+
admin = sign_in_as_admin
|
73
|
+
get expire_admin_path(admin)
|
74
|
+
|
75
|
+
Admin.send :define_method, :reset_authentication_token! do
|
76
|
+
nil
|
77
|
+
end
|
78
|
+
|
79
|
+
begin
|
80
|
+
get admins_path
|
81
|
+
assert_redirected_to admins_path
|
82
|
+
assert_not warden.authenticated?(:admin)
|
83
|
+
ensure
|
84
|
+
Admin.send(:remove_method, :reset_authentication_token!)
|
85
|
+
end
|
60
86
|
end
|
61
87
|
|
62
88
|
test 'user configured timeout limit' do
|
@@ -97,7 +97,7 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
97
97
|
test 'should reset reset_password_token before send the reset instructions email' do
|
98
98
|
user = create_user
|
99
99
|
token = user.reset_password_token
|
100
|
-
|
100
|
+
User.send_reset_password_instructions(:email => user.email)
|
101
101
|
assert_not_equal token, user.reload.reset_password_token
|
102
102
|
end
|
103
103
|
|
@@ -142,7 +142,7 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
142
142
|
old_password = user.password
|
143
143
|
user.send :generate_reset_password_token!
|
144
144
|
|
145
|
-
|
145
|
+
User.reset_password_by_token(
|
146
146
|
:reset_password_token => user.reset_password_token,
|
147
147
|
:password => 'new_password',
|
148
148
|
:password_confirmation => 'new_password'
|
@@ -202,4 +202,4 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
202
202
|
:reset_password_token
|
203
203
|
]
|
204
204
|
end
|
205
|
-
end
|
205
|
+
end
|
data/test/models_test.rb
CHANGED
@@ -25,7 +25,7 @@ end
|
|
25
25
|
class ActiveRecordTest < ActiveSupport::TestCase
|
26
26
|
def include_module?(klass, mod)
|
27
27
|
klass.devise_modules.include?(mod) &&
|
28
|
-
|
28
|
+
klass.included_modules.include?(Devise::Models::const_get(mod.to_s.classify))
|
29
29
|
end
|
30
30
|
|
31
31
|
def assert_include_modules(klass, *modules)
|
@@ -153,13 +153,13 @@ class CheckFieldsTest < ActiveSupport::TestCase
|
|
153
153
|
devise :database_authenticatable
|
154
154
|
end
|
155
155
|
|
156
|
-
|
156
|
+
assert_raise_with_message Devise::Models::MissingAttribute, "The following attribute(s) is (are) missing on your model: encrypted_password, email" do
|
157
157
|
Devise::Models.check_fields!(Magician)
|
158
158
|
end
|
159
159
|
end
|
160
160
|
|
161
161
|
test "doesn't raise a NoMethodError exception when the module doesn't have a required_field(klass) class method" do
|
162
|
-
|
162
|
+
driver = Class.new do
|
163
163
|
extend Devise::Models
|
164
164
|
|
165
165
|
def self.before_validation(instance)
|
@@ -30,7 +30,7 @@ class OmniAuthRoutesTest < ActionController::TestCase
|
|
30
30
|
test 'should generate authorization path' do
|
31
31
|
assert_match "/users/auth/facebook", @controller.omniauth_authorize_path(:user, :facebook)
|
32
32
|
|
33
|
-
assert_raise
|
33
|
+
assert_raise ActionController::RoutingError do
|
34
34
|
@controller.omniauth_authorize_path(:user, :github)
|
35
35
|
end
|
36
36
|
end
|
@@ -48,11 +48,4 @@ class OmniAuthRoutesTest < ActionController::TestCase
|
|
48
48
|
assert_equal "/users/auth/openid",
|
49
49
|
@controller.omniauth_authorize_path(:user, :openid)
|
50
50
|
end
|
51
|
-
|
52
|
-
test 'should set script name in the path if present' do
|
53
|
-
@request.env['SCRIPT_NAME'] = '/q'
|
54
|
-
|
55
|
-
assert_equal "/q/users/auth/facebook",
|
56
|
-
@controller.omniauth_authorize_path(:user, :facebook)
|
57
|
-
end
|
58
51
|
end
|
@@ -9,7 +9,9 @@ Rails.application.routes.draw do
|
|
9
9
|
end
|
10
10
|
end
|
11
11
|
|
12
|
-
resources :admins, :only => [:index]
|
12
|
+
resources :admins, :only => [:index] do
|
13
|
+
get :expire, :on => :member
|
14
|
+
end
|
13
15
|
|
14
16
|
# Users scope
|
15
17
|
devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
|
@@ -30,10 +32,18 @@ Rails.application.routes.draw do
|
|
30
32
|
match "/private", :to => "home#private", :as => :private
|
31
33
|
end
|
32
34
|
|
35
|
+
authenticate(:admin, lambda { |admin| admin.active? }) do
|
36
|
+
match "/private/active", :to => "home#private", :as => :private_active
|
37
|
+
end
|
38
|
+
|
33
39
|
authenticated :admin do
|
34
40
|
match "/dashboard", :to => "home#admin_dashboard"
|
35
41
|
end
|
36
42
|
|
43
|
+
authenticated :admin, lambda { |admin| admin.active? } do
|
44
|
+
match "/dashboard/active", :to => "home#admin_dashboard"
|
45
|
+
end
|
46
|
+
|
37
47
|
authenticated do
|
38
48
|
match "/dashboard", :to => "home#user_dashboard"
|
39
49
|
end
|
data/test/support/assertions.rb
CHANGED
@@ -15,14 +15,14 @@ class ActiveSupport::TestCase
|
|
15
15
|
alias :assert_present :assert_not_blank
|
16
16
|
|
17
17
|
def assert_email_sent(address = nil, &block)
|
18
|
-
assert_difference('ActionMailer::Base.deliveries.size')
|
18
|
+
assert_difference('ActionMailer::Base.deliveries.size', &block)
|
19
19
|
if address.present?
|
20
20
|
assert_equal address, ActionMailer::Base.deliveries.last['to'].to_s
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
24
|
def assert_email_not_sent(&block)
|
25
|
-
assert_no_difference('ActionMailer::Base.deliveries.size')
|
25
|
+
assert_no_difference('ActionMailer::Base.deliveries.size', &block)
|
26
26
|
end
|
27
27
|
|
28
28
|
def assert_same_content(result, expected)
|
@@ -32,11 +32,9 @@ class ActiveSupport::TestCase
|
|
32
32
|
end
|
33
33
|
end
|
34
34
|
|
35
|
-
def assert_raise_with_message(exception_klass, message)
|
36
|
-
exception = assert_raise exception_klass
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
assert_equal exception.message, message, "The expected message was #{message} but your exception throwed #{exception.message}"
|
35
|
+
def assert_raise_with_message(exception_klass, message, &block)
|
36
|
+
exception = assert_raise exception_klass, &block
|
37
|
+
assert_equal exception.message, message,
|
38
|
+
"The expected message was #{message} but your exception throwed #{exception.message}"
|
41
39
|
end
|
42
40
|
end
|
data/test/support/integration.rb
CHANGED
@@ -24,7 +24,8 @@ class ActionDispatch::IntegrationTest
|
|
24
24
|
@admin ||= begin
|
25
25
|
admin = Admin.create!(
|
26
26
|
:email => options[:email] || 'admin@test.com',
|
27
|
-
:password => '123456', :password_confirmation => '123456'
|
27
|
+
:password => '123456', :password_confirmation => '123456',
|
28
|
+
:active => options[:active]
|
28
29
|
)
|
29
30
|
admin.confirm! unless options[:confirm] == false
|
30
31
|
admin
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.1.
|
4
|
+
version: 2.1.2
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,33 +10,33 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2012-
|
13
|
+
date: 2012-06-19 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: warden
|
17
|
-
requirement: &
|
17
|
+
requirement: &2157810840 !ruby/object:Gem::Requirement
|
18
18
|
none: false
|
19
19
|
requirements:
|
20
20
|
- - ~>
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 1.
|
22
|
+
version: 1.2.1
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
|
-
version_requirements: *
|
25
|
+
version_requirements: *2157810840
|
26
26
|
- !ruby/object:Gem::Dependency
|
27
27
|
name: orm_adapter
|
28
|
-
requirement: &
|
28
|
+
requirement: &2157810340 !ruby/object:Gem::Requirement
|
29
29
|
none: false
|
30
30
|
requirements:
|
31
31
|
- - ~>
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.
|
33
|
+
version: '0.1'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
|
-
version_requirements: *
|
36
|
+
version_requirements: *2157810340
|
37
37
|
- !ruby/object:Gem::Dependency
|
38
38
|
name: bcrypt-ruby
|
39
|
-
requirement: &
|
39
|
+
requirement: &2157809880 !ruby/object:Gem::Requirement
|
40
40
|
none: false
|
41
41
|
requirements:
|
42
42
|
- - ~>
|
@@ -44,10 +44,10 @@ dependencies:
|
|
44
44
|
version: '3.0'
|
45
45
|
type: :runtime
|
46
46
|
prerelease: false
|
47
|
-
version_requirements: *
|
47
|
+
version_requirements: *2157809880
|
48
48
|
- !ruby/object:Gem::Dependency
|
49
49
|
name: railties
|
50
|
-
requirement: &
|
50
|
+
requirement: &2157809420 !ruby/object:Gem::Requirement
|
51
51
|
none: false
|
52
52
|
requirements:
|
53
53
|
- - ~>
|
@@ -55,7 +55,7 @@ dependencies:
|
|
55
55
|
version: '3.1'
|
56
56
|
type: :runtime
|
57
57
|
prerelease: false
|
58
|
-
version_requirements: *
|
58
|
+
version_requirements: *2157809420
|
59
59
|
description: Flexible authentication solution for Rails with Warden
|
60
60
|
email: contact@plataformatec.com.br
|
61
61
|
executables: []
|
@@ -279,21 +279,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
279
279
|
- - ! '>='
|
280
280
|
- !ruby/object:Gem::Version
|
281
281
|
version: '0'
|
282
|
-
segments:
|
283
|
-
- 0
|
284
|
-
hash: 2729560930850104924
|
285
282
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
286
283
|
none: false
|
287
284
|
requirements:
|
288
285
|
- - ! '>='
|
289
286
|
- !ruby/object:Gem::Version
|
290
287
|
version: '0'
|
291
|
-
segments:
|
292
|
-
- 0
|
293
|
-
hash: 2729560930850104924
|
294
288
|
requirements: []
|
295
289
|
rubyforge_project: devise
|
296
|
-
rubygems_version: 1.8.
|
290
|
+
rubygems_version: 1.8.15
|
297
291
|
signing_key:
|
298
292
|
specification_version: 3
|
299
293
|
summary: Flexible authentication solution for Rails with Warden
|
@@ -405,3 +399,4 @@ test_files:
|
|
405
399
|
- test/support/webrat/integrations/rails.rb
|
406
400
|
- test/test_helper.rb
|
407
401
|
- test/test_helpers_test.rb
|
402
|
+
has_rdoc:
|